diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2020-11-21 21:03:43 +0100 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2020-11-22 23:04:43 +0100 |
| commit | a5d4d3d4ccd7283f0df6368711317e2f7b7b9b95 (patch) | |
| tree | 234643e789e440c9e0a989b41301873cbf30f8f9 /lib/public/IRequest.php | |
| parent | 9a0428835f54550d27217f9a9b60d105c436c8b6 (diff) | |
| download | nextcloud-server-a5d4d3d4ccd7283f0df6368711317e2f7b7b9b95.tar.gz nextcloud-server-a5d4d3d4ccd7283f0df6368711317e2f7b7b9b95.zip | |
Add IRequest taint sources
Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
Diffstat (limited to 'lib/public/IRequest.php')
| -rw-r--r-- | lib/public/IRequest.php | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/lib/public/IRequest.php b/lib/public/IRequest.php index ee041864899..583e8d58180 100644 --- a/lib/public/IRequest.php +++ b/lib/public/IRequest.php @@ -107,6 +107,8 @@ interface IRequest { /** * @param string $name * + * @psalm-taint-source input + * * @return string * @since 6.0.0 */ @@ -116,6 +118,8 @@ interface IRequest { * Lets you access post and get parameters by the index * In case of json requests the encoded json body is accessed * + * @psalm-taint-source input + * * @param string $key the key which you want to access in the URL Parameter * placeholder, $_POST or $_GET array. * The priority how they're returned is the following: @@ -134,6 +138,8 @@ interface IRequest { * * (as GET or POST) or through the URL by the route * + * @psalm-taint-source input + * * @return array the array with all parameters * @since 6.0.0 */ @@ -170,6 +176,8 @@ interface IRequest { /** * Shortcut for getting cookie variables * + * @psalm-taint-source input + * * @param string $key the key that will be taken from the $_COOKIE array * @return string|null the value in the $_COOKIE element * @since 6.0.0 @@ -244,6 +252,8 @@ interface IRequest { * Returns the request uri, even if the website uses one or more * reverse proxies * + * @psalm-taint-source input + * * @return string * @since 8.1.0 */ @@ -252,6 +262,8 @@ interface IRequest { /** * Get raw PathInfo from request (not urldecoded) * + * @psalm-taint-source input + * * @throws \Exception * @return string Path info * @since 8.1.0 @@ -261,6 +273,8 @@ interface IRequest { /** * Get PathInfo from request * + * @psalm-taint-source input + * * @throws \Exception * @return string|false Path info or false when not found * @since 8.1.0 @@ -289,6 +303,8 @@ interface IRequest { * Returns the unverified server host from the headers without checking * whether it is a trusted domain * + * @psalm-taint-source input + * * @return string Server host * @since 8.1.0 */ |