OriginCheck::verifyOrigin() - Code Metrics - Inspection of "Add support for Laravel 5.8 (#122)" - beyondcode/laravel-websockets - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( edcf20...3ec6c0 )

by Marcel

created 2019-02-27 14:27 UTC

OriginCheck::verifyOrigin() A

↳ Parent: OriginCheck

Complexity

Conditions	4
Paths	4

Size

Total Lines

Duplication

Lines	0
Ratio	0 %

Importance

Changes

Metric	Value
dl	0
loc	9
rs	9.9666
c	0
b	0
f	0
cc	4
nc	4
nop	2

<?php

namespace BeyondCode\LaravelWebSockets\Server;

use Ratchet\ConnectionInterface;
use Ratchet\Http\CloseResponseTrait;
use Ratchet\Http\HttpServerInterface;
use Psr\Http\Message\RequestInterface;
use Ratchet\MessageComponentInterface;

class OriginCheck implements HttpServerInterface
{
    use CloseResponseTrait;

    /** @var \Ratchet\MessageComponentInterface */
    protected $_component;

    protected $allowedOrigins = [];

    public function __construct(MessageComponentInterface $component, array $allowedOrigins = [])
    {
        $this->_component = $component;

        $this->allowedOrigins = $allowedOrigins;
    }

    public function onOpen(ConnectionInterface $connection, RequestInterface $request = null)
    {
        if ($request->hasHeader('Origin')) {
function someFunction(A $objectMaybe = null)
{
    if ($objectMaybe instanceof A) {
        $objectMaybe->doSomething();
    }
}
            $this->verifyOrigin($connection, $request);
function notNullable(stdClass $x) { }

// Unsafe
function withoutCheck(stdClass $x = null) {
    notNullable($x);
}

// Safe - Alternative 1: Adding Additional Type-Check
function withCheck(stdClass $x = null) {
    if ($x instanceof stdClass) {
        notNullable($x);
    }
}

// Safe - Alternative 2: Changing Parameter
function withNonNullableParam(stdClass $x) {
    notNullable($x);
}
        }

        return $this->_component->onOpen($connection, $request);

    }

    public function onMessage(ConnectionInterface $from, $msg)
    {
        return $this->_component->onMessage($from, $msg);
    }

    public function onClose(ConnectionInterface $connection)
    {
        return $this->_component->onClose($connection);
    }

    public function onError(ConnectionInterface $connection, \Exception $e)
    {
        return $this->_component->onError($connection, $e);
    }

    protected function verifyOrigin(ConnectionInterface $connection, RequestInterface $request)
    {
        $header = (string) $request->getHeader('Origin')[0];
        $origin = parse_url($header, PHP_URL_HOST) ?: $header;

        if (! empty($this->allowedOrigins) && ! in_array($origin, $this->allowedOrigins)) {
            return $this->close($connection, 403);
        }
    }
}


1			<?php
2
3			namespace BeyondCode\LaravelWebSockets\Server;
4
5			use Ratchet\ConnectionInterface;
6			use Ratchet\Http\CloseResponseTrait;
7			use Ratchet\Http\HttpServerInterface;
8			use Psr\Http\Message\RequestInterface;
9			use Ratchet\MessageComponentInterface;
10
11			class OriginCheck implements HttpServerInterface
12			{
13			use CloseResponseTrait;
14
15			/** @var \Ratchet\MessageComponentInterface */
16			protected $_component;
17
18			protected $allowedOrigins = [];
19
20			public function __construct(MessageComponentInterface $component, array $allowedOrigins = [])
21			{
22			$this->_component = $component;
23
24			$this->allowedOrigins = $allowedOrigins;
25			}
26
27			public function onOpen(ConnectionInterface $connection, RequestInterface $request = null)
28			{
29			if ($request->hasHeader('Origin')) {
			0 ignored issues – show Bug introduced 2018-12-04 21:28 UTC by Report Bug Copy Issue Report It seems like `$request` is not always an object, but can also be of type `null`. Maybe add an additional type check? If a variable is not always an object, we recommend to add an additional type check to ensure your method call is safe: function someFunction(A $objectMaybe = null) { if ($objectMaybe instanceof A) { $objectMaybe->doSomething(); } } Loading history...
30			$this->verifyOrigin($connection, $request);
			0 ignored issues – show Bug introduced 2018-12-04 21:28 UTC by Report Bug Copy Issue Report It seems like `$request` defined by parameter `$request` on line `27` can be `null`; however, `BeyondCode\LaravelWebSoc...inCheck::verifyOrigin()` does not accept `null`, maybe add an additional type check? It seems like you allow that null is being passed for a parameter, however the function which is called does not seem to accept null. We recommend to add an additional type check (or disallow null for the parameter): function notNullable(stdClass $x) { } // Unsafe function withoutCheck(stdClass $x = null) { notNullable($x); } // Safe - Alternative 1: Adding Additional Type-Check function withCheck(stdClass $x = null) { if ($x instanceof stdClass) { notNullable($x); } } // Safe - Alternative 2: Changing Parameter function withNonNullableParam(stdClass $x) { notNullable($x); } Loading history...
31			}
32
33			return $this->_component->onOpen($connection, $request);
			0 ignored issues – show Unused Code introduced 2018-12-04 21:28 UTC by Report Bug Copy Issue Report The call to `MessageComponentInterface::onOpen()` has too many arguments starting with `$request`. This check compares calls to functions or methods with their respective definitions. If the call has more arguments than are defined, it raises an issue. If a function is defined several times with a different number of parameters, the check may pick up the wrong definition and report false positives. One codebase where this has been known to happen is Wordpress. In this case you can add the `@ignore` PhpDoc annotation to the duplicate definition and it will be ignored. Loading history...
34			}
35
36			public function onMessage(ConnectionInterface $from, $msg)
37			{
38			return $this->_component->onMessage($from, $msg);
39			}
40
41			public function onClose(ConnectionInterface $connection)
42			{
43			return $this->_component->onClose($connection);
44			}
45
46			public function onError(ConnectionInterface $connection, \Exception $e)
47			{
48			return $this->_component->onError($connection, $e);
49			}
50
51			protected function verifyOrigin(ConnectionInterface $connection, RequestInterface $request)
52			{
53			$header = (string) $request->getHeader('Origin')[0];
54			$origin = parse_url($header, PHP_URL_HOST) ?: $header;
55
56			if (! empty($this->allowedOrigins) && ! in_array($origin, $this->allowedOrigins)) {
57			return $this->close($connection, 403);
58			}
59			}
60			}
61

beyondcode / laravel-websockets

Push — master ( edcf20...3ec6c0 )

OriginCheck::verifyOrigin() A

Complexity

Size

Duplication

Importance

Duplication Side-by-Side

Filter issues like