search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'MDL-78811-Master' of https://github.com/aydevworks/moodle
[moodle.git] / lib / phpxmlrpc / Helper / Http.php
blob971ca42ccf00bf6b36445277b3916b6f2e0758ca
1 <?php
2
3 namespace PhpXmlRpc\Helper;
4
5 use PhpXmlRpc\Exception\HttpException;
6 use PhpXmlRpc\PhpXmlRpc;
7 use PhpXmlRpc\Traits\LoggerAware;
8
9 class Http
10 {
11 use LoggerAware;
12
13 /**
14 * Decode a string that is encoded with "chunked" transfer encoding as defined in rfc2068 par. 19.4.6.
15 * Code shamelessly stolen from nusoap library by Dietrich Ayala.
16 * @internal this function will become protected in the future
17 *
18 * @param string $buffer the string to be decoded
19 * @return string
20 */
21 public static function decodeChunked($buffer)
22 {
23 // length := 0
24 $length = 0;
25 $new = '';
26
27 // read chunk-size, chunk-extension (if any) and crlf
28 // get the position of the linebreak
29 $chunkEnd = strpos($buffer, "\r\n") + 2;
30 $temp = substr($buffer, 0, $chunkEnd);
31 $chunkSize = hexdec(trim($temp));
32 $chunkStart = $chunkEnd;
33 while ($chunkSize > 0) {
34 $chunkEnd = strpos($buffer, "\r\n", $chunkStart + $chunkSize);
35
36 // just in case we got a broken connection
37 if ($chunkEnd == false) {
38 $chunk = substr($buffer, $chunkStart);
39 // append chunk-data to entity-body
40 $new .= $chunk;
41 $length += strlen($chunk);
42 break;
43 }
44
45 // read chunk-data and crlf
46 $chunk = substr($buffer, $chunkStart, $chunkEnd - $chunkStart);
47 // append chunk-data to entity-body
48 $new .= $chunk;
49 // length := length + chunk-size
50 $length += strlen($chunk);
51 // read chunk-size and crlf
52 $chunkStart = $chunkEnd + 2;
53
54 $chunkEnd = strpos($buffer, "\r\n", $chunkStart) + 2;
55 if ($chunkEnd == false) {
56 break; // just in case we got a broken connection
57 }
58 $temp = substr($buffer, $chunkStart, $chunkEnd - $chunkStart);
59 $chunkSize = hexdec(trim($temp));
60 $chunkStart = $chunkEnd;
61 }
62
63 return $new;
64 }
65
66 /**
67 * Parses HTTP an http response's headers and separates them from the body.
68 *
69 * @param string $data the http response, headers and body. It will be stripped of headers
70 * @param bool $headersProcessed when true, we assume that response inflating and dechunking has been already carried out
71 * @param int $debug when > 0, logs to screen messages detailing info about the parsed data
72 * @return array with keys 'headers', 'cookies', 'raw_data' and 'status_code'
73 * @throws HttpException
74 *
75 * @todo if $debug is < 0, we could avoid populating 'raw_data' and 'headers' in the returned value - but that would
76 * be a weird API...
77 */
78 public function parseResponseHeaders(&$data, $headersProcessed = false, $debug = 0)
79 {
80 $httpResponse = array('raw_data' => $data, 'headers'=> array(), 'cookies' => array(), 'status_code' => null);
81
82 // Support "web-proxy-tunnelling" connections for https through proxies
83 if (preg_match('/^HTTP\/1\.[0-1] 200 Connection established/', $data)) {
84 // Look for CR/LF or simple LF as line separator (even though it is not valid http)
85 $pos = strpos($data, "\r\n\r\n");
86 if ($pos || is_int($pos)) {
87 $bd = $pos + 4;
88 } else {
89 $pos = strpos($data, "\n\n");
90 if ($pos || is_int($pos)) {
91 $bd = $pos + 2;
92 } else {
93 // No separation between response headers and body: fault?
94 $bd = 0;
95 }
96 }
97 if ($bd) {
98 // this filters out all http headers from proxy. maybe we could take them into account, too?
99 $data = substr($data, $bd);
100 } else {
101 $this->getLogger()->error('XML-RPC: ' . __METHOD__ . ': HTTPS via proxy error, tunnel connection possibly failed');
102 throw new HttpException(PhpXmlRpc::$xmlrpcstr['http_error'] . ' (HTTPS via proxy error, tunnel connection possibly failed)', PhpXmlRpc::$xmlrpcerr['http_error']);
103 }
104 }
105
106 // Strip HTTP 1.1 100 Continue header if present
107 while (preg_match('/^HTTP\/1\.1 1[0-9]{2} /', $data)) {
108 $pos = strpos($data, 'HTTP', 12);
109 // server sent a Continue header without any (valid) content following...
110 // give the client a chance to know it
111 if (!$pos && !is_int($pos)) {
112 /// @todo this construct works fine in php 3, 4 and 5 - 8; would it not be enough to have !== false now ?
113
114 break;
115 }
116 $data = substr($data, $pos);
117 }
118
119 // When using Curl to query servers using Digest Auth, we get back a double set of http headers.
120 // Same when following redirects
121 // We strip out the 1st...
122 /// @todo we should let the caller know that there was a redirect involved
123 if ($headersProcessed && preg_match('/^HTTP\/[0-9](?:\.[0-9])? (?:401|30[1278]) /', $data)) {
124 if (preg_match('/(\r?\n){2}HTTP\/[0-9](?:\.[0-9])? 200 /', $data)) {
125 $data = preg_replace('/^HTTP\/[0-9](?:\.[0-9])? (?:401|30[1278]) .+?(?:\r?\n){2}(HTTP\/[0-9.]+ 200 )/s', '$1', $data, 1);
126 }
127 }
128
129 if (preg_match('/^HTTP\/([0-9](?:\.[0-9])?) ([0-9]{3}) /', $data, $matches)) {
130 $httpResponse['protocol_version'] = $matches[1];
131 $httpResponse['status_code'] = $matches[2];
132 }
133
134 if ($httpResponse['status_code'] !== '200') {
135 $errstr = substr($data, 0, strpos($data, "\n") - 1);
136 $this->getLogger()->error('XML-RPC: ' . __METHOD__ . ': HTTP error, got response: ' . $errstr);
137 throw new HttpException(PhpXmlRpc::$xmlrpcstr['http_error'] . ' (' . $errstr . ')', PhpXmlRpc::$xmlrpcerr['http_error'], null, $httpResponse['status_code']);
138 }
139
140 // be tolerant to usage of \n instead of \r\n to separate headers and data (even though it is not valid http)
141 $pos = strpos($data, "\r\n\r\n");
142 if ($pos || is_int($pos)) {
143 $bd = $pos + 4;
144 } else {
145 $pos = strpos($data, "\n\n");
146 if ($pos || is_int($pos)) {
147 $bd = $pos + 2;
148 } else {
149 // No separation between response headers and body: fault?
150 // we could take some action here instead of going on...
151 $bd = 0;
152 }
153 }
154
155 // be tolerant to line endings, and extra empty lines
156 $ar = preg_split("/\r?\n/", trim(substr($data, 0, $pos)));
157
158 foreach ($ar as $line) {
159 // take care of (multi-line) headers and cookies
160 $arr = explode(':', $line, 2);
161 if (count($arr) > 1) {
162 /// @todo according to https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4, we should reject with error
163 /// 400 any messages where a space is present between the header name and colon
164 $headerName = strtolower(trim($arr[0]));
165 if ($headerName == 'set-cookie') {
166 $cookie = $arr[1];
167 // glue together all received cookies, using a comma to separate them (same as php does with getallheaders())
168 if (isset($httpResponse['headers'][$headerName])) {
169 $httpResponse['headers'][$headerName] .= ', ' . trim($cookie);
170 } else {
171 $httpResponse['headers'][$headerName] = trim($cookie);
172 }
173 // parse cookie attributes, in case user wants to correctly honour them
174 // @todo support for server sending multiple time cookie with same name, but using different PATHs
175 $cookie = explode(';', $cookie);
176 foreach ($cookie as $pos => $val) {
177 $val = explode('=', $val, 2);
178 $tag = trim($val[0]);
179 $val = isset($val[1]) ? trim($val[1]) : '';
180 if ($pos === 0) {
181 $cookieName = $tag;
182 // if present, we have strip leading and trailing " chars from $val
183 if (preg_match('/^"(.*)"$/', $val, $matches)) {
184 $val = $matches[1];
185 }
186 $httpResponse['cookies'][$cookieName] = array('value' => urldecode($val));
187 } else {
188 $httpResponse['cookies'][$cookieName][$tag] = $val;
189 }
190 }
191 } else {
192 /// @todo some other headers (the ones that allow a CSV list of values) do allow many values to be
193 /// passed using multiple header lines.
194 /// We should add content to $xmlrpc->_xh['headers'][$headerName] instead of replacing it for those...
195 $httpResponse['headers'][$headerName] = trim($arr[1]);
196 }
197 } elseif (isset($headerName)) {
198 /// @todo improve this: 1. check that the line starts with a space or tab; 2. according to
199 /// https://www.rfc-editor.org/rfc/rfc7230#section-3.2.4, we should flat out refuse these messages
200 $httpResponse['headers'][$headerName] .= ' ' . trim($line);
201 }
202 }
203
204 $data = substr($data, $bd);
205
206 if ($debug && count($httpResponse['headers'])) {
207 $msg = '';
208 foreach ($httpResponse['headers'] as $header => $value) {
209 $msg .= "HEADER: $header: $value\n";
210 }
211 foreach ($httpResponse['cookies'] as $header => $value) {
212 $msg .= "COOKIE: $header={$value['value']}\n";
213 }
214 $this->getLogger()->debug($msg);
215 }
216
217 // if CURL was used for the call, http headers have been processed, and dechunking + reinflating have been carried out
218 if (!$headersProcessed) {
219
220 // Decode chunked encoding sent by http 1.1 servers
221 if (isset($httpResponse['headers']['transfer-encoding']) && $httpResponse['headers']['transfer-encoding'] == 'chunked') {
222 if (!$data = static::decodeChunked($data)) {
223 $this->getLogger()->error('XML-RPC: ' . __METHOD__ . ': errors occurred when trying to rebuild the chunked data received from server');
224 throw new HttpException(PhpXmlRpc::$xmlrpcstr['dechunk_fail'], PhpXmlRpc::$xmlrpcerr['dechunk_fail'], null, $httpResponse['status_code']);
225 }
226 }
227
228 // Decode gzip-compressed stuff
229 // code shamelessly inspired from nusoap library by Dietrich Ayala
230 if (isset($httpResponse['headers']['content-encoding'])) {
231 $httpResponse['headers']['content-encoding'] = str_replace('x-', '', $httpResponse['headers']['content-encoding']);
232 if ($httpResponse['headers']['content-encoding'] == 'deflate' || $httpResponse['headers']['content-encoding'] == 'gzip') {
233 // if decoding works, use it. else assume data wasn't gzencoded
234 if (function_exists('gzinflate')) {
235 if ($httpResponse['headers']['content-encoding'] == 'deflate' && $degzdata = @gzuncompress($data)) {
236 $data = $degzdata;
237 if ($debug) {
238 $this->getLogger()->debug("---INFLATED RESPONSE---[" . strlen($data) . " chars]---\n$data\n---END---");
239 }
240 } elseif ($httpResponse['headers']['content-encoding'] == 'gzip' && $degzdata = @gzinflate(substr($data, 10))) {
241 $data = $degzdata;
242 if ($debug) {
243 $this->getLogger()->debug("---INFLATED RESPONSE---[" . strlen($data) . " chars]---\n$data\n---END---");
244 }
245 } else {
246 $this->getLogger()->error('XML-RPC: ' . __METHOD__ . ': errors occurred when trying to decode the deflated data received from server');
247 throw new HttpException(PhpXmlRpc::$xmlrpcstr['decompress_fail'], PhpXmlRpc::$xmlrpcerr['decompress_fail'], null, $httpResponse['status_code']);
248 }
249 } else {
250 $this->getLogger()->error('XML-RPC: ' . __METHOD__ . ': the server sent deflated data. Your php install must have the Zlib extension compiled in to support this.');
251 throw new HttpException(PhpXmlRpc::$xmlrpcstr['cannot_decompress'], PhpXmlRpc::$xmlrpcerr['cannot_decompress'], null, $httpResponse['status_code']);
252 }
253 }
254 }
255 } // end of 'if needed, de-chunk, re-inflate response'
256
257 return $httpResponse;
258 }
259
260 /**
261 * Parses one of the http headers which can have a list of values with quality param.
262 * @see https://www.rfc-editor.org/rfc/rfc7231#section-5.3.1
263 *
264 * @param string $header
265 * @return string[]
266 */
267 public function parseAcceptHeader($header)
268 {
269 $accepted = array();
270 foreach(explode(',', $header) as $c) {
271 if (preg_match('/^([^;]+); *q=([0-9.]+)/', $c, $matches)) {
272 $c = $matches[1];
273 $w = $matches[2];
274 } else {
275 $c = preg_replace('/;.*/', '', $c);
276 $w = 1;
277 }
278 $accepted[(trim($c))] = $w;
279 }
280 arsort($accepted);
281 return array_keys($accepted);
282 }
283 }
Read-only mirror of the Moodle CVS