[HttpClient] adding NoPrivateNetworkHttpClient decorator #35566
Merged
+278
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
OskarStark
reviewed
Feb 3, 2020
| { | ||
| use HttpClientTrait; | ||
|
|
||
| const PRIVATE_SUBNETS = [ |
There was a problem hiding this comment.
so that ppl can reuse it?
private works for me also!
There was a problem hiding this comment.
Ahhh, I thought you were talking about the name of the constant. Thank you!
There was a problem hiding this comment.
private const PRIVATE_SUBNETS works
src/Symfony/Component/HttpClient/Tests/NoPrivateNetworkHttpClientTest.php
Show resolved
Hide resolved
| { | ||
| use HttpClientTrait; | ||
|
|
||
| const PRIVATE_SUBNETS = [ |
src/Symfony/Component/HttpClient/NoPrivateNetworkHttpClient.php
Outdated
Show resolved
Hide resolved
src/Symfony/Component/HttpClient/NoPrivateNetworkHttpClient.php
Outdated
Show resolved
Hide resolved
src/Symfony/Component/HttpClient/NoPrivateNetworkHttpClient.php
Outdated
Show resolved
Hide resolved
src/Symfony/Component/HttpClient/NoPrivateNetworkHttpClient.php
Outdated
Show resolved
Hide resolved
c5147dd to
e48b6d5
Compare
|
@nicolas-grekas @OskarStark |
nicolas-grekas
approved these changes
Feb 3, 2020
fabpot
approved these changes
Feb 3, 2020
e48b6d5 to
63fec80
Compare
|
Thank you @hallboav. |
nicolas-grekas
added a commit
that referenced
this pull request
Feb 3, 2020
…or (hallboav)
This PR was merged into the 5.1-dev branch.
Discussion
----------
[HttpClient] adding NoPrivateNetworkHttpClient decorator
| Q | A
| ------------- | ---
| Branch? | master
| Bug fix? | no
| New feature? | yes
| Deprecations? | no
| Tickets | -
| License | MIT
| Doc PR | -
The purpose of NoPrivateNetworkHttpClient is for block requests to private networks by default or block one or more subnetwork if specified. NoPrivateNetworkHttpClient accepts two arguments, first one is a HttpClientInterface instance and subnetworks as a second argument.
Second argument $subnets can be null for blocking requests to private networks, or string to specify a single subnet of array for a set of subnets.
```php
<?php
use Symfony\Component\HttpClient\HttpClient;
use Symfony\Component\HttpClient\NoPrivateNetworkHttpClient;
$client = new NoPrivateNetworkHttpClient(HttpClient::create());
// You can request public networks normally using the code above
$client->request('GET', 'https://symfony.com/');
// Requests to private neworks will be blocked because second argument ($subnets) is null
$client->request('GET', 'http://localhost/');
// If we request from 104.26.14.0 to 104.26.15.255 we'll get an exception, since I'm specifying a subnetwork
$client = new NoPrivateNetworkHttpClient(HttpClient::create(), ['104.26.14.0/23']);
// Let's suppose that our DNS server resolves symfony.com to 104.26.14.6, then the following request will be blocked
$client->request('GET', 'https://symfony.com/');
```
Commits
-------
63fec80 [HttpClient] adding NoPrivateNetworkHttpClient decorator
Merged
nicolas-grekas
added a commit
that referenced
this pull request
Mar 20, 2023
…r1337) This PR was squashed before being merged into the 6.3 branch. Discussion ---------- [HttpFoundation] Add IpUtils::isPrivateIp | Q | A | ------------- | --- | Branch? | 6.3 | Bug fix? | no | New feature? | yes | Deprecations? | no | Tickets | N/A | License | MIT | Doc PR | symfony/symfony-docs#18102 This is only my second PR for this project, so I hope I followed all the guidelines correctly. Recently I had more and more use cases where I had to make exceptions (mostly rate limiting) for private IP ranges. Symfony currently does not provide an easy way to check if an IP is private or public but implements such logic internally (private constant) for the [NoPrivateNetworkHttpClient](https://github.com/symfony/symfony/blob/6.3/src/Symfony/Component/HttpClient/NoPrivateNetworkHttpClient.php). This PR intents to make the private subnet list reusable by adding it to [IpUtils](https://github.com/symfony/symfony/blob/6.3/src/Symfony/Component/HttpFoundation/IpUtils.php). In the original PR of the NoPrivateNetworkHttpClient it was also briefly mentioned that this constant may have value when made public. #35566 (comment) I think symfony should and always should have exposed this constant. Commits ------- 6471582 [HttpFoundation] Add IpUtils::isPrivateIp
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The purpose of NoPrivateNetworkHttpClient is for block requests to private networks by default or block one or more subnetwork if specified. NoPrivateNetworkHttpClient accepts two arguments, first one is a HttpClientInterface instance and subnetworks as a second argument.
Second argument $subnets can be null for blocking requests to private networks, or string to specify a single subnet of array for a set of subnets.