REL1_31/php/PhpHttpRequest_8php_source.html

<?php


class PhpHttpRequest extends MWHttpRequest {


    private $fopenErrors = [];


    protected function urlToTcp( $url ) {

        $parsedUrl = parse_url( $url );


        return 'tcp://' . $parsedUrl['host'] . ':' . $parsedUrl['port'];

    }


    protected function getCertOptions() {

        $certOptions = [];

        $certLocations = [];

        if ( $this->caInfo ) {

            $certLocations = [ 'manual' => $this->caInfo ];

        }


        foreach ( $certLocations as $key => $cert ) {

            if ( is_dir( $cert ) ) {

                $certOptions['capath'] = $cert;

                break;

            } elseif ( is_file( $cert ) ) {

                $certOptions['cafile'] = $cert;

                break;

            } elseif ( $key === 'manual' ) {

                // fail more loudly if a cert path was manually configured and it is not valid

                throw new DomainException( "Invalid CA info passed: $cert" );

            }

        }


        return $certOptions;

    }


    public function errorHandler( $errno, $errstr ) {

        $n = count( $this->fopenErrors ) + 1;

        $this->fopenErrors += [ "errno$n" => $errno, "errstr$n" => $errstr ];

    }


    public function execute() {

        $this->prepare();


        if ( is_array( $this->postData ) ) {

            $this->postData = wfArrayToCgi( $this->postData );

        }


        if ( $this->parsedUrl['scheme'] != 'http'

            && $this->parsedUrl['scheme'] != 'https' ) {

            $this->status->fatal( 'http-invalid-scheme', $this->parsedUrl['scheme'] );

        }


        $this->reqHeaders['Accept'] = "*/*";

        $this->reqHeaders['Connection'] = 'Close';

        if ( $this->method == 'POST' ) {

            // Required for HTTP 1.0 POSTs

            $this->reqHeaders['Content-Length'] = strlen( $this->postData );

            if ( !isset( $this->reqHeaders['Content-Type'] ) ) {

                $this->reqHeaders['Content-Type'] = "application/x-www-form-urlencoded";

            }

        }


        // Set up PHP stream context

        $options = [

            'http' => [

                'method' => $this->method,

                'header' => implode( "\r\n", $this->getHeaderList() ),

                'protocol_version' => '1.1',

                'max_redirects' => $this->followRedirects ? $this->maxRedirects : 0,

                'ignore_errors' => true,

                'timeout' => $this->timeout,

                // Curl options in case curlwrappers are installed

                'curl_verify_ssl_host' => $this->sslVerifyHost ? 2 : 0,

                'curl_verify_ssl_peer' => $this->sslVerifyCert,

            ],

            'ssl' => [

                'verify_peer' => $this->sslVerifyCert,

                'SNI_enabled' => true,

                'ciphers' => 'HIGH:!SSLv2:!SSLv3:-ADH:-kDH:-kECDH:-DSS',

                'disable_compression' => true,

            ],

        ];


        if ( $this->proxy ) {

            $options['http']['proxy'] = $this->urlToTcp( $this->proxy );

            $options['http']['request_fulluri'] = true;

        }


        if ( $this->postData ) {

            $options['http']['content'] = $this->postData;

        }


        if ( $this->sslVerifyHost ) {

            // PHP 5.6.0 deprecates CN_match, in favour of peer_name which

            // actually checks SubjectAltName properly.

            if ( version_compare( PHP_VERSION, '5.6.0', '>=' ) ) {

                $options['ssl']['peer_name'] = $this->parsedUrl['host'];

            } else {

                $options['ssl']['CN_match'] = $this->parsedUrl['host'];

            }

        }


        $options['ssl'] += $this->getCertOptions();


        $context = stream_context_create( $options );


        $this->headerList = [];

        $reqCount = 0;

        $url = $this->url;


        $result = [];


        if ( $this->profiler ) {

            $profileSection = $this->profiler->scopedProfileIn(

                __METHOD__ . '-' . $this->profileName

            );

        }

        do {

            $reqCount++;

            $this->fopenErrors = [];

            set_error_handler( [ $this, 'errorHandler' ] );

            $fh = fopen( $url, "r", false, $context );

            restore_error_handler();


            if ( !$fh ) {

                // HACK for instant commons.

                // If we are contacting (commons|upload).wikimedia.org

                // try again with CN_match for en.wikipedia.org

                // as php does not handle SubjectAltName properly

                // prior to "peer_name" option in php 5.6

                if ( isset( $options['ssl']['CN_match'] )

                    && ( $options['ssl']['CN_match'] === 'commons.wikimedia.org'

                        || $options['ssl']['CN_match'] === 'upload.wikimedia.org' )

                ) {

                    $options['ssl']['CN_match'] = 'en.wikipedia.org';

                    $context = stream_context_create( $options );

                    continue;

                }

                break;

            }


            $result = stream_get_meta_data( $fh );

            $this->headerList = $result['wrapper_data'];

            $this->parseHeader();


            if ( !$this->followRedirects ) {

                break;

            }


            # Handle manual redirection

            if ( !$this->isRedirect() || $reqCount > $this->maxRedirects ) {

                break;

            }

            # Check security of URL

            $url = $this->getResponseHeader( "Location" );


            if ( !Http::isValidURI( $url ) ) {

                $this->logger->debug( __METHOD__ . ": insecure redirection\n" );

                break;

            }

        } while ( true );

        if ( $this->profiler ) {

            $this->profiler->scopedProfileOut( $profileSection );

        }


        $this->setStatus();


        if ( $fh === false ) {

            if ( $this->fopenErrors ) {

                $this->logger->warning( __CLASS__

                    . ': error opening connection: {errstr1}', $this->fopenErrors );

            }

            $this->status->fatal( 'http-request-error' );

            return Status::wrap( $this->status ); // TODO B/C; move this to callers

        }


        if ( $result['timed_out'] ) {

            $this->status->fatal( 'http-timed-out', $this->url );

            return Status::wrap( $this->status ); // TODO B/C; move this to callers

        }


        // If everything went OK, or we received some error code

        // get the response body content.

        if ( $this->status->isOK() || (int)$this->respStatus >= 300 ) {

            while ( !feof( $fh ) ) {

                $buf = fread( $fh, 8192 );


                if ( $buf === false ) {

                    $this->status->fatal( 'http-read-error' );

                    break;

                }


                if ( strlen( $buf ) ) {

                    call_user_func( $this->callback, $fh, $buf );

                }

            }

        }

        fclose( $fh );


        return Status::wrap( $this->status ); // TODO B/C; move this to callers

    }


}


wfArrayToCgi
wfArrayToCgi( $array1, $array2=null, $prefix='')
This function takes one or two arrays as input, and returns a CGI-style string, e....
Definition GlobalFunctions.php:377

prepare
static prepare( $text, $lang)
Backward-compatibility shim for extensions.
Definition SyntaxHighlight.php:560

Http\isValidURI
static isValidURI( $uri)
Checks that the given URI is a valid one.
Definition Http.php:146

MWHttpRequest
This wrapper class will call out to curl (if available) or fallback to regular PHP if necessary for h...
Definition MWHttpRequest.php:32

MWHttpRequest\$url
$url
Definition MWHttpRequest.php:50

MWHttpRequest\isRedirect
isRedirect()
Returns true if the last status code was a redirect.
Definition MWHttpRequest.php:445

MWHttpRequest\setStatus
setStatus()
Sets HTTPRequest status member to a fatal value with the error message if the returned integer value ...
Definition MWHttpRequest.php:414

MWHttpRequest\parseHeader
parseHeader()
Parses the headers, including the HTTP status code and any Set-Cookie headers.
Definition MWHttpRequest.php:387

MWHttpRequest\getResponseHeader
getResponseHeader( $header)
Returns the value of the given response header.
Definition MWHttpRequest.php:481

MWHttpRequest\$parsedUrl
$parsedUrl
Definition MWHttpRequest.php:51

MWHttpRequest\getHeaderList
getHeaderList()
Get an array of the headers.
Definition MWHttpRequest.php:295

PhpHttpRequest
Definition PhpHttpRequest.php:21

PhpHttpRequest\execute
execute()
Definition PhpHttpRequest.php:87

PhpHttpRequest\$fopenErrors
$fopenErrors
Definition PhpHttpRequest.php:23

PhpHttpRequest\getCertOptions
getCertOptions()
Returns an array with a 'capath' or 'cafile' key that is suitable to be merged into the 'ssl' sub-arr...
Definition PhpHttpRequest.php:44

PhpHttpRequest\urlToTcp
urlToTcp( $url)
Definition PhpHttpRequest.php:29

PhpHttpRequest\errorHandler
errorHandler( $errno, $errstr)
Custom error handler for dealing with fopen() errors.
Definition PhpHttpRequest.php:77

$options
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped & $options
Definition hooks.txt:2001

$context
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults also a ContextSource after deleting those rows but within the same transaction you ll probably need to make sure the header is varied on and they can depend only on the ResourceLoaderContext $context
Definition hooks.txt:2811