aboutsummaryrefslogtreecommitdiffhomepage
path: root/tests/HttpUtils
Commit message (Collapse)AuthorAgeFilesLines
* lint: apply phpcbf to tests/VirtualTam2018-12-021-1/+2
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Refactor client session hijacking protectionVirtualTam2018-05-291-0/+52
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Force HTTPS if the original port is 443 behind a reverse proxyArthurHoaro2017-12-021-0/+32
| | | | Fixes #1022
* Make work behind a reverse proxyArthurHoaro2017-09-021-0/+36
| | | | Without HTTP_X_FORWARDED_PORT check, might be set to false even though the user is using HTTPS, thus disabling Firefox Social block display
* Add tests to cover new server_url behaviorStephen Muth2017-07-121-0/+28
|
* Hide default port in local URL behind a reverse proxyArthurHoaro2017-01-031-0/+13
|
* Add trusted IPs in config and try to ban forwarded IP on failed loginArthurHoaro2016-08-031-0/+58
| | | | | | | | * Add a new settings (which needs to be manually set): `security.trusted_proxies` * On login failure, if the `REMOTE_ADDR` is in the trusted proxies, try to retrieve the forwarded IP in headers. * If found, the client address is added in ipbans, else we do nothing. Fixes #409
* Fixes #531 - Title retrieving is failing with multiple use caseArthurHoaro2016-05-031-0/+27
| | | | see https://github.com/shaarli/Shaarli/issues/531 for details
* Fixes #477: support multi reverse proxy with comma syntaxArthurHoaro2016-02-281-0/+13
| | | | Going through multiple reverse proxy will store multiple scheme and port in HTTP header separated by a comma. Shaarli will use the first one to generate server_url.
* Fixes #410 - Retrieve title fails in multiple casesArthurHoaro2016-01-111-13/+13
| | | | | | | | | * `get_http_url()` renamed to `get_http_response()`. * Use the same HTTP context to retrieve response headers and content. * Follow HTTP 301 and 302 redirections to retrieve the title (default max 3 redirections). * Add `LinkUtils` to extract titles and charset. * Try to retrieve charset from HTTP headers first (new), then HTML content. * Use mb_string to re-encode title if necessary.
* HTTP: move server URL functions to `HttpUtils.php`VirtualTam2015-09-144-0/+321
Relates to #333 Modifications: - refactor server URL utility functions - do not access global `$_SERVER` variables - add test coverage - improve readability - apply coding conventions Signed-off-by: VirtualTam <virtualtam@flibidi.net>