Home Esplora Aiuto
Accedi
joker
/
composer
1
0
Forka 0
File Problemi 0 Pull Requests 0 Wiki
Sfoglia il codice sorgente

Added secure-http flag, defaults to true

cinamo 9 anni fa
parent
8808638ea9
commit
ef60478926
3 ha cambiato i file con 19 aggiunte e 0 eliminazioni
Visualizzazione separata Mostra Diff Stats
  1. 1 0
      src/Composer/Command/ConfigCommand.php
  2. 4 0
      src/Composer/Config.php
  3. 14 0
      src/Composer/Util/RemoteFilesystem.php

+ 1 - 0
src/Composer/Command/ConfigCommand.php
Vedi File 

@@ -331,6 +331,7 @@ EOT
 
             'classmap-authoritative' => array($booleanValidator, $booleanNormalizer),
 
             'prepend-autoloader' => array($booleanValidator, $booleanNormalizer),
 
             'disable-tls' => array($booleanValidator, $booleanNormalizer),
 
+            'secure-http' => array($booleanValidator, $booleanNormalizer),
 
             'cafile' => array(
 
                 function ($val) { return file_exists($val) && is_readable($val); },
 
                 function ($val) { return $val === 'null' ? null : $val; },

+ 4 - 0
src/Composer/Config.php
Vedi File 

@@ -46,6 +46,7 @@ class Config
 
         'prepend-autoloader' => true,
 
         'github-domains' => array('github.com'),
 
         'disable-tls' => false,
 
+        'secure-http' => true,
 
         'cafile' => null,
 
         'capath' => null,
 
         'github-expose-hostname' => true,
 
@@ -275,6 +276,9 @@ class Config
 
             case 'disable-tls':
 
                 return $this->config[$key] !== 'false' && (bool) $this->config[$key];
 
 
+            case 'secure-http':
 
+                return $this->config[$key] !== 'false' && (bool) $this->config[$key];
 
+
 
             default:
 
                 if (!isset($this->config[$key])) {
 
                     return null;

+ 14 - 0
src/Composer/Util/RemoteFilesystem.php
Vedi File 

@@ -254,6 +254,20 @@ class RemoteFilesystem
 
             $this->io->writeError("    Downloading: <comment>Connecting...</comment>", false);
 
         }
 
 
+        // Check for secure HTTP
 
+        if(($this->scheme === 'http' || substr($fileUrl, 0, 5) !== 'https')
 
+            && $this->config && $this->config->get('secure-http')) {
 
+            // Rewrite unsecure Packagist urls to use https
 
+            if(substr($fileUrl, 0, 21) === 'http://packagist.org/') {
 
+                $fileUrl = 'https://packagist.org/' . substr($fileUrl, 21);
 
+            } else {
 
+                throw new TransportException(
 
+                    sprintf('Your configuration does not allow connection to %s://%s. Enable http connections in your configuration by setting secure-http=false',
 
+                        $this->scheme, $originUrl
 
+                    ));
 
+            }
 
+        }
 
+
 
         $errorMessage = '';
 
         $errorCode = 0;
 
         $result = false;