Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork9.7k
[HttpFoundation] Add IpUtils::isPrivateIp#49726
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
GromNaN left a comment• edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Yes, providing a way to check if an IP address is public or private is a good idea and should be included in the framework. You would use the constant like this?
IpUtils::checkIp($ip, IpUtils::PRIVATE_SUBNETS);
I wonder if we shouldn't add a new public method instead: it would be more intuitive for users. This would allow for more logic in the future if needed and prevent potential confusion. Developers who are not familiar with network ranges may not understand the purpose of the constant or how it should be used, which could lead to security errors in their code.
Uh oh!
There was an error while loading.Please reload this page.
danielburger1337 commentedMar 18, 2023 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
Something along the lines of the following could be added: IpUtils::isPrivateIp(string$requestIp) If we can agree that the method should be added, I will add it to the PR. I don't know too much about network ranges but I should be able to reuse the tests from the |
GromNaN left a comment
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others.Learn more.
Thanks.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
Uh oh!
There was an error while loading.Please reload this page.
nicolas-grekas commentedMar 20, 2023
Thank you@danielburger1337. |
This PR was squashed before being merged into the 6.3 branch.Discussion----------Add IpUtils::isPrivateIp docsReferencessymfony/symfony#49726Commits-------990596e Add IpUtils::isPrivateIp docs
Uh oh!
There was an error while loading.Please reload this page.
This is only my second PR for this project, so I hope I followed all the guidelines correctly.
Recently I had more and more use cases where I had to make exceptions (mostly rate limiting) for private IP ranges.
Symfony currently does not provide an easy way to check if an IP is private or public but implements such logic internally (private constant) for theNoPrivateNetworkHttpClient.
This PR intents to make the private subnet list reusable by adding it toIpUtils.
In the original PR of the NoPrivateNetworkHttpClient it was also briefly mentioned that this constant may have value when made public.#35566 (comment)
I think symfony should and always should have exposed this constant.