CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
checkIp example
$subnet = '2a01:198:603:0::/65';
$this->assertFalse(IpUtils::checkIp4($ip, $subnet));
$this->assertTrue(IpUtils::checkIp6($ip, $subnet));
}
/** * @dataProvider getIpv4Data */
public function testIpv4($matches, $remoteAddr, $cidr)
{
$this->assertSame($matches, IpUtils::checkIp($remoteAddr, $cidr));
}
public static function getIpv4Data()
{
return [
[true, '192.168.1.1', '192.168.1.1'],
[true, '192.168.1.1', '192.168.1.1/1'],
[true, '192.168.1.1', '192.168.1.0/24'],
[false, '192.168.1.1', '1.2.3.4/1'],
[false, '192.168.1.1', '192.168.1.1/33'], // invalid subnet [true, '192.168.1.1', ['1.2.3.4/1', '192.168.1.0/24']],
[
$this->assertFalse(IpUtils::checkIp4($ip, $subnet));
$this->assertTrue(IpUtils::checkIp6($ip, $subnet));
}
/** * @dataProvider getIpv4Data */
public function testIpv4($matches, $remoteAddr, $cidr)
{
$this->assertSame($matches, IpUtils::checkIp($remoteAddr, $cidr));
}
public static function getIpv4Data()
{
return [
[true, '192.168.1.1', '192.168.1.1'],
[true, '192.168.1.1', '192.168.1.1/1'],
[true, '192.168.1.1', '192.168.1.0/24'],
[false, '192.168.1.1', '1.2.3.4/1'],
[false, '192.168.1.1', '192.168.1.1/33'], // invalid subnet [true, '192.168.1.1', ['1.2.3.4/1', '192.168.1.0/24']],
[
class MaintenanceModeResolver
{
public function __construct(private readonly EventDispatcherInterface $eventDispatcher)
{
}
/** * @param string[] $allowedIps */
public function isClientAllowed(Request $request, array $allowedIps): bool
{
$isAllowed = IpUtils::checkIp(
(string) $request->getClientIp(),
$allowedIps
);
$event = new MaintenanceModeRequestEvent($request, $allowedIps, $isAllowed);
$this->eventDispatcher->dispatch($event);
return $event->isClientAllowed();
}
}
{
public function __construct(private readonly EventDispatcherInterface $eventDispatcher)
{
}
/** * @param string[] $allowedIps */
public function isClientAllowed(Request $request, array $allowedIps): bool
{
$isAllowed = IpUtils::checkIp(
(string) $request->getClientIp(),
$allowedIps
);
$event = new MaintenanceModeRequestEvent($request, $allowedIps, $isAllowed);
$this->eventDispatcher->dispatch($event);
return $event->isClientAllowed();
}
}
$onProgress = $options['on_progress'] ?? null;
if (null !== $onProgress && !\is_callable($onProgress)) {
throw new InvalidArgumentException(sprintf('Option "on_progress" must be callable, "%s" given.', get_debug_type($onProgress)));
}
$subnets = $this->subnets;
$options['on_progress'] = function Dint $dlNow, int $dlSize, array $info) use ($onProgress, $subnets): void {
static $lastPrimaryIp = '';
if ($info['primary_ip'] !== $lastPrimaryIp) {
if ($info['primary_ip'] && IpUtils::checkIp($info['primary_ip'], $subnets ?? IpUtils::PRIVATE_SUBNETS)) {
throw new TransportException(sprintf('IP "%s" is blocked for "%s".', $info['primary_ip'], $info['url']));
}
$lastPrimaryIp = $info['primary_ip'];
}
null !== $onProgress && $onProgress($dlNow, $dlSize, $info);
};
return $this->client->request($method, $url, $options);
}
return false;
}
if (null !== $this->host && !preg_match('{'.$this->host.'}i', $request->getHost())) {
return false;
}
if (null !== $this->port && 0 < $this->port && $request->getPort() !== $this->port) {
return false;
}
if (IpUtils::checkIp($request->getClientIp() ?? '', $this->ips)) {
return true;
}
// Note to future implementors: add additional checks above the // foreach above or else your check might not be run! return 0 === \count($this->ips);
}
}
}
if (null !== $this->host && !preg_match('{'.$this->host.'}i', $request->getHost())) {
return false;
}
if (null !== $this->port && 0 < $this->port && $request->getPort() !== $this->port) {
return false;
}
if (IpUtils::checkIp($request->getClientIp() ?? '', $this->ips)) {
return true;
}
// Note to future implementors: add additional checks above the // foreach above or else your check might not be run! return 0 === \count($this->ips);
}
}
public function __construct(array|string $ips)
{
$this->ips = array_reduce((array) $ips, static fn (array $ips, string $ip) => array_merge($ips, preg_split('/\s*,\s*/', $ip)), []);
}
public function matches(Request $request): bool
{
if (!$this->ips) {
return true;
}
return IpUtils::checkIp($request->getClientIp() ?? '', $this->ips);
}
}
{
$this->ips = array_reduce((array) $ips, static fn (array $ips, string $ip) => array_merge($ips, preg_split('/\s*,\s*/', $ip)), []);
}
public function matches(Request $request): bool
{
if (!$this->ips) {
return true;
}
return IpUtils::checkIp($request->getClientIp() ?? '', $this->ips);
}
}
class SubRequestHandler
{
public static function handle(HttpKernelInterface $kernel, Request $request, int $type, bool $catch): Response
{
// save global state related to trusted headers and proxies $trustedProxies = Request::getTrustedProxies();
$trustedHeaderSet = Request::getTrustedHeaderSet();
// remove untrusted values $remoteAddr = $request->server->get('REMOTE_ADDR');
if (!$remoteAddr || !IpUtils::checkIp($remoteAddr, $trustedProxies)) {
$trustedHeaders = [
'FORWARDED' => $trustedHeaderSet & Request::HEADER_FORWARDED,
'X_FORWARDED_FOR' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_FOR,
'X_FORWARDED_HOST' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_HOST,
'X_FORWARDED_PROTO' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_PROTO,
'X_FORWARDED_PORT' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_PORT,
'X_FORWARDED_PREFIX' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_PREFIX,
];
foreach (array_filter($trustedHeaders) as $name => $key) {
$request->headers->remove($name);
$request->server->remove('HTTP_'.$name);
}
$ip = '['.$ip.']';
}
return $ip;
}
/** * Checks if an IPv4 or IPv6 address is contained in the list of private IP subnets. */
public static function isPrivateIp(string $requestIp): bool
{
return self::checkIp($requestIp, self::PRIVATE_SUBNETS);
}
private static function getCacheResult(string $cacheKey): ?bool
{
if (isset(self::$checkedIps[$cacheKey])) {
// Move the item last in cache (LRU) $value = self::$checkedIps[$cacheKey];
unset(self::$checkedIps[$cacheKey]);
self::$checkedIps[$cacheKey] = $value;
return self::$checkedIps[$cacheKey];
}
}
return $ip;
}
/** * Checks if an IPv4 or IPv6 address is contained in the list of private IP subnets. */
public static function isPrivateIp(string $requestIp): bool
{
return self::checkIp($requestIp, self::PRIVATE_SUBNETS);
}
private static function getCacheResult(string $cacheKey): ?bool
{
if (isset(self::$checkedIps[$cacheKey])) {
// Move the item last in cache (LRU) $value = self::$checkedIps[$cacheKey];
unset(self::$checkedIps[$cacheKey]);
self::$checkedIps[$cacheKey] = $value;
return self::$checkedIps[$cacheKey];
}
class SubRequestHandler
{
public static function handle(HttpKernelInterface $kernel, Request $request, int $type, bool $catch): Response
{
// save global state related to trusted headers and proxies $trustedProxies = Request::getTrustedProxies();
$trustedHeaderSet = Request::getTrustedHeaderSet();
// remove untrusted values $remoteAddr = $request->server->get('REMOTE_ADDR');
if (!$remoteAddr || !IpUtils::checkIp($remoteAddr, $trustedProxies)) {
$trustedHeaders = [
'FORWARDED' => $trustedHeaderSet & Request::HEADER_FORWARDED,
'X_FORWARDED_FOR' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_FOR,
'X_FORWARDED_HOST' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_HOST,
'X_FORWARDED_PROTO' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_PROTO,
'X_FORWARDED_PORT' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_PORT,
'X_FORWARDED_PREFIX' => $trustedHeaderSet & Request::HEADER_X_FORWARDED_PREFIX,
];
foreach (array_filter($trustedHeaders) as $name => $key) {
$request->headers->remove($name);
$request->server->remove('HTTP_'.$name);
}
return false;
}
if (null !== $this->host && !preg_match('{'.$this->host.'}i', $request->getHost())) {
return false;
}
if (null !== $this->port && 0 < $this->port && $request->getPort() !== $this->port) {
return false;
}
if (IpUtils::checkIp($request->getClientIp() ?? '', $this->ips)) {
return true;
}
// Note to future implementors: add additional checks above the // foreach above or else your check might not be run! return 0 === \count($this->ips);
}
}
}
if (null !== $this->host && !preg_match('{'.$this->host.'}i', $request->getHost())) {
return false;
}
if (null !== $this->port && 0 < $this->port && $request->getPort() !== $this->port) {
return false;
}
if (IpUtils::checkIp($request->getClientIp() ?? '', $this->ips)) {
return true;
}
// Note to future implementors: add additional checks above the // foreach above or else your check might not be run! return 0 === \count($this->ips);
}
}
public function __construct(array|string $ips)
{
$this->ips = array_reduce((array) $ips, static fn (array $ips, string $ip) => array_merge($ips, preg_split('/\s*,\s*/', $ip)), []);
}
public function matches(Request $request): bool
{
if (!$this->ips) {
return true;
}
return IpUtils::checkIp($request->getClientIp() ?? '', $this->ips);
}
}
{
$this->ips = array_reduce((array) $ips, static fn (array $ips, string $ip) => array_merge($ips, preg_split('/\s*,\s*/', $ip)), []);
}
public function matches(Request $request): bool
{
if (!$this->ips) {
return true;
}
return IpUtils::checkIp($request->getClientIp() ?? '', $this->ips);
}
}
return new static($query, $request, $attributes, $cookies, $files, $server, $content);
}
/** * Indicates whether this request originated from a trusted proxy. * * This can be useful to determine whether or not to trust the * contents of a proxy-specific header. */
public function isFromTrustedProxy(): bool
{
return self::$trustedProxies && IpUtils::checkIp($this->server->get('REMOTE_ADDR', ''), self::$trustedProxies);
}
private function getTrustedValues(int $type, string $ip = null): array
{
$clientValues = [];
$forwardedValues = [];
if ((self::$trustedHeaderSet & $type) && $this->headers->has(self::TRUSTED_HEADERS[$type])) {
foreach (explode(',', $this->headers->get(self::TRUSTED_HEADERS[$type])) as $v) {
$clientValues[] = (self::HEADER_X_FORWARDED_PORT === $type ? '0.0.0.0:' : '').trim($v);
}
}
}
/** * Indicates whether this request originated from a trusted proxy. * * This can be useful to determine whether or not to trust the * contents of a proxy-specific header. */
public function isFromTrustedProxy(): bool
{
return self::$trustedProxies && IpUtils::checkIp($this->server->get('REMOTE_ADDR', ''), self::$trustedProxies);
}
private function getTrustedValues(int $type, string $ip = null): array
{
$clientValues = [];
$forwardedValues = [];
if ((self::$trustedHeaderSet & $type) && $this->headers->has(self::TRUSTED_HEADERS[$type])) {
foreach (explode(',', $this->headers->get(self::TRUSTED_HEADERS[$type])) as $v) {
$clientValues[] = (self::HEADER_X_FORWARDED_PORT === $type ? '0.0.0.0:' : '').trim($v);
}
}
return new static($query, $request, $attributes, $cookies, $files, $server, $content);
}
/** * Indicates whether this request originated from a trusted proxy. * * This can be useful to determine whether or not to trust the * contents of a proxy-specific header. */
public function isFromTrustedProxy(): bool
{
return self::$trustedProxies && IpUtils::checkIp($this->server->get('REMOTE_ADDR', ''), self::$trustedProxies);
}
private function getTrustedValues(int $type, string $ip = null): array
{
$clientValues = [];
$forwardedValues = [];
if ((self::$trustedHeaderSet & $type) && $this->headers->has(self::TRUSTED_HEADERS[$type])) {
foreach (explode(',', $this->headers->get(self::TRUSTED_HEADERS[$type])) as $v) {
$clientValues[] = (self::HEADER_X_FORWARDED_PORT === $type ? '0.0.0.0:' : '').trim($v);
}
}
}
/** * Indicates whether this request originated from a trusted proxy. * * This can be useful to determine whether or not to trust the * contents of a proxy-specific header. */
public function isFromTrustedProxy(): bool
{
return self::$trustedProxies && IpUtils::checkIp($this->server->get('REMOTE_ADDR', ''), self::$trustedProxies);
}
private function getTrustedValues(int $type, string $ip = null): array
{
$clientValues = [];
$forwardedValues = [];
if ((self::$trustedHeaderSet & $type) && $this->headers->has(self::TRUSTED_HEADERS[$type])) {
foreach (explode(',', $this->headers->get(self::TRUSTED_HEADERS[$type])) as $v) {
$clientValues[] = (self::HEADER_X_FORWARDED_PORT === $type ? '0.0.0.0:' : '').trim($v);
}
}
$ip = '['.$ip.']';
}
return $ip;
}
/** * Checks if an IPv4 or IPv6 address is contained in the list of private IP subnets. */
public static function isPrivateIp(string $requestIp): bool
{
return self::checkIp($requestIp, self::PRIVATE_SUBNETS);
}
private static function getCacheResult(string $cacheKey): ?bool
{
if (isset(self::$checkedIps[$cacheKey])) {
// Move the item last in cache (LRU) $value = self::$checkedIps[$cacheKey];
unset(self::$checkedIps[$cacheKey]);
self::$checkedIps[$cacheKey] = $value;
return self::$checkedIps[$cacheKey];
}
}
return $ip;
}
/** * Checks if an IPv4 or IPv6 address is contained in the list of private IP subnets. */
public static function isPrivateIp(string $requestIp): bool
{
return self::checkIp($requestIp, self::PRIVATE_SUBNETS);
}
private static function getCacheResult(string $cacheKey): ?bool
{
if (isset(self::$checkedIps[$cacheKey])) {
// Move the item last in cache (LRU) $value = self::$checkedIps[$cacheKey];
unset(self::$checkedIps[$cacheKey]);
self::$checkedIps[$cacheKey] = $value;
return self::$checkedIps[$cacheKey];
}