Skip to content

Commit

Permalink
[HttpFoundation] Remove support for legacy and risky HTTP headers
Browse files Browse the repository at this point in the history
  • Loading branch information
@nicolas-grekas
nicolas-grekas committed Jul 31, 2018
1 parent 091f9ff commit e447e8b
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 56 deletions.
6 changes: 6 additions & 0 deletions src/Symfony/Component/HttpFoundation/CHANGELOG.md
View file
Original file line number Original file line Diff line number Diff line change
@@ -1,6 +1,12 @@
CHANGELOG CHANGELOG
========= =========


2.8.44
------

* [BC BREAK] Support for the IIS-only `X_ORIGINAL_URL` and `X_REWRITE_URL`
HTTP headers has been dropped for security reasons.

2.8.0 2.8.0
----- -----


Expand Down
13 changes: 1 addition & 12 deletions src/Symfony/Component/HttpFoundation/Request.php
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -1691,18 +1691,7 @@ protected function prepareRequestUri()
{ {
$requestUri = ''; $requestUri = '';


if ($this->headers->has('X_ORIGINAL_URL')) { if ('1' == $this->server->get('IIS_WasUrlRewritten') && '' != $this->server->get('UNENCODED_URL')) {
// IIS with Microsoft Rewrite Module
$requestUri = $this->headers->get('X_ORIGINAL_URL');
$this->headers->remove('X_ORIGINAL_URL');
$this->server->remove('HTTP_X_ORIGINAL_URL');
$this->server->remove('UNENCODED_URL');
$this->server->remove('IIS_WasUrlRewritten');
} elseif ($this->headers->has('X_REWRITE_URL')) {
// IIS with ISAPI_Rewrite
$requestUri = $this->headers->get('X_REWRITE_URL');
$this->headers->remove('X_REWRITE_URL');
} elseif ('1' == $this->server->get('IIS_WasUrlRewritten') && '' != $this->server->get('UNENCODED_URL')) {
// IIS7 with URL Rewrite: make sure we get the unencoded URL (double slash problem) // IIS7 with URL Rewrite: make sure we get the unencoded URL (double slash problem)
$requestUri = $this->server->get('UNENCODED_URL'); $requestUri = $this->server->get('UNENCODED_URL');
$this->server->remove('UNENCODED_URL'); $this->server->remove('UNENCODED_URL');
Expand Down
44 changes: 0 additions & 44 deletions src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -1809,52 +1809,8 @@ public function iisRequestUriProvider()
{ {
return array( return array(
array( array(
array(
'X_ORIGINAL_URL' => '/foo/bar',
),
array(),
'/foo/bar',
),
array(
array(
'X_REWRITE_URL' => '/foo/bar',
),
array(), array(),
'/foo/bar',
),
array(
array(),
array(
'IIS_WasUrlRewritten' => '1',
'UNENCODED_URL' => '/foo/bar',
),
'/foo/bar',
),
array(
array(
'X_ORIGINAL_URL' => '/foo/bar',
),
array(
'HTTP_X_ORIGINAL_URL' => '/foo/bar',
),
'/foo/bar',
),
array(
array(
'X_ORIGINAL_URL' => '/foo/bar',
),
array(
'IIS_WasUrlRewritten' => '1',
'UNENCODED_URL' => '/foo/bar',
),
'/foo/bar',
),
array(
array(
'X_ORIGINAL_URL' => '/foo/bar',
),
array( array(
'HTTP_X_ORIGINAL_URL' => '/foo/bar',
'IIS_WasUrlRewritten' => '1', 'IIS_WasUrlRewritten' => '1',
'UNENCODED_URL' => '/foo/bar', 'UNENCODED_URL' => '/foo/bar',
), ),
Expand Down

0 comments on commit e447e8b

Please sign in to comment.