bug #19217 [HttpKernel] Inline ValidateRequestListener logic into Htt…

…pKernel (nicolas-grekas)

This PR was merged into the 2.7 branch.

Discussion
----------

[HttpKernel] Inline ValidateRequestListener logic into HttpKernel

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #18688 #19216
| License       | MIT
| Doc PR        | -

I propose to inline the listener introduced in #18688 into HttpKernel.

Commits
-------

9d3ae85 [HttpKernel] Inline ValidateRequestListener logic into HttpKernel

src/Symfony/Bundle/FrameworkBundle/Resources/config/web.xml

@@ -46,9 +46,5 @@
             <argument type="service" id="request_stack" />
             <tag name="kernel.event_subscriber" />
         </service>
-
-        <service id="validate_request_listener" class="Symfony\Component\HttpKernel\EventListener\ValidateRequestListener">
-            <tag name="kernel.event_subscriber" />
-        </service>
     </services>
 </container>

src/Symfony/Bundle/FrameworkBundle/composer.json

@@ -23,7 +23,7 @@
         "symfony/event-dispatcher": "~2.5",
         "symfony/finder": "~2.0,>=2.0.5",
         "symfony/http-foundation": "~2.4.9|~2.5,>=2.5.4",
-        "symfony/http-kernel": "~2.7,>=2.7.15",
+        "symfony/http-kernel": "~2.7",
         "symfony/filesystem": "~2.3",
         "symfony/routing": "~2.6,>2.6.4",
         "symfony/security-core": "~2.6.13|~2.7.9|~2.8",

src/Symfony/Component/HttpKernel/HttpKernel.php

@@ -12,6 +12,7 @@
 namespace Symfony\Component\HttpKernel;
 
 use Symfony\Component\HttpKernel\Controller\ControllerResolverInterface;
+use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
 use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
 use Symfony\Component\HttpKernel\Exception\HttpExceptionInterface;
 use Symfony\Component\HttpKernel\Event\FilterControllerEvent;
@@ -21,6 +22,7 @@
 use Symfony\Component\HttpKernel\Event\GetResponseForControllerResultEvent;
 use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent;
 use Symfony\Component\HttpKernel\Event\PostResponseEvent;
+use Symfony\Component\HttpFoundation\Exception\ConflictingHeadersException;
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\RequestStack;
 use Symfony\Component\HttpFoundation\Response;
@@ -113,6 +115,13 @@ public function terminateWithException(\Exception $exception)
      */
     private function handleRaw(Request $request, $type = self::MASTER_REQUEST)
     {
+        if (self::MASTER_REQUEST === $type && $request::getTrustedProxies()) {
+            try {
+                $request->getClientIps();
+            } catch (ConflictingHeadersException $e) {
+                throw new BadRequestHttpException('The request headers contain conflicting information regarding the origin of this request.', $e);
+            }
+        }
         $this->requestStack->push($request);
 
         // request

src/Symfony/Component/HttpKernel/Tests/HttpKernelTest.php

@@ -271,6 +271,33 @@ public function testVerifyRequestStackPushPopDuringHandle()
         $kernel->handle($request, HttpKernelInterface::MASTER_REQUEST);
     }
 
+    /**
+     * @expectedException Symfony\Component\HttpKernel\Exception\BadRequestHttpException
+     */
+    public function testInconsistentClientIpsOnMasterRequests()
+    {
+        $kernel = new HttpKernel(new EventDispatcher(), $this->getResolver());
+        $request = new Request();
+        $request->setTrustedProxies(array('1.1.1.1'));
+        $request->server->set('REMOTE_ADDR', '1.1.1.1');
+        $request->headers->set('FORWARDED', '2.2.2.2');
+        $request->headers->set('X_FORWARDED_FOR', '3.3.3.3');
+
+        $kernel->handle($request, $kernel::MASTER_REQUEST, false);
+    }
+
+    public function testInconsistentClientIpsOnSubRequests()
+    {
+        $kernel = new HttpKernel(new EventDispatcher(), $this->getResolver());
+        $request = new Request();
+        $request->setTrustedProxies(array('1.1.1.1'));
+        $request->server->set('REMOTE_ADDR', '1.1.1.1');
+        $request->headers->set('FORWARDED', '2.2.2.2');
+        $request->headers->set('X_FORWARDED_FOR', '3.3.3.3');
+
+        $this->assertInstanceOf('Symfony\Component\HttpFoundation\Response', $kernel->handle($request, $kernel::SUB_REQUEST, false));
+    }
+
     protected function getResolver($controller = null)
     {
         if (null === $controller) {

src/Symfony/Component/HttpKernel/composer.json

@@ -18,7 +18,7 @@
     "require": {
         "php": ">=5.3.9",
         "symfony/event-dispatcher": "~2.6,>=2.6.7",
-        "symfony/http-foundation": "~2.7,>=2.7.15",
+        "symfony/http-foundation": "~2.7.15|~2.8.8",
         "symfony/debug": "~2.6,>=2.6.2",
         "psr/log": "~1.0"
     },