8877511590

Committed 29 Apr 2024 11:05AM UTC coverage: 81.537% (-0.2%) from 81.776%

Build Type

push

github

Committed by

Commit Message

IRequest, IResponse: added typehints, unification (BC break)

Run Details

2 of 2 new or added lines in 1 file covered. (100.0%)

53 existing lines in 5 files now uncovered.

870 of 1067 relevant lines covered (81.54%)

0.82 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

71.59

/src/Bridges/HttpDI/HttpExtension.php

<?php

/**
 * This file is part of the Nette Framework (https://nette.org)
 * Copyright (c) 2004 David Grudl (https://davidgrudl.com)
 */

declare(strict_types=1);

namespace Nette\Bridges\HttpDI;

use Nette;
use Nette\Schema\Expect;


/**
 * HTTP extension for Nette DI.
 */
class HttpExtension extends Nette\DI\CompilerExtension
{
        public function __construct(
                private readonly bool $cliMode = false,
        ) {
        }


        public function getConfigSchema(): Nette\Schema\Schema
        {
                return Expect::structure([
                        'proxy' => Expect::anyOf(Expect::arrayOf('string'), Expect::string()->castTo('array'))->firstIsDefault()->dynamic(),
                        'headers' => Expect::arrayOf('scalar|null')->default([
                                'X-Powered-By' => 'Nette Framework 3',
                                'Content-Type' => 'text/html; charset=utf-8',
                        ])->mergeDefaults(),
                        'frames' => Expect::anyOf(Expect::string(), Expect::bool(), null)->default('SAMEORIGIN'), // X-Frame-Options
                        'csp' => Expect::arrayOf('array|scalar|null'), // Content-Security-Policy
                        'cspReportOnly' => Expect::arrayOf('array|scalar|null'), // Content-Security-Policy-Report-Only
                        'featurePolicy' => Expect::arrayOf('array|scalar|null'), // Feature-Policy
                        'cookiePath' => Expect::string()->dynamic(),
                        'cookieDomain' => Expect::string()->dynamic(),
                        'cookieSecure' => Expect::anyOf('auto', null, true, false)->firstIsDefault()->dynamic(), // Whether the cookie is available only through HTTPS
                        'disableNetteCookie' => Expect::bool(false), // disables cookie use by Nette
                ]);
        }


        public function loadConfiguration(): void
        {
                $builder = $this->getContainerBuilder();
                $config = $this->config;

                $builder->addDefinition($this->prefix('requestFactory'))
                        ->setFactory(Nette\Http\RequestFactory::class)
                        ->addSetup('setProxy', [$config->proxy]);

                $request = $builder->addDefinition($this->prefix('request'))
                        ->setFactory('@Nette\Http\RequestFactory::fromGlobals');

                $response = $builder->addDefinition($this->prefix('response'))
                        ->setFactory(Nette\Http\Response::class);

                if ($config->cookiePath !== null) {
                        $response->addSetup('$cookiePath', [$config->cookiePath]);
                }

                if ($config->cookieDomain !== null) {
                        $value = $config->cookieDomain === 'domain'
                                ? $builder::literal('$this->getService(?)->getUrl()->getDomain(2)', [$request->getName()])
                                : $config->cookieDomain;
                        $response->addSetup('$cookieDomain', [$value]);
                }

                if ($config->cookieSecure !== null) {
                        $value = $config->cookieSecure === 'auto'
                                ? $builder::literal('$this->getService(?)->isSecured()', [$request->getName()])
                                : $config->cookieSecure;
                        $response->addSetup('$cookieSecure', [$value]);
                }

                if ($this->name === 'http') {
                        $builder->addAlias('nette.httpRequestFactory', $this->prefix('requestFactory'));
                        $builder->addAlias('httpRequest', $this->prefix('request'));
                        $builder->addAlias('httpResponse', $this->prefix('response'));
                }

                if (!$this->cliMode) {
                        $this->sendHeaders();
                }
        }


        private function sendHeaders(): void
        {
                $config = $this->config;
                $headers = array_map('strval', $config->headers);

                if (isset($config->frames) && $config->frames !== true && !isset($headers['X-Frame-Options'])) {
                        $frames = $config->frames;
                        if ($frames === false) {
                                $frames = 'DENY';
                        } elseif (preg_match('#^https?:#', $frames)) {
                                $frames = "ALLOW-FROM $frames";
                        }

                        $headers['X-Frame-Options'] = $frames;
                }

                foreach (['csp', 'cspReportOnly'] as $key) {
                        if (empty($config->$key)) {
                                continue;
                        }

                        $value = self::buildPolicy($config->$key);
                        if (str_contains($value, "'nonce'")) {
                                $this->initialization->addBody('$cspNonce = base64_encode(random_bytes(16));');
                                $value = Nette\DI\ContainerBuilder::literal(
                                        'str_replace(?, ? . $cspNonce, ?)',
                                        ["'nonce", "'nonce-", $value],
                                );
                        }

                        $headers['Content-Security-Policy' . ($key === 'csp' ? '' : '-Report-Only')] = $value;
                }

                if (!empty($config->featurePolicy)) {
                        $headers['Feature-Policy'] = self::buildPolicy($config->featurePolicy);
                }

                $this->initialization->addBody('$response = $this->getService(?);', [$this->prefix('response')]);
                foreach ($headers as $key => $value) {
                        if ($value !== '') {
                                $this->initialization->addBody('$response->setHeader(?, ?);', [$key, $value]);
                        }
                }

                if (!$config->disableNetteCookie) {
                        $this->initialization->addBody(
                                'Nette\Http\Helpers::initCookie($this->getService(?), $response);',
                                [$this->prefix('request')],
                        );
                }
        }


        private static function buildPolicy(array $config): string
        {
                $nonQuoted = ['require-sri-for' => 1, 'sandbox' => 1];
                $value = '';
                foreach ($config as $type => $policy) {
                        if ($policy === false) {
                                continue;
                        }

                        $policy = $policy === true ? [] : (array) $policy;
                        $value .= $type;
                        foreach ($policy as $item) {
                                if (is_array($item)) {
                                        $item = key($item) . ':';
                                }

                                $value .= !isset($nonQuoted[$type]) && preg_match('#^[a-z-]+$#D', $item)
                                        ? " '$item'"
                                        : " $item";
                        }

                        $value .= '; ';
                }

                return $value;
        }
}

1	<?php
2
3	/**
4	* This file is part of the Nette Framework (https://nette.org)
5	* Copyright (c) 2004 David Grudl (https://davidgrudl.com)
6	*/
7
8	declare(strict_types=1);
9
10	namespace Nette\Bridges\HttpDI;
11
12	use Nette;
13	use Nette\Schema\Expect;
14
15
16	/**
17	* HTTP extension for Nette DI.
18	*/
19	class HttpExtension extends Nette\DI\CompilerExtension
20	{
21	public function __construct(	1✔
22	private readonly bool $cliMode = false,
23	) {
24	}	1✔
25
26
27	public function getConfigSchema(): Nette\Schema\Schema
28	{
29	return Expect::structure([	1✔
30	'proxy' => Expect::anyOf(Expect::arrayOf('string'), Expect::string()->castTo('array'))->firstIsDefault()->dynamic(),	1✔
31	'headers' => Expect::arrayOf('scalar\|null')->default([	1✔
32	'X-Powered-By' => 'Nette Framework 3',	1✔
33	'Content-Type' => 'text/html; charset=utf-8',
34	])->mergeDefaults(),	1✔
35	'frames' => Expect::anyOf(Expect::string(), Expect::bool(), null)->default('SAMEORIGIN'), // X-Frame-Options	1✔
36	'csp' => Expect::arrayOf('array\|scalar\|null'), // Content-Security-Policy	1✔
37	'cspReportOnly' => Expect::arrayOf('array\|scalar\|null'), // Content-Security-Policy-Report-Only	1✔
38	'featurePolicy' => Expect::arrayOf('array\|scalar\|null'), // Feature-Policy	1✔
39	'cookiePath' => Expect::string()->dynamic(),	1✔
40	'cookieDomain' => Expect::string()->dynamic(),	1✔
41	'cookieSecure' => Expect::anyOf('auto', null, true, false)->firstIsDefault()->dynamic(), // Whether the cookie is available only through HTTPS	1✔
42	'disableNetteCookie' => Expect::bool(false), // disables cookie use by Nette	1✔
43	]);
44	}
45
46
47	public function loadConfiguration(): void
48	{
49	$builder = $this->getContainerBuilder();	1✔
50	$config = $this->config;	1✔
51
52	$builder->addDefinition($this->prefix('requestFactory'))	1✔
53	->setFactory(Nette\Http\RequestFactory::class)	1✔
54	->addSetup('setProxy', [$config->proxy]);	1✔
55
56	$request = $builder->addDefinition($this->prefix('request'))	1✔
57	->setFactory('@Nette\Http\RequestFactory::fromGlobals');	1✔
58
59	$response = $builder->addDefinition($this->prefix('response'))	1✔
60	->setFactory(Nette\Http\Response::class);	1✔
61
62	if ($config->cookiePath !== null) {	1✔
63	$response->addSetup('$cookiePath', [$config->cookiePath]);	1✔
64	}
65
66	if ($config->cookieDomain !== null) {	1✔
67	$value = $config->cookieDomain === 'domain'	1✔
68	? $builder::literal('$this->getService(?)->getUrl()->getDomain(2)', [$request->getName()])	1✔
69	: $config->cookieDomain;	1✔
70	$response->addSetup('$cookieDomain', [$value]);	1✔
71	}
72
73	if ($config->cookieSecure !== null) {	1✔
74	$value = $config->cookieSecure === 'auto'	1✔
75	? $builder::literal('$this->getService(?)->isSecured()', [$request->getName()])	1✔
76	: $config->cookieSecure;	1✔
77	$response->addSetup('$cookieSecure', [$value]);	1✔
78	}
79
80	if ($this->name === 'http') {	1✔
81	$builder->addAlias('nette.httpRequestFactory', $this->prefix('requestFactory'));	1✔
82	$builder->addAlias('httpRequest', $this->prefix('request'));	1✔
83	$builder->addAlias('httpResponse', $this->prefix('response'));	1✔
84	}
85
86	if (!$this->cliMode) {	1✔
87	$this->sendHeaders();	1✔
88	}
89	}	1✔
90
91
92	private function sendHeaders(): void
93	{
94	$config = $this->config;	1✔
95	$headers = array_map('strval', $config->headers);	1✔
96
97	if (isset($config->frames) && $config->frames !== true && !isset($headers['X-Frame-Options'])) {	1✔
98	$frames = $config->frames;	1✔
99	if ($frames === false) {	1✔
UNCOV 100	$frames = 'DENY';	×
101	} elseif (preg_match('#^https?:#', $frames)) {	1✔
UNCOV 102	$frames = "ALLOW-FROM $frames";	×
103	}
104
105	$headers['X-Frame-Options'] = $frames;	1✔
106	}
107
108	foreach (['csp', 'cspReportOnly'] as $key) {	1✔
109	if (empty($config->$key)) {	1✔
110	continue;	1✔
111	}
112
UNCOV 113	$value = self::buildPolicy($config->$key);	×
UNCOV 114	if (str_contains($value, "'nonce'")) {	×
UNCOV 115	$this->initialization->addBody('$cspNonce = base64_encode(random_bytes(16));');	×
116	$value = Nette\DI\ContainerBuilder::literal(	×
117	'str_replace(?, ? . $cspNonce, ?)',	×
118	["'nonce", "'nonce-", $value],	×
119	);
120	}
121
UNCOV 122	$headers['Content-Security-Policy' . ($key === 'csp' ? '' : '-Report-Only')] = $value;	×
123	}
124
125	if (!empty($config->featurePolicy)) {	1✔
UNCOV 126	$headers['Feature-Policy'] = self::buildPolicy($config->featurePolicy);	×
127	}
128
129	$this->initialization->addBody('$response = $this->getService(?);', [$this->prefix('response')]);	1✔
130	foreach ($headers as $key => $value) {	1✔
131	if ($value !== '') {	1✔
132	$this->initialization->addBody('$response->setHeader(?, ?);', [$key, $value]);	1✔
133	}
134	}
135
136	if (!$config->disableNetteCookie) {	1✔
137	$this->initialization->addBody(	1✔
138	'Nette\Http\Helpers::initCookie($this->getService(?), $response);',	1✔
139	[$this->prefix('request')],	1✔
140	);
141	}
142	}	1✔
143
144
145	private static function buildPolicy(array $config): string
146	{
UNCOV 147	$nonQuoted = ['require-sri-for' => 1, 'sandbox' => 1];	×
UNCOV 148	$value = '';	×
UNCOV 149	foreach ($config as $type => $policy) {	×
150	if ($policy === false) {	×
151	continue;	×
152	}
153
154	$policy = $policy === true ? [] : (array) $policy;	×
UNCOV 155	$value .= $type;	×
UNCOV 156	foreach ($policy as $item) {	×
157	if (is_array($item)) {	×
158	$item = key($item) . ':';	×
159	}
160
161	$value .= !isset($nonQuoted[$type]) && preg_match('#^[a-z-]+$#D', $item)	×
UNCOV 162	? " '$item'"	×
UNCOV 163	: " $item";	×
164	}
165
166	$value .= '; ';	×
167	}
168
169	return $value;	×
170	}
171	}

nette / http / 8877511590

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous