Merge pull request #24290 from nextcloud/propagate-taint
Add IRequest taint sources
This commit is contained in:
commit
a1cd5ca20c
|
@ -107,6 +107,8 @@ interface IRequest {
|
||||||
/**
|
/**
|
||||||
* @param string $name
|
* @param string $name
|
||||||
*
|
*
|
||||||
|
* @psalm-taint-source input
|
||||||
|
*
|
||||||
* @return string
|
* @return string
|
||||||
* @since 6.0.0
|
* @since 6.0.0
|
||||||
*/
|
*/
|
||||||
|
@ -116,6 +118,8 @@ interface IRequest {
|
||||||
* Lets you access post and get parameters by the index
|
* Lets you access post and get parameters by the index
|
||||||
* In case of json requests the encoded json body is accessed
|
* In case of json requests the encoded json body is accessed
|
||||||
*
|
*
|
||||||
|
* @psalm-taint-source input
|
||||||
|
*
|
||||||
* @param string $key the key which you want to access in the URL Parameter
|
* @param string $key the key which you want to access in the URL Parameter
|
||||||
* placeholder, $_POST or $_GET array.
|
* placeholder, $_POST or $_GET array.
|
||||||
* The priority how they're returned is the following:
|
* The priority how they're returned is the following:
|
||||||
|
@ -134,6 +138,8 @@ interface IRequest {
|
||||||
*
|
*
|
||||||
* (as GET or POST) or through the URL by the route
|
* (as GET or POST) or through the URL by the route
|
||||||
*
|
*
|
||||||
|
* @psalm-taint-source input
|
||||||
|
*
|
||||||
* @return array the array with all parameters
|
* @return array the array with all parameters
|
||||||
* @since 6.0.0
|
* @since 6.0.0
|
||||||
*/
|
*/
|
||||||
|
@ -170,6 +176,8 @@ interface IRequest {
|
||||||
/**
|
/**
|
||||||
* Shortcut for getting cookie variables
|
* Shortcut for getting cookie variables
|
||||||
*
|
*
|
||||||
|
* @psalm-taint-source input
|
||||||
|
*
|
||||||
* @param string $key the key that will be taken from the $_COOKIE array
|
* @param string $key the key that will be taken from the $_COOKIE array
|
||||||
* @return string|null the value in the $_COOKIE element
|
* @return string|null the value in the $_COOKIE element
|
||||||
* @since 6.0.0
|
* @since 6.0.0
|
||||||
|
@ -244,6 +252,8 @@ interface IRequest {
|
||||||
* Returns the request uri, even if the website uses one or more
|
* Returns the request uri, even if the website uses one or more
|
||||||
* reverse proxies
|
* reverse proxies
|
||||||
*
|
*
|
||||||
|
* @psalm-taint-source input
|
||||||
|
*
|
||||||
* @return string
|
* @return string
|
||||||
* @since 8.1.0
|
* @since 8.1.0
|
||||||
*/
|
*/
|
||||||
|
@ -252,6 +262,8 @@ interface IRequest {
|
||||||
/**
|
/**
|
||||||
* Get raw PathInfo from request (not urldecoded)
|
* Get raw PathInfo from request (not urldecoded)
|
||||||
*
|
*
|
||||||
|
* @psalm-taint-source input
|
||||||
|
*
|
||||||
* @throws \Exception
|
* @throws \Exception
|
||||||
* @return string Path info
|
* @return string Path info
|
||||||
* @since 8.1.0
|
* @since 8.1.0
|
||||||
|
@ -261,6 +273,8 @@ interface IRequest {
|
||||||
/**
|
/**
|
||||||
* Get PathInfo from request
|
* Get PathInfo from request
|
||||||
*
|
*
|
||||||
|
* @psalm-taint-source input
|
||||||
|
*
|
||||||
* @throws \Exception
|
* @throws \Exception
|
||||||
* @return string|false Path info or false when not found
|
* @return string|false Path info or false when not found
|
||||||
* @since 8.1.0
|
* @since 8.1.0
|
||||||
|
@ -289,6 +303,8 @@ interface IRequest {
|
||||||
* Returns the unverified server host from the headers without checking
|
* Returns the unverified server host from the headers without checking
|
||||||
* whether it is a trusted domain
|
* whether it is a trusted domain
|
||||||
*
|
*
|
||||||
|
* @psalm-taint-source input
|
||||||
|
*
|
||||||
* @return string Server host
|
* @return string Server host
|
||||||
* @since 8.1.0
|
* @since 8.1.0
|
||||||
*/
|
*/
|
||||||
|
|
Loading…
Reference in New Issue