3 * This program is free software; you can redistribute it and/or modify
4 * it under the terms of the GNU General Public License as published by
5 * the Free Software Foundation; either version 2 of the License, or
6 * (at your option) any later version.
8 * This program is distributed in the hope that it will be useful,
9 * but WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 * GNU General Public License for more details.
13 * You should have received a copy of the GNU General Public License along
14 * with this program; if not, write to the Free Software Foundation, Inc.,
15 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
16 * http://www.gnu.org/copyleft/gpl.html
22 * MWHttpRequest implemented using internal curl compiled into PHP
24 class CurlHttpRequest
extends MWHttpRequest
{
25 const SUPPORTS_FILE_POSTS
= true;
27 protected $curlOptions = [];
28 protected $headerText = "";
32 * @param string $content
35 protected function readHeader( $fh, $content ) {
36 $this->headerText
.= $content;
37 return strlen( $content );
41 * @see MWHttpRequest::execute
46 public function execute() {
49 if ( !$this->status
->isOK() ) {
50 return Status
::wrap( $this->status
); // TODO B/C; move this to callers
53 $this->curlOptions
[CURLOPT_PROXY
] = $this->proxy
;
54 $this->curlOptions
[CURLOPT_TIMEOUT
] = $this->timeout
;
55 $this->curlOptions
[CURLOPT_CONNECTTIMEOUT_MS
] = $this->connectTimeout
* 1000;
56 $this->curlOptions
[CURLOPT_HTTP_VERSION
] = CURL_HTTP_VERSION_1_0
;
57 $this->curlOptions
[CURLOPT_WRITEFUNCTION
] = $this->callback
;
58 $this->curlOptions
[CURLOPT_HEADERFUNCTION
] = [ $this, "readHeader" ];
59 $this->curlOptions
[CURLOPT_MAXREDIRS
] = $this->maxRedirects
;
60 $this->curlOptions
[CURLOPT_ENCODING
] = ""; # Enable compression
62 $this->curlOptions
[CURLOPT_USERAGENT
] = $this->reqHeaders
['User-Agent'];
64 $this->curlOptions
[CURLOPT_SSL_VERIFYHOST
] = $this->sslVerifyHost ?
2 : 0;
65 $this->curlOptions
[CURLOPT_SSL_VERIFYPEER
] = $this->sslVerifyCert
;
67 if ( $this->caInfo
) {
68 $this->curlOptions
[CURLOPT_CAINFO
] = $this->caInfo
;
71 if ( $this->headersOnly
) {
72 $this->curlOptions
[CURLOPT_NOBODY
] = true;
73 $this->curlOptions
[CURLOPT_HEADER
] = true;
74 } elseif ( $this->method
== 'POST' ) {
75 $this->curlOptions
[CURLOPT_POST
] = true;
76 $postData = $this->postData
;
77 // Don't interpret POST parameters starting with '@' as file uploads, because this
78 // makes it impossible to POST plain values starting with '@' (and causes security
79 // issues potentially exposing the contents of local files).
80 $this->curlOptions
[CURLOPT_SAFE_UPLOAD
] = true;
81 $this->curlOptions
[CURLOPT_POSTFIELDS
] = $postData;
83 // Suppress 'Expect: 100-continue' header, as some servers
84 // will reject it with a 417 and Curl won't auto retry
85 // with HTTP 1.0 fallback
86 $this->reqHeaders
['Expect'] = '';
88 $this->curlOptions
[CURLOPT_CUSTOMREQUEST
] = $this->method
;
91 $this->curlOptions
[CURLOPT_HTTPHEADER
] = $this->getHeaderList();
93 $curlHandle = curl_init( $this->url
);
95 if ( !curl_setopt_array( $curlHandle, $this->curlOptions
) ) {
96 $this->status
->fatal( 'http-internal-error' );
97 throw new InvalidArgumentException( "Error setting curl options." );
100 if ( $this->followRedirects
&& $this->canFollowRedirects() ) {
101 Wikimedia\
suppressWarnings();
102 if ( !curl_setopt( $curlHandle, CURLOPT_FOLLOWLOCATION
, true ) ) {
103 $this->logger
->debug( __METHOD__
. ": Couldn't set CURLOPT_FOLLOWLOCATION. " .
104 "Probably open_basedir is set.\n" );
105 // Continue the processing. If it were in curl_setopt_array,
106 // processing would have halted on its entry
108 Wikimedia\restoreWarnings
();
111 if ( $this->profiler
) {
112 $profileSection = $this->profiler
->scopedProfileIn(
113 __METHOD__
. '-' . $this->profileName
117 $curlRes = curl_exec( $curlHandle );
118 if ( curl_errno( $curlHandle ) == CURLE_OPERATION_TIMEOUTED
) {
119 $this->status
->fatal( 'http-timed-out', $this->url
);
120 } elseif ( $curlRes === false ) {
121 $this->status
->fatal( 'http-curl-error', curl_error( $curlHandle ) );
123 $this->headerList
= explode( "\r\n", $this->headerText
);
126 curl_close( $curlHandle );
128 if ( $this->profiler
) {
129 $this->profiler
->scopedProfileOut( $profileSection );
132 $this->parseHeader();
135 return Status
::wrap( $this->status
); // TODO B/C; move this to callers
141 public function canFollowRedirects() {
142 $curlVersionInfo = curl_version();
143 if ( $curlVersionInfo['version_number'] < 0x071304 ) {
144 $this->logger
->debug( "Cannot follow redirects with libcurl < 7.19.4 due to CVE-2009-0037\n" );