HomePhabricator

Allow Phabricator to run with "enable_post_data_reading" disabled

Description

Allow Phabricator to run with "enable_post_data_reading" disabled

Summary:
Ref T13008. Depends on D18701. The overall goal here is to make turning enable_post_data_reading off not break things, so we can run rate limiting checks before we read file uploads.

The biggest blocker for this is that turning it off stops $_FILES from coming into existence.

This appears to mostly work. Specifically:

  • Skip the max_post_size check when POST is off, since it's meaningless.
  • Don't read or scrub $_POST at startup when POST is off.
  • When we rebuild REQUEST and POST before processing requests, do multipart parsing if we need to and rebuild FILES.
  • Skip the is_uploaded_file() check if we built FILES ourselves.

This probably breaks a couple of small things, like maybe __profile__ and other DarkConsole triggers over POST, and probably some other weird stuff. The parsers may also need more work than they've received so far.

I also need to verify that this actually works (i.e., lets us run code without reading the request body) but I'll include that in the change where I update the actual rate limiting.

Test Plan:

  • Disabled enable_post_data_reading.
  • Uploaded a file with a vanilla upload form (project profile image).
  • Uploaded a file with drag and drop.
  • Used DarkConsole.
  • Submitted comments.
  • Created a task.
  • Browsed around.

Reviewers: amckinley

Reviewed By: amckinley

Maniphest Tasks: T13008

Differential Revision: https://secure.phabricator.com/D18702