From 329695b862d738be5290e68190b432cf41c81f16 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Vilius=20Grigali=C5=ABnas?= <vilius.grigaliunas@gmail.com>
Date: Fri, 24 May 2019 11:41:23 +0300
Subject: [PATCH] [HttpFoundation] Do not set X-Accel-Redirect for paths
 outside of X-Accel-Mapping

Currently BinaryFileResponse, when configured with X-Accel-Redirect sendfile type,
will only substitute file paths specified in X-Accel-Mapping. But if the provided
file path does not have a defined prefix, then the resulting header will include
the absolute path. Nginx expects a valid URI, therefore this will result in an
issue that is very hard to detect and debug as it will not show up in error logs
and instead the request would just hang for some time and then be re-served
without query parameters(?).
---
 .../Component/HttpFoundation/BinaryFileResponse.php      | 9 +++++++--
 .../HttpFoundation/Tests/BinaryFileResponseTest.php      | 1 +
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/src/Symfony/Component/HttpFoundation/BinaryFileResponse.php b/src/Symfony/Component/HttpFoundation/BinaryFileResponse.php
index 115f486f023f5..e217820950057 100644
--- a/src/Symfony/Component/HttpFoundation/BinaryFileResponse.php
+++ b/src/Symfony/Component/HttpFoundation/BinaryFileResponse.php
@@ -223,12 +223,17 @@ public function prepare(Request $request)
                     list($pathPrefix, $location) = $part;
                     if (substr($path, 0, \strlen($pathPrefix)) === $pathPrefix) {
                         $path = $location.substr($path, \strlen($pathPrefix));
+                        // Only set X-Accel-Redirect header if a valid URI can be produced
+                        // as nginx does not serve arbitrary file paths.
+                        $this->headers->set($type, $path);
+                        $this->maxlen = 0;
                         break;
                     }
                 }
+            } else {
+                $this->headers->set($type, $path);
+                $this->maxlen = 0;
             }
-            $this->headers->set($type, $path);
-            $this->maxlen = 0;
         } elseif ($request->headers->has('Range')) {
             // Process the range headers.
             if (!$request->headers->has('If-Range') || $this->hasValidIfRangeHeader($request->headers->get('If-Range'))) {
diff --git a/src/Symfony/Component/HttpFoundation/Tests/BinaryFileResponseTest.php b/src/Symfony/Component/HttpFoundation/Tests/BinaryFileResponseTest.php
index 9f3beb08d1af3..effffe925be85 100644
--- a/src/Symfony/Component/HttpFoundation/Tests/BinaryFileResponseTest.php
+++ b/src/Symfony/Component/HttpFoundation/Tests/BinaryFileResponseTest.php
@@ -339,6 +339,7 @@ public function getSampleXAccelMappings()
             ['/var/www/var/www/files/foo.txt', '/var/www/=/files/', '/files/var/www/files/foo.txt'],
             ['/home/Foo/bar.txt', '/var/www/=/files/,/home/Foo/=/baz/', '/baz/bar.txt'],
             ['/home/Foo/bar.txt', '"/var/www/"="/files/", "/home/Foo/"="/baz/"', '/baz/bar.txt'],
+            ['/tmp/bar.txt', '"/var/www/"="/files/", "/home/Foo/"="/baz/"', null],
         ];
     }