Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
100.00% |
11 / 11 |
|
100.00% |
2 / 2 |
CRAP | |
100.00% |
1 / 1 |
HSTSPreloadLookup | |
100.00% |
11 / 11 |
|
100.00% |
2 / 2 |
5 | |
100.00% |
1 / 1 |
__construct | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
isPreloaded | |
100.00% |
10 / 10 |
|
100.00% |
1 / 1 |
4 |
1 | <?php |
2 | /** |
3 | * Copyright (C) 2018 Kunal Mehta <legoktm@debian.org> |
4 | * |
5 | * This program is free software; you can redistribute it and/or modify |
6 | * it under the terms of the GNU General Public License as published by |
7 | * the Free Software Foundation; either version 3 of the License, or |
8 | * (at your option) any later version. |
9 | * |
10 | * This program is distributed in the hope that it will be useful, |
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
13 | * GNU General Public License for more details. |
14 | * |
15 | * You should have received a copy of the GNU General Public License |
16 | * along with this program. If not, see <https://www.gnu.org/licenses/>. |
17 | */ |
18 | |
19 | namespace MediaWiki\SecureLinkFixer; |
20 | |
21 | class HSTSPreloadLookup { |
22 | |
23 | private string $path; |
24 | /** @var array<string,int> */ |
25 | private array $domains; |
26 | |
27 | public function __construct( string $path ) { |
28 | $this->path = $path; |
29 | } |
30 | |
31 | /** |
32 | * @param string $host Hostname |
33 | * |
34 | * @return bool |
35 | */ |
36 | public function isPreloaded( string $host ): bool { |
37 | // Lazy-load the domain mapping if it's not already set |
38 | $this->domains ??= require $this->path; |
39 | |
40 | if ( isset( $this->domains[$host] ) ) { |
41 | // Host is directly in the preload list |
42 | return true; |
43 | } |
44 | // Check if parent subdomains are preloaded |
45 | $offset = strpos( $host, '.' ); |
46 | while ( $offset !== false ) { |
47 | $parentdomain = substr( $host, $offset + 1 ); |
48 | if ( isset( $this->domains[$parentdomain] ) ) { |
49 | // This subdomain is directly in the preload list, returns true when subdomains supports https |
50 | return (bool)$this->domains[$parentdomain]; |
51 | } |
52 | // else it's not in the db, we might need to look it up again |
53 | |
54 | // Find the next parent subdomain |
55 | $offset = strpos( $host, '.', $offset + 1 ); |
56 | } |
57 | |
58 | // @todo should we keep a negative cache? |
59 | |
60 | return false; |
61 | } |
62 | } |