aboutsummaryrefslogtreecommitdiffstats
path: root/lib/private/Http
Commit message (Collapse)AuthorAgeFilesLines
* fix: remove superflous linegeorglauterbach2024-11-091-1/+0
| | | | Signed-off-by: georglauterbach <44545919+georglauterbach@users.noreply.github.com>
* fix: do not query CNAME if A succeeded alreadygeorglauterbach2024-11-061-1/+5
| | | | Signed-off-by: georglauterbach <44545919+georglauterbach@users.noreply.github.com>
* feat(http-client): expose default request timeout constant to be used ↵add-default-request-timeout-constThomas Citharel2024-10-111-1/+1
| | | | | | | | | | instead of magic number 30 Will be used to set default where we are able to override the default timeout. See https://github.com/nextcloud/server/pull/48418 Signed-off-by: Thomas Citharel <tcit@tcit.fr>
* chore: always execute parse_url in preventLocalAddressbug/noid/federated-addressbook-sync-without-localaddressallowedDaniel Kesselberg2024-10-011-4/+5
| | | | | | This change should make it easier to spot wrong uses of the HTTP client on development setups where allow_local_remote_servers is usually true. Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* chore(deps): Update nextcloud/coding-standard to v1.3.1provokateurin2024-09-192-5/+5
| | | | Signed-off-by: provokateurin <kate@provokateurin.de>
* style: update codestyle for coding-standard 1.2.3Daniel Kesselberg2024-08-255-291/+291
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* chore: Add SPDX headerAndy Scherzinger2024-05-248-166/+19
| | | | Signed-off-by: Andy Scherzinger <info@andy-scherzinger.de>
* fix(dns): detect disabled IPv6 support in DNS pinningBenjamin Gaussorgues2024-03-261-1/+3
| | | | Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* Merge pull request #43446 from ↵John Molakvoæ2024-03-161-0/+35
|\ | | | | | | jithin-space/add-patch-request-to-http-client-interface
| * added patch methodjithin-space2024-02-081-0/+35
| | | | | | | | Signed-off-by: jithin-space <jithin.thankachan@gpsrenewables.com>
* | fix: Swap method and uri parameter in request to match upstream orderCôme Chilliet2024-03-071-2/+2
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | feat(IClient): Add `request` function to do arbitrary HTTP requestsFerdinand Thiessen2024-03-071-0/+37
| | | | | | | | Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
* | fix(federation): Allow cloud federation providers to handle unsuccessful ↵Joas Schilling2024-02-281-0/+16
| | | | | | | | | | | | | | | | return codes Otherwise they are put to retry and will immediately trigger bruteforce protection infinitely Signed-off-by: Joas Schilling <coding@schilljs.com>
* | Include `hostName:$port` for Host access violation message as wellRobin Kluth2024-02-241-1/+1
| | | | | | Signed-off-by: Robin Kluth <Commifreak@users.noreply.github.com>
* | Log Host/IP in `LocalServerException` for `Host violates local access rules`Robin Kluth2024-02-241-1/+1
| | | | | | Signed-off-by: Robin Kluth <Commifreak@users.noreply.github.com>
* | Log Host/IP in `LocalServerException` for `Host violates local access rules`Robin Kluth2024-02-241-1/+1
|/ | | Signed-off-by: Robin Kluth <Commifreak@users.noreply.github.com>
* chore: apply changes from Nextcloud coding standards 1.1.1Joas Schilling2023-11-232-9/+9
| | | | | Signed-off-by: Joas Schilling <coding@schilljs.com> Signed-off-by: Benjamin Gaussorgues <benjamin.gaussorgues@nextcloud.com>
* test: add tests for dns pin middlewareDaniel Kesselberg2023-09-121-2/+9
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* enh: skip processing for empty responseDaniel Kesselberg2023-09-041-0/+4
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* feat: add switch to disable dns pinningDaniel Kesselberg2023-08-291-2/+4
| | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* feat(HTTPClient): Provide wrapped access to Guzzle's asyncRequest()Joas Schilling2023-06-273-8/+365
| | | | Signed-off-by: Joas Schilling <coding@schilljs.com>
* log performance events for http requestsRobin Appelman2023-04-281-4/+17
| | | | Signed-off-by: Robin Appelman <robin@icewind.nl>
* Use typed version of IConfig::getSystemValue as much as possibleCôme Chilliet2023-04-051-5/+5
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* composer run cs:fixCôme Chilliet2023-01-201-1/+0
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Fix DNS Pin Middleware throwing for public IPsChristoph Wurst2022-11-081-1/+1
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Add remote host validation APIChristoph Wurst2022-10-314-117/+27
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Rename LocalAddressChecker methods to lower caseChristoph Wurst2022-10-273-5/+5
| | | | Signed-off-by: Christoph Wurst <christoph@winzerhof-wurst.at>
* Revert "fix external storages access"Simon L2022-10-231-1/+3
| | | | Signed-off-by: szaimen <szaimen@e.mail.de>
* Merge pull request #33087 from nextcloud/fix/30282/external-storagesJohn Molakvoæ2022-10-231-3/+1
|\ | | | | fix external storages access
| * fix external storages accessszaimen2022-07-011-3/+1
| | | | | | | | Signed-off-by: szaimen <szaimen@e.mail.de>
* | Fix tests for nested v4 in v6Côme Chilliet2022-09-201-14/+6
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Use new dependency to normalize IPsCôme Chilliet2022-09-201-0/+13
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Add missing urldecode and idn_to_utf8 calls to local address checkerCôme Chilliet2022-09-202-2/+2
| | | | | | | | | | | | The call to idn_to_utf8 call is actually to apply normalization Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Fix typos in lib/private subdirectoryluz paz2022-07-271-1/+1
| | | | | | | | | | | | Found via `codespell -q 3 -S l10n -L jus ./lib/private` Signed-off-by: luz paz <luzpaz@github.com>
* | Use Symfony IpUtils to check for local IP rangesCôme Chilliet2022-07-121-3/+7
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Check for local IPs nested in IPv6 as wellCôme Chilliet2022-07-121-1/+3
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Refactor local IP if and set strict to true for in_arrayCôme Chilliet2022-07-121-6/+6
| | | | | | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* | Improve local IP detectionCôme Chilliet2022-07-121-0/+6
|/ | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Improve local domain detectionCôme Chilliet2022-06-231-2/+4
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Migrate from ILogger to LoggerInterface in lib/privateCôme Chilliet2022-03-243-15/+3
| | | | Signed-off-by: Côme Chilliet <come.chilliet@nextcloud.com>
* Send images to imaginary docker to generate previewsVincent Petry2022-03-171-1/+2
| | | | | Signed-off-by: Carl Schwan <carl@carlschwan.eu> Co-Authored-by: Vincent Petry <vincent@nextcloud.com>
* Check for !== false instead Lukas Reschke2021-07-121-1/+1
| | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Check if dns_get_record returns non-falseLukas Reschke2021-07-121-1/+1
| | | | | | | `dns_get_record` can return false which results in exceptions such as the ones shown in https://github.com/nextcloud/server/issues/27870. Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
* Fixes recursion count incrementationSanpi2021-07-071-1/+1
| | | | Signed-off-by: Sanpi <sanpi@homecomputing.fr>
* Merge pull request #27801 from nextcloud/enh/noid/hardening-dns-pin-middlewarekesselb2021-07-061-13/+28
|\ | | | | Ignore subdomain for soa queries
| * Ignore subdomain for soa queriesDaniel Kesselberg2021-07-051-13/+28
| | | | | | | | Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
* | Fix DnsPinMiddleware resolve pinning bugAaron Ball2021-07-021-5/+12
|/ | | | | | | | | | | | | | | | | | | | | | | | | | Libcurl expects the value of the CURLOPT_RESOLVE configurations to be an array of strings, those strings containing a comma delimited list of resolved IPs for each host:port combination. The original code here does create that array with the host:port:ip combination, but multiple ips for a single host:port result in additional array entries, rather than adding them to the end of the string with a comma. Per the libcurl docs, the `CURLOPT_RESOLVE` array entries should match the syntax `host:port:address[,address]`. This creates a function-scoped associative array which uses `host:port` as the key (which are supposed to be unique and this ensures that), and the value is an array containing IP strings (ipv4 or ipv6). Once the associative array is populated, it is then set to the CURLOPT_RESOLVE array, imploding the ip arrays using a comma delimiter so the array syntax matches the expected by libcurl. Note that this reorders the "foreach ip" and "foreach port" loops. Rather than looping over ips then ports, we now loop over ports then ips, since ports are part of the unique host:port map, and multiple ips can exist therein. Signed-off-by: Aaron Ball <nullspoon@oper.io>
* Update php licensesJohn Molakvoæ (skjnldsv)2021-06-048-13/+7
| | | | Signed-off-by: John Molakvoæ (skjnldsv) <skjnldsv@protonmail.com>
* ensure redis returns bool for hasKeyArthur Schiwon2021-04-131-1/+1
| | | | Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
* Strictify null checkLukas Reschke2021-04-061-2/+3
| | | | Signed-off-by: Lukas Reschke <lukas@statuscode.ch>
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-22 06:54:53 +0000