Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[5.8] Set a message for SuspiciousOperationException #29000

Merged
merged 3 commits into from Jun 30, 2019

Conversation

Projects
None yet
4 participants
@GrahamCampbell
Copy link
Member

commented Jun 30, 2019

Having now had the time to look at the Symfony code, this exception arises when the host name is invalid or not trusted. Thus, we should set a friendly message to that effect.

GrahamCampbell and others added some commits Jun 30, 2019

@taylorotwell taylorotwell merged commit b68ba23 into 5.8 Jun 30, 2019

2 of 4 checks passed

continuous-integration/travis-ci/pr The Travis CI build is in progress
Details
continuous-integration/travis-ci/push The Travis CI build is in progress
Details
continuous-integration/styleci/pr The analysis has passed
Details
continuous-integration/styleci/push The analysis has passed
Details

@GrahamCampbell GrahamCampbell deleted the ex-message branch Jun 30, 2019

@SjorsO

This comment has been minimized.

Copy link
Contributor

commented Jul 1, 2019

@GrahamCampbell This exception is also thrown when a request tries to override the http method with an invalid value, see this line

When i saw this error in my logs it was because the request was using "__CONSTRUCT" as the http method.

@lilisgeorge

This comment has been minimized.

Copy link

commented Jul 4, 2019

@SjorsO . I am also receiving such a message on a daily basis, but can't figure out the source of the problem. All it says is Invalid method override "__CONSTRUCT". in Request.php. Have you found the cause to this error?

@SjorsO

This comment has been minimized.

Copy link
Contributor

commented Jul 4, 2019

@lilisgeorge They are requests made by bots that are looking for vulnerabilities. If you upgrade to the latest version of Laravel these exceptions won't show in your logs anymore, see this pr: #28866

@lilisgeorge

This comment has been minimized.

Copy link

commented Jul 4, 2019

@SjorsO. Thanks for the explanation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.