The motivation is to make the code less confusing. I hope this is the
case.
?? is an older PHP 7.0 feature.
??= was added in PHP 7.4, which we can finally use.
Change-Id: Id807affa52bd1151a74c064623b41d950a389560
Part 1, proof of concept. Hundreds of files left to go. These changes
brought to you in large part by vim macros.
Bug: T305805
Change-Id: I44789091e9f6394c800a11b29f22528c8dcacf71
Make phan stricter about array keys
Remaining false positive issues are suppressed.
The suppression and the setting change can only be done together
Bug: T304887
Depends-On: I3105a5fd4826f8667b5232834defc5ec93be32a1
Depends-On: Ie9610a6e83731468311edb3ed17f80fc509de385
Change-Id: I701f12ab94478c3b8e7fd82110ade74a8e6b04ef
Discussion on Ia16d8f86b1cb20 indicates that we want to go in the other
direction - MediaWiki shouldn't set X-Forwarded-Proto, rather the
reverse proxy (envoy in Wikimedia's case) should set it.
This follows-up cc241c2add.
Bug: T288848
Change-Id: Ifc5e9da9a02b45d9d1ad51c3e1389f9ac7325c86
$wgLocalHTTPProxy can be used to configure a reverse proxy
for requests to domains in $wgLocalVirtualHosts. The previous
implementation of using it as a proper HTTP proxy is no longer
supported and has been reverted out of REL1_37 (856da72363d1ba8bf).
It sets the hostname of the request as a "Host" header, scheme as
"X-Forwarded-Proto" and then sets the proxy's scheme, host and port as
those of the request.
Bug: T288848
Change-Id: Ibc3616f5ad925d464d937ab15461a88619c8b7a7
Currently requests to domains listed in $wgLocalVirtualHosts bypass
use of the standard $wgHttpProxy. With WMF's migration to Kubernetes, we
limit outgoing traffic in a much stricter manner, so even internal
requests will need to go over a proxy (e.g. Envoy).
If the domain passes MWHttpRequest::isLocalURL(), then $wgLocalHTTPProxy
will be used if set, otherwise no proxy will be used (current behavior).
Bug: T288848
Change-Id: Ifd0cbab02fa8f14a82ca34ebc7ad95b2be174434
For example, documenting the method getUser() with "get the User
object" does not add any information that's not already there.
But I have to read the text first to understand that it doesn't
document anything that's not already obvious from the code.
Some of this is from a time when we had a PHPCS sniff that was
complaining when a line like `@param User $user` doesn't end
with some descriptive text. Some users started adding text like
`@param User $user The User` back then. Let's please remove
this.
Change-Id: I0ea8d051bc732466c73940de9259f87ffb86ce7a
* Add HttpRequestFactory::createMultiClient(), which returns a
MultiHttpClient with configured defaults applied. This is similar to
the recently-deprecated Http::createMultiClient().
* Introduce $wgHTTPMaxTimeout and $wgHTTPMaxConnectTimeout which, if set
to a lower value than their defaults of infinity, will limit the
applied HTTP timeouts, whether configured or passed on a per-request
basis. This is based on the frequently correct assumption that ops know
more about timeouts than developers.
* In case developers believe, after becoming aware of this new situation,
that they actually do know more about timeouts than ops, it is possible
to override the configured maximum by passing similarly named options
to HttpRequestFactory::createMultiClient() and
HttpRequestFactory::create().
* Apply modern standards to HttpRequestFactory by injecting a logger and
all configuration parameters used by its backends.
* As in Http, the new createMultiClient() will use a MediaWiki/1.35
User-Agent and the 'http' channel for logging.
* Document that no proxy will be used for createMultiClient().
Proxy config is weird and was previously a good reason to use
MultiHttpClient over HttpRequestFactory.
* Deprecate direct construction of MWHttpRequest without a timeout
parameter
Bug: T245170
Change-Id: I8252f6c854b98059f4916d5460ea71cf4b580149
Scalar casts are still allowed (for now), because there's a huge amount
of false positives. Ditto for invalid array offsets.
Thoughts about the rest: luckily, many false positives with array offsets
have gone. Moreover, since *Internal issues are suppressed in the base
config, we can remove inline suppressions.
Unfortunately, there are a couple of new issues about array additions
with only false positives, because apparently they don't take
branches into account.
Change-Id: I5a3913c6e762f77bfdae55051a395fae95d1f841
This allows us to remove many suppressions for phan false positives.
Bug: T231636
Depends-On: I82a279e1f7b0fdefd3bb712e46c7d0665429d065
Change-Id: I5c251e9584a1ae9fb1577afcafb5001e0dcd41c7
All methods got moved to HttpRequestFactory or MWHttpRequest or dropped.
I made the return value of the new HttpRequestFactory::request/get/post
methods null on error instead of false, so that when we drop PHP 7
support, we can use a "?string" return value. This could theoretically
change behavior of code that was switched from the old Http methods, but
probably won't. I kept the old behavior for the deprecated methods.
I changed the default value of $wgHTTPProxy from false to ''. This way
it should be usable directly without a trivial wrapper method. For the
benefit of anyone who might have set it to false in LocalSettings.php, I
also recommend casting to string just in case.
Http::$httpEngine is deprecated. Eventually it will be removed along
with the curl and PHP engines, leaving only the Guzlle engine.
I also added deprecation of MWHttpRequest::factory, which occurred in
1.31, to the release notes for 1.34. Now hopefully we can hard-deprecate
it in another couple of versions.
Bug: T214390
Change-Id: I2a316a758d793857f248bd251b90f5e9a6440e3a
In order to be able to trace requests across the production environment,
we attach the X-Request-Id to outgoing requests.
Bug: T201409
Change-Id: Iadd6cbd51a78a1876a1a318783b51635717d054f
Provide backward compatibility for callback functions in
GuzzleHttpRequest, which was missing in T202110, and restore
GuzzleHttpRequest as the default provided by HttpRequestFactory.
Bug: T212175
Depends-On: I4b45e79d35252d13f714f3271b87301ca515121a
Change-Id: I60d1a034b44874f6d24a04058db264eeb565f5e1
Task T202110 included a change to recognize an HTTP status code
of 0 (zero) as an error, but it failed to set a status message,
resulting in an exception. Changed to set a status message of
'Error' so that required value is not empty.
Bug: T212005
Change-Id: I5fb78555bfcaeccdd726432f4dfc70924a385c41
Create a GuzzleHttpRequest class using the external Guzzle
(docs.guzzlephp.org) library. This will be the new default request type,
but CurlHttpRequest and PhpHttpRequest remain available and accessible
via Http::$httpEngine.
Bug: T202110
Change-Id: Ie720be2628d7baf427b002847f103fd86ee4cff3
Depends-On: I143a6410d111e75f01dbbfd43f300e2e60247451
If the curl extension is not available, fall back to the existing
HttpRequestFactory and associated classes. Also added related phpunit tests.
Bug: T139169
Change-Id: I2f9d4acbb491bce28d7105e124c5cee7e16e86d7
Prior to 3de744597e, it was possible to pass `null` for $options.
Restore that by setting the default type to be null, and explicitly
document that null is a supported value in the doc block.
Also update the signature of MWHttpRequestTester to match.
Change-Id: I74d586afa5527e0a30ea99f3989f4dd12fa9fea1
This will allow classes that need MWHttpRequest to inject HttpRequestFactory
and thus make it overridable and testable.
Also made MWHttpRequest abstract class since it doesn't implement
execute anyway. Maybe a good idea to move execute to an abstract
method?
Change-Id: I5c0e035542ff5f791a21a95ed13bed4cea6906d0
* Complete coverage for Http::getProxy().
* Remove bogus @covers tag on data provider, and add the
relevant MWHttpRequest::getFinalUrl to the test instead.
* Convert test to use dataProvider and add missing test cases
to increase getFinalUrl() test coverage to 100%.
* Minor clean up in getFinalUrl to consistently use early-return
for all cases, not just for relative 'domain' and 'isset-host'
cases. Without this coverage actually couldn't reach 100% due
to the remainder of the empty else branch never being reached
(CRAP: "Redundant 'else' after 'return'")
Change-Id: I775d95965dc23a1e6c4c62ed84f9da64b6c72135
It's unreasonable to expect newbies to know that "bug 12345" means "Task T14345"
except where it doesn't, so let's just standardise on the real numbers.
Change-Id: I6f59febaf8fc96e80f8cfc11f4356283f461142a
Adds two new options (username and password) to the
MWHttpRequest (and HTTP helper class) to enable
support for HTTP Basic Authentication on outgoing HTTP
connections.
Change-Id: If83f025bbe63769ba7bb4a824c5f12d5f1ec640a
* added integration tests. We probably don't want automated tests
to make external requests but these make manual testing more
convenient. Documented some oddities discovered by testing.
* made ::$status, ::proxySetup() and ::getHeaderList()
protected; they were not referenced in any gerrit-hosted extension
and they provide no useful functionality to external callers.
Similarly, marked ::read() and ::errorHandler() as internal
(these are used as callbacks so can't be protected)
* removed inheritance abuse in ::execute()
* documented ::execute() as returning a StatusValue (but
keep returning a Status for now)
* changed setCookie argument defaults to ones that make sense
* replaced MWException
* moved unit tests to the correct location
* fixed some code style issues
Change-Id: I5852fc75badc5d475ae30ec2c9376bde7024bd95
It looks like there is something missing after the last statement
Also remove some other empty lines at begin of functions, ifs or loops
while at these files
Change-Id: Ib00b5cfd31ca4dcd0c32ce33754d3c80bae70641
