forked from ringcentral/psr7
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
337e3ad
commit e98e3e6
Showing
5 changed files
with
128 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,6 +1,6 @@ | ||
| # PSR-7 Message Implementation | ||
|
|
||
| This repository contains a full [PSR-7](http://www.php-fig.org/psr/psr-7/) | ||
| This repository contains a full [PSR-7](https://www.php-fig.org/psr/psr-7/) | ||
| message implementation, several stream decorators, and some helpful | ||
| functionality like query string parsing. | ||
|
|
||
|
|
@@ -659,7 +659,7 @@ manually but instead is used indirectly via `Psr\Http\Message\UriInterface::__to | |
|
|
||
| `public static function fromParts(array $parts): UriInterface` | ||
|
|
||
| Creates a URI from a hash of [`parse_url`](http://php.net/manual/en/function.parse-url.php) components. | ||
| Creates a URI from a hash of [`parse_url`](https://www.php.net/manual/en/function.parse-url.php) components. | ||
|
|
||
|
|
||
| ### `GuzzleHttp\Psr7\Uri::withQueryValue` | ||
|
|
@@ -684,6 +684,16 @@ associative array of key => value. | |
| Creates a new URI with a specific query string value removed. Any existing query string values that exactly match the | ||
| provided key are removed. | ||
|
|
||
| ## Cross-Origin Detection | ||
|
|
||
| `GuzzleHttp\Psr7\UriComparator` provides methods to determine if a modified URL should be considered cross-origin. | ||
|
|
||
| ### `GuzzleHttp\Psr7\UriComparator::isCrossOrigin` | ||
|
|
||
| `public static function isCrossOrigin(UriInterface $original, UriInterface $modified): bool` | ||
|
|
||
| Determines if a modified URL should be considered cross-origin with respect to an original URL. | ||
|
|
||
| ## Reference Resolution | ||
|
|
||
| `GuzzleHttp\Psr7\UriResolver` provides methods to resolve a URI reference in the context of a base URI according | ||
|
|
@@ -809,14 +819,24 @@ This of course assumes they will be resolved against the same base URI. If this | |
| equivalence or difference of relative references does not mean anything. | ||
|
|
||
|
|
||
| ## Version Guidance | ||
|
|
||
| | Version | Status | PHP Version | | ||
| |---------|----------------|------------------| | ||
| | 1.x | Security fixes | >=5.4,<8.1 | | ||
| | 2.x | Latest | ^7.2.5 \|\| ^8.0 | | ||
|
|
||
|
|
||
| ## Security | ||
|
|
||
| If you discover a security vulnerability within this package, please send an email to [email protected]. All security vulnerabilities will be promptly addressed. Please do not disclose security-related issues publicly until a fix has been announced. Please see [Security Policy](https://github.com/guzzle/psr7/security/policy) for more information. | ||
|
|
||
|
|
||
| ## License | ||
|
|
||
| Guzzle is made available under the MIT License (MIT). Please see [License File](LICENSE) for more information. | ||
|
|
||
|
|
||
| ## For Enterprise | ||
|
|
||
| Available as part of the Tidelift Subscription | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -63,7 +63,7 @@ | |
| }, | ||
| "extra": { | ||
| "branch-alias": { | ||
| "dev-master": "1.7-dev" | ||
| "dev-master": "1.9-dev" | ||
| } | ||
| }, | ||
| "config": { | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| <?php | ||
|
|
||
| namespace GuzzleHttp\Psr7; | ||
|
|
||
| use Psr\Http\Message\UriInterface; | ||
|
|
||
| /** | ||
| * Provides methods to determine if a modified URL should be considered cross-origin. | ||
| * | ||
| * @author Graham Campbell | ||
| */ | ||
| final class UriComparator | ||
| { | ||
| /** | ||
| * Determines if a modified URL should be considered cross-origin with | ||
| * respect to an original URL. | ||
| * | ||
| * @return bool | ||
| */ | ||
| public static function isCrossOrigin(UriInterface $original, UriInterface $modified) | ||
| { | ||
| if (\strcasecmp($original->getHost(), $modified->getHost()) !== 0) { | ||
| return true; | ||
| } | ||
|
|
||
| if ($original->getScheme() !== $modified->getScheme()) { | ||
| return true; | ||
| } | ||
|
|
||
| if (self::computePort($original) !== self::computePort($modified)) { | ||
| return true; | ||
| } | ||
|
|
||
| return false; | ||
| } | ||
|
|
||
| /** | ||
| * @return int | ||
| */ | ||
| private static function computePort(UriInterface $uri) | ||
| { | ||
| $port = $uri->getPort(); | ||
|
|
||
| if (null !== $port) { | ||
| return $port; | ||
| } | ||
|
|
||
| return 'https' === $uri->getScheme() ? 443 : 80; | ||
| } | ||
|
|
||
| private function __construct() | ||
| { | ||
| // cannot be instantiated | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,42 @@ | ||
| <?php | ||
|
|
||
| namespace GuzzleHttp\Tests\Psr7; | ||
|
|
||
| use GuzzleHttp\Psr7\Uri; | ||
| use GuzzleHttp\Psr7\UriComparator; | ||
|
|
||
| /** | ||
| * @covers GuzzleHttp\Psr7\UriComparator | ||
| */ | ||
| class UriComparatorTest extends BaseTest | ||
| { | ||
| /** | ||
| * @dataProvider getCrossOriginExamples | ||
| */ | ||
| public function testIsCrossOrigin($originalUri, $modifiedUri, $expected) | ||
| { | ||
| self::assertSame($expected, UriComparator::isCrossOrigin(new Uri($originalUri), new Uri($modifiedUri))); | ||
| } | ||
|
|
||
| public function getCrossOriginExamples() | ||
| { | ||
| return [ | ||
| ['http://example.com/123', 'http://example.com/', false], | ||
| ['http://example.com/123', 'http://example.com:80/', false], | ||
| ['http://example.com:80/123', 'http://example.com/', false], | ||
| ['http://example.com:80/123', 'http://example.com:80/', false], | ||
| ['http://example.com/123', 'https://example.com/', true], | ||
| ['http://example.com/123', 'http://www.example.com/', true], | ||
| ['http://example.com/123', 'http://example.com:81/', true], | ||
| ['http://example.com:80/123', 'http://example.com:81/', true], | ||
| ['https://example.com/123', 'https://example.com/', false], | ||
| ['https://example.com/123', 'https://example.com:443/', false], | ||
| ['https://example.com:443/123', 'https://example.com/', false], | ||
| ['https://example.com:443/123', 'https://example.com:443/', false], | ||
| ['https://example.com/123', 'http://example.com/', true], | ||
| ['https://example.com/123', 'https://www.example.com/', true], | ||
| ['https://example.com/123', 'https://example.com:444/', true], | ||
| ['https://example.com:443/123', 'https://example.com:444/', true], | ||
| ]; | ||
| } | ||
| } |