Fixup HTTP headers for httpClient requests

This commit is contained in:
Philipp Holzer 2021-08-24 14:17:42 +02:00
parent c7f54d83ce
commit 2356221aba
No known key found for this signature in database
GPG key ID: 9A28B7D4FF5667BD
12 changed files with 36 additions and 33 deletions

View file

@ -227,7 +227,7 @@ class Search
$return = Contact::searchByName($search, $mode);
} else {
$p = $page > 1 ? 'p=' . $page : '';
$curlResult = DI::httpRequest()->get(self::getGlobalDirectory() . '/search/people?' . $p . '&q=' . urlencode($search), ['accept_content' => 'application/json']);
$curlResult = DI::httpRequest()->get(self::getGlobalDirectory() . '/search/people?' . $p . '&q=' . urlencode($search), ['accept_content' => ['application/json']]);
if ($curlResult->isSuccess()) {
$searchResult = json_decode($curlResult->getBody(), true);
if (!empty($searchResult['profiles'])) {

View file

@ -1728,8 +1728,7 @@ class GServer
if (!empty($accesstoken)) {
$api = 'https://instances.social/api/1.0/instances/list?count=0';
$header = ['Authorization: Bearer '.$accesstoken];
$curlResult = DI::httpRequest()->get($api, ['header' => $header]);
$curlResult = DI::httpRequest()->get($api, ['header' => ['Authorization' => ['Bearer ' . $accesstoken]]]);
if ($curlResult->isSuccess()) {
$servers = json_decode($curlResult->getBody(), true);

View file

@ -50,7 +50,7 @@ class ExternalResource implements IStorage
}
try {
$fetchResult = HTTPSignature::fetchRaw($data->url, $data->uid, ['accept_content' => '']);
$fetchResult = HTTPSignature::fetchRaw($data->url, $data->uid, ['accept_content' => []]);
} catch (Exception $exception) {
throw new ReferenceStorageException(sprintf('External resource failed to get %s', $reference), $exception->getCode(), $exception);
}

View file

@ -75,7 +75,7 @@ class Proxy extends BaseModule
$request['url'] = str_replace(' ', '+', $request['url']);
// Fetch the content with the local user
$fetchResult = HTTPSignature::fetchRaw($request['url'], local_user(), ['accept_content' => '', 'timeout' => 10]);
$fetchResult = HTTPSignature::fetchRaw($request['url'], local_user(), ['accept_content' => [], 'timeout' => 10]);
$img_str = $fetchResult->getBody();
if (!$fetchResult->isSuccess() || empty($img_str)) {

View file

@ -103,7 +103,7 @@ class HTTPClient implements IHTTPClient
$header = [];
if (!empty($opts['accept_content'])) {
array_push($header, 'Accept: ' . $opts['accept_content']);
$header['Accept'] = $opts['accept_content'];
}
if (!empty($opts['header'])) {

View file

@ -170,7 +170,7 @@ class Probe
Logger::info('Probing', ['host' => $host, 'ssl_url' => $ssl_url, 'url' => $url, 'callstack' => System::callstack(20)]);
$xrd = null;
$curlResult = DI::httpRequest()->get($ssl_url, ['timeout' => $xrd_timeout, 'accept_content' => 'application/xrd+xml']);
$curlResult = DI::httpRequest()->get($ssl_url, ['timeout' => $xrd_timeout, 'accept_content' => ['application/xrd+xml']]);
$ssl_connection_error = ($curlResult->getErrorNumber() == CURLE_COULDNT_CONNECT) || ($curlResult->getReturnCode() == 0);
if ($curlResult->isSuccess()) {
$xml = $curlResult->getBody();
@ -187,7 +187,7 @@ class Probe
}
if (!is_object($xrd) && !empty($url)) {
$curlResult = DI::httpRequest()->get($url, ['timeout' => $xrd_timeout, 'accept_content' => 'application/xrd+xml']);
$curlResult = DI::httpRequest()->get($url, ['timeout' => $xrd_timeout, 'accept_content' => ['application/xrd+xml']]);
$connection_error = ($curlResult->getErrorNumber() == CURLE_COULDNT_CONNECT) || ($curlResult->getReturnCode() == 0);
if ($curlResult->isTimeout()) {
Logger::info('Probing timeout', ['url' => $url]);
@ -940,7 +940,7 @@ class Probe
{
$xrd_timeout = DI::config()->get('system', 'xrd_timeout', 20);
$curlResult = DI::httpRequest()->get($url, ['timeout' => $xrd_timeout, 'accept_content' => $type]);
$curlResult = DI::httpRequest()->get($url, ['timeout' => $xrd_timeout, 'accept_content' => [$type]]);
if ($curlResult->isTimeout()) {
self::$istimeout = true;
return [];

View file

@ -976,7 +976,7 @@ class DFRN
$content_type = ($public_batch ? "application/magic-envelope+xml" : "application/json");
$postResult = DI::httpRequest()->post($dest_url, $envelope, ["Content-Type: " . $content_type]);
$postResult = DI::httpRequest()->post($dest_url, $envelope, ['Content-Type' => $content_type]);
$xml = $postResult->getBody();
$curl_stat = $postResult->getReturnCode();

View file

@ -3022,7 +3022,7 @@ class Diaspora
if (!intval(DI::config()->get("system", "diaspora_test"))) {
$content_type = (($public_batch) ? "application/magic-envelope+xml" : "application/json");
$postResult = DI::httpRequest()->post($dest_url . "/", $envelope, ["Content-Type: " . $content_type]);
$postResult = DI::httpRequest()->post($dest_url . "/", $envelope, ['Content-Type' => $content_type]);
$return_code = $postResult->getReturnCode();
} else {
Logger::log("test_mode");

View file

@ -727,7 +727,7 @@ class OStatus
self::$conv_list[$conversation] = true;
$curlResult = DI::httpRequest()->get($conversation, ['accept_content' => 'application/atom+xml, text/html']);
$curlResult = DI::httpRequest()->get($conversation, ['accept_content' => ['application/atom+xml', 'text/html']]);
if (!$curlResult->isSuccess() || empty($curlResult->getBody())) {
return;
@ -921,7 +921,7 @@ class OStatus
}
$stored = false;
$curlResult = DI::httpRequest()->get($related, ['accept_content' => 'application/atom+xml, text/html']);
$curlResult = DI::httpRequest()->get($related, ['accept_content' => ['application/atom+xml', 'text/html']]);
if (!$curlResult->isSuccess() || empty($curlResult->getBody())) {
return;

View file

@ -156,8 +156,8 @@ class Salmon
// slap them
$postResult = DI::httpRequest()->post($url, $salmon, [
'Content-type: application/magic-envelope+xml',
'Content-length: ' . strlen($salmon)
'Content-type' => 'application/magic-envelope+xml',
'Content-length' => strlen($salmon),
]);
$return_code = $postResult->getReturnCode();
@ -181,8 +181,8 @@ class Salmon
// slap them
$postResult = DI::httpRequest()->post($url, $salmon, [
'Content-type: application/magic-envelope+xml',
'Content-length: ' . strlen($salmon)
'Content-type' => 'application/magic-envelope+xml',
'Content-length' => strlen($salmon),
]);
$return_code = $postResult->getReturnCode();
}
@ -204,8 +204,8 @@ class Salmon
// slap them
$postResult = DI::httpRequest()->post($url, $salmon, [
'Content-type: application/magic-envelope+xml',
'Content-length: ' . strlen($salmon)]);
'Content-type' => 'application/magic-envelope+xml',
'Content-length' => strlen($salmon)]);
$return_code = $postResult->getReturnCode();
}

View file

@ -29,6 +29,7 @@ use Friendica\Model\APContact;
use Friendica\Model\Contact;
use Friendica\Model\User;
use Friendica\Network\CurlResult;
use Friendica\Network\IHTTPResult;
/**
* Implements HTTP Signatures per draft-cavage-http-signatures-07.
@ -290,15 +291,20 @@ class HTTPSignature
$content_length = strlen($content);
$date = DateTimeFormat::utcNow(DateTimeFormat::HTTP);
$headers = ['Date: ' . $date, 'Content-Length: ' . $content_length, 'Digest: ' . $digest, 'Host: ' . $host];
$headers = [
'Date' => $date,
'Content-Length' => $content_length,
'Digest' => $digest,
'Host' => $host
];
$signed_data = "(request-target): post " . $path . "\ndate: ". $date . "\ncontent-length: " . $content_length . "\ndigest: " . $digest . "\nhost: " . $host;
$signature = base64_encode(Crypto::rsaSign($signed_data, $owner['uprvkey'], 'sha256'));
$headers[] = 'Signature: keyId="' . $owner['url'] . '#main-key' . '",algorithm="rsa-sha256",headers="(request-target) date content-length digest host",signature="' . $signature . '"';
$headers['Signature'] = 'keyId="' . $owner['url'] . '#main-key' . '",algorithm="rsa-sha256",headers="(request-target) date content-length digest host",signature="' . $signature . '"';
$headers[] = 'Content-Type: application/activity+json';
$headers['Content-Type'] = 'application/activity+json';
$postResult = DI::httpRequest()->post($target, $content, $headers);
$return_code = $postResult->getReturnCode();
@ -409,10 +415,10 @@ class HTTPSignature
* 'nobody' => only return the header
* 'cookiejar' => path to cookie jar file
*
* @return CurlResult CurlResult
* @return IHTTPResult CurlResult
* @throws \Friendica\Network\HTTPException\InternalServerErrorException
*/
public static function fetchRaw($request, $uid = 0, $opts = ['accept_content' => 'application/activity+json, application/ld+json'])
public static function fetchRaw($request, $uid = 0, $opts = ['accept_content' => ['application/activity+json', 'application/ld+json']])
{
$header = [];
@ -434,17 +440,14 @@ class HTTPSignature
$path = parse_url($request, PHP_URL_PATH);
$date = DateTimeFormat::utcNow(DateTimeFormat::HTTP);
$header = ['Date: ' . $date, 'Host: ' . $host];
$header['Date'] = $date;
$header['Host'] = $host;
$signed_data = "(request-target): get " . $path . "\ndate: ". $date . "\nhost: " . $host;
$signature = base64_encode(Crypto::rsaSign($signed_data, $owner['uprvkey'], 'sha256'));
$header[] = 'Signature: keyId="' . $owner['url'] . '#main-key' . '",algorithm="rsa-sha256",headers="(request-target) date host",signature="' . $signature . '"';
}
if (!empty($opts['accept_content'])) {
$header[] = 'Accept: ' . $opts['accept_content'];
$header['Signature'] = 'keyId="' . $owner['url'] . '#main-key' . '",algorithm="rsa-sha256",headers="(request-target) date host",signature="' . $signature . '"';
}
$curl_opts = $opts;

View file

@ -59,11 +59,12 @@ class PubSubPublish
$hmac_sig = hash_hmac("sha1", $params, $subscriber['secret']);
$headers = ["Content-type: application/atom+xml",
sprintf("Link: <%s>;rel=hub,<%s>;rel=self",
$headers = [
'Content-type' => 'application/atom+xml',
'Link' => sprintf("<%s>;rel=hub,<%s>;rel=self",
DI::baseUrl() . '/pubsubhubbub/' . $subscriber['nickname'],
$subscriber['topic']),
"X-Hub-Signature: sha1=" . $hmac_sig];
'X-Hub-Signature' => 'sha1=' . $hmac_sig];
Logger::log('POST ' . print_r($headers, true) . "\n" . $params, Logger::DATA);