Issues (89)

Security Analysis    not enabled

This project does not seem to handle request data directly as such no vulnerable execution paths were found.

  Cross-Site Scripting
Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.
  File Exposure
File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.
  File Manipulation
File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.
  Object Injection
Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.
  Code Injection
Code Injection enables an attacker to execute arbitrary code on the server.
  Response Splitting
Response Splitting can be used to send arbitrary responses.
  File Inclusion
File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.
  Command Injection
Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.
  SQL Injection
SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.
  XPath Injection
XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.
  LDAP Injection
LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.
  Header Injection
  Other Vulnerability
This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.
  Regex Injection
Regex Injection enables an attacker to execute arbitrary code in your PHP process.
  XML Injection
XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.
  Variable Injection
Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.
Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

src/HttpAdapterTrait.php (7 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
3
/*
4
 * This file is part of the Ivory Http Adapter package.
5
 *
6
 * (c) Eric GELOEN <[email protected]>
7
 *
8
 * For the full copyright and license information, please read the LICENSE
9
 * file that was distributed with this source code.
10
 */
11
12
namespace Ivory\HttpAdapter;
13
14
use Ivory\HttpAdapter\Message\InternalRequestInterface;
15
use Psr\Http\Message\RequestInterface;
16
use Psr\Http\Message\ResponseInterface;
17
18
/**
19
 * @author GeLo <[email protected]>
20
 */
21
trait HttpAdapterTrait
22
{
23
    /**
24
     * @param string|object $uri
25
     * @param array         $headers
26
     *
27
     * @throws HttpAdapterException
28
     *
29
     * @return ResponseInterface
30
     */
31 375
    public function get($uri, array $headers = [])
32
    {
33 375
        return $this->send($uri, InternalRequestInterface::METHOD_GET, $headers);
34
    }
35
36
    /**
37
     * @param string|object $uri
38
     * @param array         $headers
39
     *
40
     * @throws HttpAdapterException
41
     *
42
     * @return ResponseInterface
43
     */
44 366
    public function head($uri, array $headers = [])
45
    {
46 366
        return $this->send($uri, InternalRequestInterface::METHOD_HEAD, $headers);
47
    }
48
49
    /**
50
     * @param string|object $uri
51
     * @param array         $headers
52
     *
53
     * @throws HttpAdapterException
54
     *
55
     * @return ResponseInterface
56
     */
57 2905
    public function trace($uri, array $headers = [])
58
    {
59 982
        return $this->send($uri, InternalRequestInterface::METHOD_TRACE, $headers);
60 2821
    }
61
62
    /**
63
     * @param string|object $uri
64
     * @param array         $headers
65
     * @param array|string  $datas
66
     * @param array         $files
67
     *
68
     * @throws HttpAdapterException
69
     *
70
     * @return ResponseInterface
71
     */
72 915
    public function post($uri, array $headers = [], $datas = [], array $files = [])
73
    {
74 915
        return $this->send($uri, InternalRequestInterface::METHOD_POST, $headers, $datas, $files);
75
    }
76
77
    /**
78
     * @param string|object $uri
79
     * @param array         $headers
80
     * @param array|string  $datas
81
     * @param array         $files
82
     *
83
     * @throws HttpAdapterException
84
     *
85
     * @return ResponseInterface
86
     */
87 732
    public function put($uri, array $headers = [], $datas = [], array $files = [])
88
    {
89 732
        return $this->send($uri, InternalRequestInterface::METHOD_PUT, $headers, $datas, $files);
90
    }
91
92
    /**
93
     * @param string|object $uri
94
     * @param array         $headers
95
     * @param array|string  $datas
96
     * @param array         $files
97
     *
98
     * @throws HttpAdapterException
99
     *
100
     * @return ResponseInterface
101
     */
102 732
    public function patch($uri, array $headers = [], $datas = [], array $files = [])
103
    {
104 732
        return $this->send($uri, InternalRequestInterface::METHOD_PATCH, $headers, $datas, $files);
105
    }
106
107
    /**
108
     * @param string|object $uri
109
     * @param array         $headers
110
     * @param array|string  $datas
111
     * @param array         $files
112
     *
113
     * @throws HttpAdapterException
114
     *
115
     * @return ResponseInterface
116
     */
117 732
    public function delete($uri, array $headers = [], $datas = [], array $files = [])
118
    {
119 732
        return $this->send($uri, InternalRequestInterface::METHOD_DELETE, $headers, $datas, $files);
120
    }
121
122
    /**
123
     * @param string|object $uri
124
     * @param array         $headers
125
     * @param array|string  $datas
126
     * @param array         $files
127
     *
128
     * @throws HttpAdapterException
129
     *
130
     * @return ResponseInterface
131
     */
132 732
    public function options($uri, array $headers = [], $datas = [], array $files = [])
133
    {
134 732
        return $this->send($uri, InternalRequestInterface::METHOD_OPTIONS, $headers, $datas, $files);
135
    }
136
137
    /**
138
     * @param string|object $uri
139
     * @param string        $method
140
     * @param array         $headers
141
     * @param array|string  $datas
142
     * @param array         $files
143
     *
144
     * @throws HttpAdapterException
145
     *
146
     * @return ResponseInterface
147
     */
148 10239
    public function send($uri, $method, array $headers = [], $datas = [], array $files = [])
149
    {
150 10239
        return $this->sendRequest($this->getConfiguration()->getMessageFactory()->createInternalRequest(
0 ignored issues
show
It seems like getConfiguration() must be provided by classes using this trait. How about adding it as abstract method to this trait?

This check looks for methods that are used by a trait but not required by it.

To illustrate, let’s look at the following code example

trait Idable {
    public function equalIds(Idable $other) {
        return $this->getId() === $other->getId();
    }
}

The trait Idable provides a method equalsId that in turn relies on the method getId(). If this method does not exist on a class mixing in this trait, the method will fail.

Adding the getId() as an abstract method to the trait will make sure it is available.

Loading history...
151 7889
            $uri,
152 7889
            $method,
153 10239
            $this->getConfiguration()->getProtocolVersion(),
0 ignored issues
show
It seems like getConfiguration() must be provided by classes using this trait. How about adding it as abstract method to this trait?

This check looks for methods that are used by a trait but not required by it.

To illustrate, let’s look at the following code example

trait Idable {
    public function equalIds(Idable $other) {
        return $this->getId() === $other->getId();
    }
}

The trait Idable provides a method equalsId that in turn relies on the method getId(). If this method does not exist on a class mixing in this trait, the method will fail.

Adding the getId() as an abstract method to the trait will make sure it is available.

Loading history...
154 7889
            $headers,
155 7889
            $datas,
156
            $files
157 7889
        ));
158
    }
159
160
    /**
161
     * @param RequestInterface $request
162
     *
163
     * @throws HttpAdapterException
164
     *
165
     * @return ResponseInterface
166
     */
167 15114
    public function sendRequest(RequestInterface $request)
168
    {
169 15114
        if ($request instanceof InternalRequestInterface) {
170 15114
            return $this->sendInternalRequest($request);
171
        }
172
173 3843
        $protocolVersion = $this->getConfiguration()->getProtocolVersion();
0 ignored issues
show
It seems like getConfiguration() must be provided by classes using this trait. How about adding it as abstract method to this trait?

This check looks for methods that are used by a trait but not required by it.

To illustrate, let’s look at the following code example

trait Idable {
    public function equalIds(Idable $other) {
        return $this->getId() === $other->getId();
    }
}

The trait Idable provides a method equalsId that in turn relies on the method getId(). If this method does not exist on a class mixing in this trait, the method will fail.

Adding the getId() as an abstract method to the trait will make sure it is available.

Loading history...
174 3843
        $this->getConfiguration()->setProtocolVersion($request->getProtocolVersion());
0 ignored issues
show
It seems like getConfiguration() must be provided by classes using this trait. How about adding it as abstract method to this trait?

This check looks for methods that are used by a trait but not required by it.

To illustrate, let’s look at the following code example

trait Idable {
    public function equalIds(Idable $other) {
        return $this->getId() === $other->getId();
    }
}

The trait Idable provides a method equalsId that in turn relies on the method getId(). If this method does not exist on a class mixing in this trait, the method will fail.

Adding the getId() as an abstract method to the trait will make sure it is available.

Loading history...
175
176 3843
        $response = $this->send(
177 3843
            $request->getUri(),
178 3843
            $request->getMethod(),
179 3843
            $request->getHeaders(),
180 3843
            $request->getBody()
181 2961
        );
182
183 3843
        $this->getConfiguration()->setProtocolVersion($protocolVersion);
0 ignored issues
show
It seems like getConfiguration() must be provided by classes using this trait. How about adding it as abstract method to this trait?

This check looks for methods that are used by a trait but not required by it.

To illustrate, let’s look at the following code example

trait Idable {
    public function equalIds(Idable $other) {
        return $this->getId() === $other->getId();
    }
}

The trait Idable provides a method equalsId that in turn relies on the method getId(). If this method does not exist on a class mixing in this trait, the method will fail.

Adding the getId() as an abstract method to the trait will make sure it is available.

Loading history...
184
185 3843
        return $response;
186
    }
187
188
    /**
189
     * @param array $requests
190
     *
191
     * @throws MultiHttpAdapterException
192
     *
193
     * @return array
194
     */
195 456
    public function sendRequests(array $requests)
196
    {
197 456
        $responses = $exceptions = [];
198
199 456
        foreach ($requests as $index => &$request) {
200 456
            if (is_string($request)) {
201 366
                $request = [$request];
202 282
            }
203
204 456
            if (is_array($request)) {
205 366
                $request = call_user_func_array(
206 366
                    [$this->getConfiguration()->getMessageFactory(), 'createInternalRequest'],
0 ignored issues
show
It seems like getConfiguration() must be provided by classes using this trait. How about adding it as abstract method to this trait?

This check looks for methods that are used by a trait but not required by it.

To illustrate, let’s look at the following code example

trait Idable {
    public function equalIds(Idable $other) {
        return $this->getId() === $other->getId();
    }
}

The trait Idable provides a method equalsId that in turn relies on the method getId(). If this method does not exist on a class mixing in this trait, the method will fail.

Adding the getId() as an abstract method to the trait will make sure it is available.

Loading history...
207
                    $request
208 282
                );
209 282
            }
210
211 456
            if (!$request instanceof RequestInterface) {
212 9
                $exceptions[] = HttpAdapterException::requestIsNotValid($request);
213 9
                unset($requests[$index]);
214 454
            } elseif (!$request instanceof InternalRequestInterface) {
215 366
                $request = $this->getConfiguration()->getMessageFactory()->createInternalRequest(
0 ignored issues
show
It seems like getConfiguration() must be provided by classes using this trait. How about adding it as abstract method to this trait?

This check looks for methods that are used by a trait but not required by it.

To illustrate, let’s look at the following code example

trait Idable {
    public function equalIds(Idable $other) {
        return $this->getId() === $other->getId();
    }
}

The trait Idable provides a method equalsId that in turn relies on the method getId(). If this method does not exist on a class mixing in this trait, the method will fail.

Adding the getId() as an abstract method to the trait will make sure it is available.

Loading history...
216 366
                    $request->getUri(),
217 366
                    $request->getMethod(),
218 366
                    $request->getProtocolVersion(),
219 366
                    $request->getHeaders(),
220 386
                    $request->getBody()
221 282
                );
222 282
            }
223 352
        }
224
225
        $success = function (ResponseInterface $response) use (&$responses) {
226 429
            $responses[] = $response;
227 456
        };
228
229 456
        $error = function (HttpAdapterException $exception) use (&$exceptions) {
230 210
            $exceptions[] = $exception;
231 456
        };
232
233 456
        $this->sendInternalRequests($requests, $success, $error);
234
235 447
        if (!empty($exceptions)) {
236 219
            throw new MultiHttpAdapterException($exceptions, $responses);
237
        }
238
239 228
        return $responses;
240
    }
241
242
    /**
243
     * @param InternalRequestInterface $internalRequest
244
     *
245
     * @throws HttpAdapterException
246
     *
247
     * @return ResponseInterface
248
     */
249
    abstract protected function sendInternalRequest(InternalRequestInterface $internalRequest);
250
251
    /**
252
     * @param array    $internalRequests
253
     * @param callable $success
254
     * @param callable $error
255
     *
256
     * @throws MultiHttpAdapterException
257
     *
258
     * @return array
259
     */
260 301
    protected function sendInternalRequests(array $internalRequests, $success, $error)
261
    {
262 301
        foreach ($internalRequests as $internalRequest) {
263
            try {
264 292
                $response = $this->sendInternalRequest($internalRequest);
265 292
                $response = $response->withParameter('request', $internalRequest);
266 292
                call_user_func($success, $response);
267 260
            } catch (HttpAdapterException $e) {
268 146
                $e->setRequest($internalRequest);
269 146
                $e->setResponse(isset($response) ? $response : null);
270 178
                call_user_func($error, $e);
271
            }
272 235
        }
273 301
    }
274
}
275