diff options
Diffstat (limited to 'lib/private/Http/Client/Client.php')
| -rw-r--r-- | lib/private/Http/Client/Client.php | 587 |
1 files changed, 294 insertions, 293 deletions
diff --git a/lib/private/Http/Client/Client.php b/lib/private/Http/Client/Client.php index 7cadf3fdf6e..553a8921a80 100644 --- a/lib/private/Http/Client/Client.php +++ b/lib/private/Http/Client/Client.php @@ -53,7 +53,7 @@ class Client implements IClient { $defaults = [ RequestOptions::VERIFY => $this->getCertBundle(), - RequestOptions::TIMEOUT => 30, + RequestOptions::TIMEOUT => IClient::DEFAULT_REQUEST_TIMEOUT, ]; $options['nextcloud']['allow_local_address'] = $this->isLocalAddressAllowed($options); @@ -61,7 +61,7 @@ class Client implements IClient { $onRedirectFunction = function ( \Psr\Http\Message\RequestInterface $request, \Psr\Http\Message\ResponseInterface $response, - \Psr\Http\Message\UriInterface $uri + \Psr\Http\Message\UriInterface $uri, ) use ($options) { $this->preventLocalAddress($uri->__toString(), $options); }; @@ -149,8 +149,8 @@ class Client implements IClient { } private function isLocalAddressAllowed(array $options) : bool { - if (($options['nextcloud']['allow_local_address'] ?? false) || - $this->config->getSystemValueBool('allow_local_remote_servers', false)) { + if (($options['nextcloud']['allow_local_address'] ?? false) + || $this->config->getSystemValueBool('allow_local_remote_servers', false)) { return true; } @@ -158,16 +158,17 @@ class Client implements IClient { } protected function preventLocalAddress(string $uri, array $options): void { - if ($this->isLocalAddressAllowed($options)) { - return; - } - $host = parse_url($uri, PHP_URL_HOST); if ($host === false || $host === null) { throw new LocalServerException('Could not detect any host'); } + + if ($this->isLocalAddressAllowed($options)) { + return; + } + if (!$this->remoteHostValidator->isValid($host)) { - throw new LocalServerException('Host "'.$host.'" violates local access rules'); + throw new LocalServerException('Host "' . $host . '" violates local access rules'); } } @@ -176,27 +177,27 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'query' => [ - * 'field' => 'abc', - * 'other_field' => '123', - * 'file_name' => fopen('/path/to/file', 'r'), - * ], - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'query' => [ + * 'field' => 'abc', + * 'other_field' => '123', + * 'file_name' => fopen('/path/to/file', 'r'), + * ], + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IResponse * @throws \Exception If the request could not get completed */ @@ -212,22 +213,22 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IResponse * @throws \Exception If the request could not get completed */ @@ -242,27 +243,27 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'body' => [ - * 'field' => 'abc', - * 'other_field' => '123', - * 'file_name' => fopen('/path/to/file', 'r'), - * ], - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'body' => [ + * 'field' => 'abc', + * 'other_field' => '123', + * 'file_name' => fopen('/path/to/file', 'r'), + * ], + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IResponse * @throws \Exception If the request could not get completed */ @@ -283,27 +284,27 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'body' => [ - * 'field' => 'abc', - * 'other_field' => '123', - * 'file_name' => fopen('/path/to/file', 'r'), - * ], - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'body' => [ + * 'field' => 'abc', + * 'other_field' => '123', + * 'file_name' => fopen('/path/to/file', 'r'), + * ], + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IResponse * @throws \Exception If the request could not get completed */ @@ -318,27 +319,27 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'body' => [ - * 'field' => 'abc', - * 'other_field' => '123', - * 'file_name' => fopen('/path/to/file', 'r'), - * ], - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'body' => [ + * 'field' => 'abc', + * 'other_field' => '123', + * 'file_name' => fopen('/path/to/file', 'r'), + * ], + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IResponse * @throws \Exception If the request could not get completed */ @@ -353,27 +354,27 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'body' => [ - * 'field' => 'abc', - * 'other_field' => '123', - * 'file_name' => fopen('/path/to/file', 'r'), - * ], - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'body' => [ + * 'field' => 'abc', + * 'other_field' => '123', + * 'file_name' => fopen('/path/to/file', 'r'), + * ], + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IResponse * @throws \Exception If the request could not get completed */ @@ -388,27 +389,27 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'body' => [ - * 'field' => 'abc', - * 'other_field' => '123', - * 'file_name' => fopen('/path/to/file', 'r'), - * ], - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'body' => [ + * 'field' => 'abc', + * 'other_field' => '123', + * 'file_name' => fopen('/path/to/file', 'r'), + * ], + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IResponse * @throws \Exception If the request could not get completed */ @@ -440,27 +441,27 @@ class Client implements IClient { * @param string $method The HTTP method to use * @param string $uri * @param array $options Array such as - * 'query' => [ - * 'field' => 'abc', - * 'other_field' => '123', - * 'file_name' => fopen('/path/to/file', 'r'), - * ], - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'query' => [ + * 'field' => 'abc', + * 'other_field' => '123', + * 'file_name' => fopen('/path/to/file', 'r'), + * ], + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IResponse * @throws \Exception If the request could not get completed */ @@ -483,27 +484,27 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'query' => [ - * 'field' => 'abc', - * 'other_field' => '123', - * 'file_name' => fopen('/path/to/file', 'r'), - * ], - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'query' => [ + * 'field' => 'abc', + * 'other_field' => '123', + * 'file_name' => fopen('/path/to/file', 'r'), + * ], + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IPromise */ public function getAsync(string $uri, array $options = []): IPromise { @@ -517,22 +518,22 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IPromise */ public function headAsync(string $uri, array $options = []): IPromise { @@ -546,27 +547,27 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'body' => [ - * 'field' => 'abc', - * 'other_field' => '123', - * 'file_name' => fopen('/path/to/file', 'r'), - * ], - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'body' => [ + * 'field' => 'abc', + * 'other_field' => '123', + * 'file_name' => fopen('/path/to/file', 'r'), + * ], + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IPromise */ public function postAsync(string $uri, array $options = []): IPromise { @@ -585,27 +586,27 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'body' => [ - * 'field' => 'abc', - * 'other_field' => '123', - * 'file_name' => fopen('/path/to/file', 'r'), - * ], - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'body' => [ + * 'field' => 'abc', + * 'other_field' => '123', + * 'file_name' => fopen('/path/to/file', 'r'), + * ], + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IPromise */ public function putAsync(string $uri, array $options = []): IPromise { @@ -619,27 +620,27 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'body' => [ - * 'field' => 'abc', - * 'other_field' => '123', - * 'file_name' => fopen('/path/to/file', 'r'), - * ], - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'body' => [ + * 'field' => 'abc', + * 'other_field' => '123', + * 'file_name' => fopen('/path/to/file', 'r'), + * ], + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IPromise */ public function deleteAsync(string $uri, array $options = []): IPromise { @@ -653,27 +654,27 @@ class Client implements IClient { * * @param string $uri * @param array $options Array such as - * 'body' => [ - * 'field' => 'abc', - * 'other_field' => '123', - * 'file_name' => fopen('/path/to/file', 'r'), - * ], - * 'headers' => [ - * 'foo' => 'bar', - * ], - * 'cookies' => [ - * 'foo' => 'bar', - * ], - * 'allow_redirects' => [ - * 'max' => 10, // allow at most 10 redirects. - * 'strict' => true, // use "strict" RFC compliant redirects. - * 'referer' => true, // add a Referer header - * 'protocols' => ['https'] // only allow https URLs - * ], - * 'sink' => '/path/to/file', // save to a file or a stream - * 'verify' => true, // bool or string to CA file - * 'debug' => true, - * 'timeout' => 5, + * 'body' => [ + * 'field' => 'abc', + * 'other_field' => '123', + * 'file_name' => fopen('/path/to/file', 'r'), + * ], + * 'headers' => [ + * 'foo' => 'bar', + * ], + * 'cookies' => [ + * 'foo' => 'bar', + * ], + * 'allow_redirects' => [ + * 'max' => 10, // allow at most 10 redirects. + * 'strict' => true, // use "strict" RFC compliant redirects. + * 'referer' => true, // add a Referer header + * 'protocols' => ['https'] // only allow https URLs + * ], + * 'sink' => '/path/to/file', // save to a file or a stream + * 'verify' => true, // bool or string to CA file + * 'debug' => true, + * 'timeout' => 5, * @return IPromise */ public function optionsAsync(string $uri, array $options = []): IPromise { |