In 1.35 we deprecated not passing the timeout and connectionTimeout settings
when constructing the MWHttpRequest object.
Upgrade hard-deprecation via wfDeprecated() to instead throw an InvalidArgumentException.
Change-Id: I260469c6235fa9022b264757b0a17d498cee1396
* Switch out raw Exceptions, mostly for InvalidArgumentExceptions.
* Fake exceptions triggered to give Monolog a backtrace are for
some reason "traditionally" RuntimeExceptions, instead, so we
continue to use that pattern in remaining locations.
* Just entirely give up on PostgresResultWrapper's resource vs. object mess.
* Drop now-unneeded false positive hits.
Change-Id: Id183ab60994cd9c6dc80401d4ce4de0ddf2b3da0
Introduce a new interface Wikimedia/Http/TelemetryHeadersInterface
that provides telemetry information that could be attached to
HTTP Requests. MultiHttpClient is expecting `telemetry` option
of TelemetryHeadersInterface type.
The MediaWiki/Http/Telemetry implements the interface, therefore
ObjectCache can inject it to RESTBagOStuff, that further injects
it to MultiHttpClient.
Bug: T344926
Change-Id: I59a3f1048c403fe2e4ef0c74353dfe74ff9ca893
This class is used heavily basically everywhere, moving it to Utils
wouldn't make much sense. Also with this change, we can move
StatusValue to MediaWiki\Status as well.
Bug: T321882
Depends-On: I5f89ecf27ce1471a74f31c6018806461781213c3
Change-Id: I04c1dcf5129df437589149f0f3e284974d7c98fa
Introduce a Telemetry singleton for propagating `tracestate` and
`traceheaders` during a MW web request. This class allows for easier
testing and mocking.
In the future we might use this as a wrapper for OpenTelemetry.
Bug: T320559
Change-Id: I3e5e54afa21f8c099877b3765c769f2d2f8f5d61
The motivation is to make the code less confusing. I hope this is the
case.
?? is an older PHP 7.0 feature.
??= was added in PHP 7.4, which we can finally use.
Change-Id: Id807affa52bd1151a74c064623b41d950a389560
Part 1, proof of concept. Hundreds of files left to go. These changes
brought to you in large part by vim macros.
Bug: T305805
Change-Id: I44789091e9f6394c800a11b29f22528c8dcacf71
Make phan stricter about array keys
Remaining false positive issues are suppressed.
The suppression and the setting change can only be done together
Bug: T304887
Depends-On: I3105a5fd4826f8667b5232834defc5ec93be32a1
Depends-On: Ie9610a6e83731468311edb3ed17f80fc509de385
Change-Id: I701f12ab94478c3b8e7fd82110ade74a8e6b04ef
Discussion on Ia16d8f86b1cb20 indicates that we want to go in the other
direction - MediaWiki shouldn't set X-Forwarded-Proto, rather the
reverse proxy (envoy in Wikimedia's case) should set it.
This follows-up cc241c2add.
Bug: T288848
Change-Id: Ifc5e9da9a02b45d9d1ad51c3e1389f9ac7325c86
$wgLocalHTTPProxy can be used to configure a reverse proxy
for requests to domains in $wgLocalVirtualHosts. The previous
implementation of using it as a proper HTTP proxy is no longer
supported and has been reverted out of REL1_37 (856da72363d1ba8bf).
It sets the hostname of the request as a "Host" header, scheme as
"X-Forwarded-Proto" and then sets the proxy's scheme, host and port as
those of the request.
Bug: T288848
Change-Id: Ibc3616f5ad925d464d937ab15461a88619c8b7a7
Currently requests to domains listed in $wgLocalVirtualHosts bypass
use of the standard $wgHttpProxy. With WMF's migration to Kubernetes, we
limit outgoing traffic in a much stricter manner, so even internal
requests will need to go over a proxy (e.g. Envoy).
If the domain passes MWHttpRequest::isLocalURL(), then $wgLocalHTTPProxy
will be used if set, otherwise no proxy will be used (current behavior).
Bug: T288848
Change-Id: Ifd0cbab02fa8f14a82ca34ebc7ad95b2be174434
For example, documenting the method getUser() with "get the User
object" does not add any information that's not already there.
But I have to read the text first to understand that it doesn't
document anything that's not already obvious from the code.
Some of this is from a time when we had a PHPCS sniff that was
complaining when a line like `@param User $user` doesn't end
with some descriptive text. Some users started adding text like
`@param User $user The User` back then. Let's please remove
this.
Change-Id: I0ea8d051bc732466c73940de9259f87ffb86ce7a
* Add HttpRequestFactory::createMultiClient(), which returns a
MultiHttpClient with configured defaults applied. This is similar to
the recently-deprecated Http::createMultiClient().
* Introduce $wgHTTPMaxTimeout and $wgHTTPMaxConnectTimeout which, if set
to a lower value than their defaults of infinity, will limit the
applied HTTP timeouts, whether configured or passed on a per-request
basis. This is based on the frequently correct assumption that ops know
more about timeouts than developers.
* In case developers believe, after becoming aware of this new situation,
that they actually do know more about timeouts than ops, it is possible
to override the configured maximum by passing similarly named options
to HttpRequestFactory::createMultiClient() and
HttpRequestFactory::create().
* Apply modern standards to HttpRequestFactory by injecting a logger and
all configuration parameters used by its backends.
* As in Http, the new createMultiClient() will use a MediaWiki/1.35
User-Agent and the 'http' channel for logging.
* Document that no proxy will be used for createMultiClient().
Proxy config is weird and was previously a good reason to use
MultiHttpClient over HttpRequestFactory.
* Deprecate direct construction of MWHttpRequest without a timeout
parameter
Bug: T245170
Change-Id: I8252f6c854b98059f4916d5460ea71cf4b580149
Scalar casts are still allowed (for now), because there's a huge amount
of false positives. Ditto for invalid array offsets.
Thoughts about the rest: luckily, many false positives with array offsets
have gone. Moreover, since *Internal issues are suppressed in the base
config, we can remove inline suppressions.
Unfortunately, there are a couple of new issues about array additions
with only false positives, because apparently they don't take
branches into account.
Change-Id: I5a3913c6e762f77bfdae55051a395fae95d1f841
This allows us to remove many suppressions for phan false positives.
Bug: T231636
Depends-On: I82a279e1f7b0fdefd3bb712e46c7d0665429d065
Change-Id: I5c251e9584a1ae9fb1577afcafb5001e0dcd41c7
All methods got moved to HttpRequestFactory or MWHttpRequest or dropped.
I made the return value of the new HttpRequestFactory::request/get/post
methods null on error instead of false, so that when we drop PHP 7
support, we can use a "?string" return value. This could theoretically
change behavior of code that was switched from the old Http methods, but
probably won't. I kept the old behavior for the deprecated methods.
I changed the default value of $wgHTTPProxy from false to ''. This way
it should be usable directly without a trivial wrapper method. For the
benefit of anyone who might have set it to false in LocalSettings.php, I
also recommend casting to string just in case.
Http::$httpEngine is deprecated. Eventually it will be removed along
with the curl and PHP engines, leaving only the Guzlle engine.
I also added deprecation of MWHttpRequest::factory, which occurred in
1.31, to the release notes for 1.34. Now hopefully we can hard-deprecate
it in another couple of versions.
Bug: T214390
Change-Id: I2a316a758d793857f248bd251b90f5e9a6440e3a
In order to be able to trace requests across the production environment,
we attach the X-Request-Id to outgoing requests.
Bug: T201409
Change-Id: Iadd6cbd51a78a1876a1a318783b51635717d054f
Provide backward compatibility for callback functions in
GuzzleHttpRequest, which was missing in T202110, and restore
GuzzleHttpRequest as the default provided by HttpRequestFactory.
Bug: T212175
Depends-On: I4b45e79d35252d13f714f3271b87301ca515121a
Change-Id: I60d1a034b44874f6d24a04058db264eeb565f5e1
Task T202110 included a change to recognize an HTTP status code
of 0 (zero) as an error, but it failed to set a status message,
resulting in an exception. Changed to set a status message of
'Error' so that required value is not empty.
Bug: T212005
Change-Id: I5fb78555bfcaeccdd726432f4dfc70924a385c41
Create a GuzzleHttpRequest class using the external Guzzle
(docs.guzzlephp.org) library. This will be the new default request type,
but CurlHttpRequest and PhpHttpRequest remain available and accessible
via Http::$httpEngine.
Bug: T202110
Change-Id: Ie720be2628d7baf427b002847f103fd86ee4cff3
Depends-On: I143a6410d111e75f01dbbfd43f300e2e60247451
If the curl extension is not available, fall back to the existing
HttpRequestFactory and associated classes. Also added related phpunit tests.
Bug: T139169
Change-Id: I2f9d4acbb491bce28d7105e124c5cee7e16e86d7
Prior to 3de744597e, it was possible to pass `null` for $options.
Restore that by setting the default type to be null, and explicitly
document that null is a supported value in the doc block.
Also update the signature of MWHttpRequestTester to match.
Change-Id: I74d586afa5527e0a30ea99f3989f4dd12fa9fea1
This will allow classes that need MWHttpRequest to inject HttpRequestFactory
and thus make it overridable and testable.
Also made MWHttpRequest abstract class since it doesn't implement
execute anyway. Maybe a good idea to move execute to an abstract
method?
Change-Id: I5c0e035542ff5f791a21a95ed13bed4cea6906d0
