Changeset View
Changeset View
Standalone View
Standalone View
src/infrastructure/env/PhabricatorEnv.php
| Show First 20 Lines • Show All 711 Lines • ▼ Show 20 Lines | /* -( URI Validation )----------------------------------------------------- */ | ||||
| * a detailed message if it does not. | * a detailed message if it does not. | ||||
| * | * | ||||
| * A valid fetchable remote resource can be safely fetched using a request | * A valid fetchable remote resource can be safely fetched using a request | ||||
| * originating on this server. This is a primarily an address check against | * originating on this server. This is a primarily an address check against | ||||
| * the outbound address blacklist. | * the outbound address blacklist. | ||||
| * | * | ||||
| * @param string URI to test. | * @param string URI to test. | ||||
| * @param list<string> Allowed protocols. | * @param list<string> Allowed protocols. | ||||
| * @return void | * @return pair<string, string> Pre-resolved URI and domain. | ||||
| * @task uri | * @task uri | ||||
| */ | */ | ||||
| public static function requireValidRemoteURIForFetch( | public static function requireValidRemoteURIForFetch( | ||||
| $uri, | $uri, | ||||
| array $protocols) { | array $protocols) { | ||||
| $uri = new PhutilURI($uri); | $uri = new PhutilURI($uri); | ||||
| ▲ Show 20 Lines • Show All 42 Lines • ▼ Show 20 Lines | foreach ($addresses as $address) { | ||||
| 'URI "%s" is not a valid fetchable resource. The domain "%s" '. | 'URI "%s" is not a valid fetchable resource. The domain "%s" '. | ||||
| 'resolves to the address "%s", which is blacklisted for '. | 'resolves to the address "%s", which is blacklisted for '. | ||||
| 'outbound requests.', | 'outbound requests.', | ||||
| $uri, | $uri, | ||||
| $domain, | $domain, | ||||
| $address)); | $address)); | ||||
| } | } | ||||
| } | } | ||||
| $resolved_uri = clone $uri; | |||||
| $resolved_uri->setDomain(head($addresses)); | |||||
| return array($resolved_uri, $domain); | |||||
| } | } | ||||
| /** | /** | ||||
| * Determine if an IP address is in the outbound address blacklist. | * Determine if an IP address is in the outbound address blacklist. | ||||
| * | * | ||||
| * @param string IP address. | * @param string IP address. | ||||
| * @return bool True if the address is blacklisted. | * @return bool True if the address is blacklisted. | ||||
| ▲ Show 20 Lines • Show All 85 Lines • Show Last 20 Lines | |||||