Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cache host in request #33129

Open
wants to merge 2 commits into
base: 4.4
from

Conversation

@lbassin
Copy link
Contributor

commented Aug 12, 2019

Q A
Branch? 4.4
Bug fix? no
New feature? yes
BC breaks? no
Deprecations? no
Tests pass? yes
Fixed tickets #32709
License MIT
Doc PR -

This PR stores request's host in a private variable, so we don't have run the entire function again the second time you call $request->getHost()

@lbassin lbassin force-pushed the lbassin:cache-host branch from 481b859 to 5c92cf2 Aug 12, 2019

@nicolas-grekas nicolas-grekas added this to the next milestone Aug 12, 2019

@xuanquynh
Copy link
Contributor

left a comment

Some tests are broken because $request doesn't change the host name when new HTTP_HOST or SERVER_NAME is set.

$request = new Request();
'' === $request->getHost(); // true
$request->initialize([], [], [], [], [], ['HTTP_HOST' => 'www.example.com']);
'' === $request->getHost(); // true
$request->initialize([], [], [], [], [], ['SERVER_NAME' => 'www.example.com']);
'' === $request->getHost(); // true
@xuanquynh

This comment has been minimized.

Copy link
Contributor

commented Aug 13, 2019

For the above example, we may clear the $host property while new server indexes are set or this is a breaking change, I think.

@@ -1156,7 +1165,7 @@ public function getHost()
// use preg_replace() instead of preg_match() to prevent DoS attacks with long host names
if ($host && '' !== preg_replace('/(?:^\[)?[a-zA-Z0-9-:\]_]+\.?/', '', $host)) {
if (!$this->isHostValid) {
return '';
return $this->host = '';

This comment has been minimized.

Copy link
@ismail1432

ismail1432 Aug 14, 2019

Contributor

at this time $this->host is still null why set it to ' ' ?

}
}
if (!$this->isHostValid) {
return '';
return $this->host = '';

This comment has been minimized.

Copy link
@ismail1432

ismail1432 Aug 14, 2019

Contributor

same here, at this time $this->host is still null why set it to ' ' ?

@@ -1167,26 +1176,26 @@ public function getHost()
// to avoid host header injection attacks, you should provide a list of trusted host patterns
if (\in_array($host, self::$trustedHosts)) {
return $host;
return $this->host = $host;

This comment has been minimized.

Copy link
@ismail1432

ismail1432 Aug 14, 2019

Contributor

According to coding style I don't know if we can assign a variable AND return it in the same line

This comment has been minimized.

Copy link
@lbassin

lbassin Aug 14, 2019

Author Contributor

I am not sure of that, i looked in the coding style documentation (https://symfony.com/doc/current/contributing/code/standards.html) but i haven't found anything about this case

This comment has been minimized.

Copy link
@fabpot

fabpot Aug 14, 2019

Member

👍 we are doing this elsewhere in the code.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
7 participants
You can’t perform that action at this time.