fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-07 10:41:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix #1960 update guzzlehttp/guzzle to 6.5.7

Browse source
This commit is contained in:
Kijin Sung 2022-06-10 15:52:04 +09:00
parent d4ffe761c5
commit 2f964f7409
8 changed files with 62 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

12
composer.lock generated
View file

@ -438,16 +438,16 @@
}, },
{ {
"name": "guzzlehttp/guzzle", "name": "guzzlehttp/guzzle",
"version": "6.5.6", "version": "6.5.7",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/guzzle/guzzle.git", "url": "https://github.com/guzzle/guzzle.git",
"reference": "f092dd734083473658de3ee4bef093ed77d2689c" "reference": "724562fa861e21a4071c652c8a159934e4f05592"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/guzzle/guzzle/zipball/f092dd734083473658de3ee4bef093ed77d2689c", "url": "https://api.github.com/repos/guzzle/guzzle/zipball/724562fa861e21a4071c652c8a159934e4f05592",
"reference": "f092dd734083473658de3ee4bef093ed77d2689c", "reference": "724562fa861e21a4071c652c8a159934e4f05592",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -533,7 +533,7 @@
], ],
"support": { "support": {
"issues": "https://github.com/guzzle/guzzle/issues", "issues": "https://github.com/guzzle/guzzle/issues",
"source": "https://github.com/guzzle/guzzle/tree/6.5.6" "source": "https://github.com/guzzle/guzzle/tree/6.5.7"
}, },
"funding": [ "funding": [
{ {
@ -549,7 +549,7 @@
"type": "tidelift" "type": "tidelift"
} }
], ],
"time": "2022-05-25T13:19:12+00:00" "time": "2022-06-09T21:36:50+00:00"
}, },
{ {
"name": "guzzlehttp/promises", "name": "guzzlehttp/promises",

10
vendor/composer/InstalledVersions.php vendored
View file

@ -29,7 +29,7 @@ private static $installed = array (
'aliases' => 'aliases' =>
array ( array (
), ),
'reference' => 'd0cdcb5d2a4d741a4ba25512e9a9e5168b374729', 'reference' => 'd4ffe761c58924530ae083ba84e2daf5b709c2a6',
'name' => 'rhymix/rhymix', 'name' => 'rhymix/rhymix',
), ),
'versions' => 'versions' =>
@ -99,12 +99,12 @@ private static $installed = array (
), ),
'guzzlehttp/guzzle' => 'guzzlehttp/guzzle' =>
array ( array (
'pretty_version' => '6.5.6', 'pretty_version' => '6.5.7',
'version' => '6.5.6.0', 'version' => '6.5.7.0',
'aliases' => 'aliases' =>
array ( array (
), ),
'reference' => 'f092dd734083473658de3ee4bef093ed77d2689c', 'reference' => '724562fa861e21a4071c652c8a159934e4f05592',
), ),
'guzzlehttp/promises' => 'guzzlehttp/promises' =>
array ( array (
@ -228,7 +228,7 @@ private static $installed = array (
'aliases' => 'aliases' =>
array ( array (
), ),
'reference' => 'd0cdcb5d2a4d741a4ba25512e9a9e5168b374729', 'reference' => 'd4ffe761c58924530ae083ba84e2daf5b709c2a6',
), ),
'rmccue/requests' => 'rmccue/requests' =>
array ( array (

2
vendor/composer/autoload_files.php vendored
View file

@ -16,6 +16,6 @@ return array(
'def43f6c87e4f8dfd0c9e1b1bab14fe8' => $vendorDir . '/symfony/polyfill-iconv/bootstrap.php', 'def43f6c87e4f8dfd0c9e1b1bab14fe8' => $vendorDir . '/symfony/polyfill-iconv/bootstrap.php',
'8170285c807a9f24f165f37b15bc9a36' => $vendorDir . '/defuse/php-encryption/Crypto.php', '8170285c807a9f24f165f37b15bc9a36' => $vendorDir . '/defuse/php-encryption/Crypto.php',
'2cffec82183ee1cea088009cef9a6fc3' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier.composer.php', '2cffec82183ee1cea088009cef9a6fc3' => $vendorDir . '/ezyang/htmlpurifier/library/HTMLPurifier.composer.php',
'37a3dc5111fe8f707ab4c132ef1dbc62' => $vendorDir . '/guzzlehttp/guzzle/src/functions_include.php',
'2c102faa651ef8ea5874edb585946bce' => $vendorDir . '/swiftmailer/swiftmailer/lib/swift_required.php', '2c102faa651ef8ea5874edb585946bce' => $vendorDir . '/swiftmailer/swiftmailer/lib/swift_required.php',
'37a3dc5111fe8f707ab4c132ef1dbc62' => $vendorDir . '/guzzlehttp/guzzle/src/functions_include.php',
); );

2
vendor/composer/autoload_static.php vendored
View file

@ -17,8 +17,8 @@ class ComposerStaticInit1e37ff09eb6590c7436f139ffd9070de
'def43f6c87e4f8dfd0c9e1b1bab14fe8' => __DIR__ . '/..' . '/symfony/polyfill-iconv/bootstrap.php', 'def43f6c87e4f8dfd0c9e1b1bab14fe8' => __DIR__ . '/..' . '/symfony/polyfill-iconv/bootstrap.php',
'8170285c807a9f24f165f37b15bc9a36' => __DIR__ . '/..' . '/defuse/php-encryption/Crypto.php', '8170285c807a9f24f165f37b15bc9a36' => __DIR__ . '/..' . '/defuse/php-encryption/Crypto.php',
'2cffec82183ee1cea088009cef9a6fc3' => __DIR__ . '/..' . '/ezyang/htmlpurifier/library/HTMLPurifier.composer.php', '2cffec82183ee1cea088009cef9a6fc3' => __DIR__ . '/..' . '/ezyang/htmlpurifier/library/HTMLPurifier.composer.php',
'37a3dc5111fe8f707ab4c132ef1dbc62' => __DIR__ . '/..' . '/guzzlehttp/guzzle/src/functions_include.php',
'2c102faa651ef8ea5874edb585946bce' => __DIR__ . '/..' . '/swiftmailer/swiftmailer/lib/swift_required.php', '2c102faa651ef8ea5874edb585946bce' => __DIR__ . '/..' . '/swiftmailer/swiftmailer/lib/swift_required.php',
'37a3dc5111fe8f707ab4c132ef1dbc62' => __DIR__ . '/..' . '/guzzlehttp/guzzle/src/functions_include.php',
); );
public static $prefixLengthsPsr4 = array ( public static $prefixLengthsPsr4 = array (

14
vendor/composer/installed.json vendored
View file

@ -445,17 +445,17 @@
}, },
{ {
"name": "guzzlehttp/guzzle", "name": "guzzlehttp/guzzle",
"version": "6.5.6", "version": "6.5.7",
"version_normalized": "6.5.6.0", "version_normalized": "6.5.7.0",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/guzzle/guzzle.git", "url": "https://github.com/guzzle/guzzle.git",
"reference": "f092dd734083473658de3ee4bef093ed77d2689c" "reference": "724562fa861e21a4071c652c8a159934e4f05592"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/guzzle/guzzle/zipball/f092dd734083473658de3ee4bef093ed77d2689c", "url": "https://api.github.com/repos/guzzle/guzzle/zipball/724562fa861e21a4071c652c8a159934e4f05592",
"reference": "f092dd734083473658de3ee4bef093ed77d2689c", "reference": "724562fa861e21a4071c652c8a159934e4f05592",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -473,7 +473,7 @@
"suggest": { "suggest": {
"psr/log": "Required for using the Log middleware" "psr/log": "Required for using the Log middleware"
}, },
"time": "2022-05-25T13:19:12+00:00", "time": "2022-06-09T21:36:50+00:00",
"type": "library", "type": "library",
"extra": { "extra": {
"branch-alias": { "branch-alias": {
@ -543,7 +543,7 @@
], ],
"support": { "support": {
"issues": "https://github.com/guzzle/guzzle/issues", "issues": "https://github.com/guzzle/guzzle/issues",
"source": "https://github.com/guzzle/guzzle/tree/6.5.6" "source": "https://github.com/guzzle/guzzle/tree/6.5.7"
}, },
"funding": [ "funding": [
{ {

10
vendor/composer/installed.php vendored
View file

@ -6,7 +6,7 @@
'aliases' => 'aliases' =>
array ( array (
), ),
'reference' => 'd0cdcb5d2a4d741a4ba25512e9a9e5168b374729', 'reference' => 'd4ffe761c58924530ae083ba84e2daf5b709c2a6',
'name' => 'rhymix/rhymix', 'name' => 'rhymix/rhymix',
), ),
'versions' => 'versions' =>
@ -76,12 +76,12 @@
), ),
'guzzlehttp/guzzle' => 'guzzlehttp/guzzle' =>
array ( array (
'pretty_version' => '6.5.6', 'pretty_version' => '6.5.7',
'version' => '6.5.6.0', 'version' => '6.5.7.0',
'aliases' => 'aliases' =>
array ( array (
), ),
'reference' => 'f092dd734083473658de3ee4bef093ed77d2689c', 'reference' => '724562fa861e21a4071c652c8a159934e4f05592',
), ),
'guzzlehttp/promises' => 'guzzlehttp/promises' =>
array ( array (
@ -205,7 +205,7 @@
'aliases' => 'aliases' =>
array ( array (
), ),
'reference' => 'd0cdcb5d2a4d741a4ba25512e9a9e5168b374729', 'reference' => 'd4ffe761c58924530ae083ba84e2daf5b709c2a6',
), ),
'rmccue/requests' => 'rmccue/requests' =>
array ( array (

5
vendor/guzzlehttp/guzzle/CHANGELOG.md vendored
View file

@ -1,5 +1,10 @@
# Change Log # Change Log
## 6.5.7 - 2022-06-09
* Fix failure to strip Authorization header on HTTP downgrade
* Fix failure to strip the Cookie header on change in host or HTTP downgrade
## 6.5.6 - 2022-05-25 ## 6.5.6 - 2022-05-25
* Fix cross-domain cookie leakage * Fix cross-domain cookie leakage

38
vendor/guzzlehttp/guzzle/src/RedirectMiddleware.php vendored
View file

@ -141,7 +141,7 @@ class RedirectMiddleware
} }
/** /**
* Check for too many redirects * Check for too many redirects.
* *
* @return void * @return void
* *
@ -190,7 +190,7 @@ class RedirectMiddleware
$modify['body'] = ''; $modify['body'] = '';
} }
$uri = $this->redirectUri($request, $response, $protocols); $uri = self::redirectUri($request, $response, $protocols);
if (isset($options['idn_conversion']) && ($options['idn_conversion'] !== false)) { if (isset($options['idn_conversion']) && ($options['idn_conversion'] !== false)) {
$idnOptions = ($options['idn_conversion'] === true) ? IDNA_DEFAULT : $options['idn_conversion']; $idnOptions = ($options['idn_conversion'] === true) ? IDNA_DEFAULT : $options['idn_conversion'];
$uri = Utils::idnUriConvert($uri, $idnOptions); $uri = Utils::idnUriConvert($uri, $idnOptions);
@ -210,16 +210,42 @@ class RedirectMiddleware
$modify['remove_headers'][] = 'Referer'; $modify['remove_headers'][] = 'Referer';
} }
// Remove Authorization header if host is different. // Remove Authorization and Cookie headers if required.
if ($request->getUri()->getHost() !== $modify['uri']->getHost()) { if (self::shouldStripSensitiveHeaders($request->getUri(), $modify['uri'])) {
$modify['remove_headers'][] = 'Authorization'; $modify['remove_headers'][] = 'Authorization';
$modify['remove_headers'][] = 'Cookie';
} }
return Psr7\modify_request($request, $modify); return Psr7\modify_request($request, $modify);
} }
/** /**
* Set the appropriate URL on the request based on the location header * Determine if we should strip sensitive headers from the request.
*
* We return true if either of the following conditions are true:
*
* 1. the host is different;
* 2. the scheme has changed, and now is non-https.
*
* @return bool
*/
private static function shouldStripSensitiveHeaders(
UriInterface $originalUri,
UriInterface $modifiedUri
) {
if (strcasecmp($originalUri->getHost(), $modifiedUri->getHost()) !== 0) {
return true;
}
if ($originalUri->getScheme() !== $modifiedUri->getScheme() && 'https' !== $modifiedUri->getScheme()) {
return true;
}
return false;
}
/**
* Set the appropriate URL on the request based on the location header.
* *
* @param RequestInterface $request * @param RequestInterface $request
* @param ResponseInterface $response * @param ResponseInterface $response
@ -227,7 +253,7 @@ class RedirectMiddleware
* *
* @return UriInterface * @return UriInterface
*/ */
private function redirectUri( private static function redirectUri(
RequestInterface $request, RequestInterface $request,
ResponseInterface $response, ResponseInterface $response,
array $protocols array $protocols