Add HSTS support #301
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| <?php | ||
|
|
||
| namespace Amp\Http\Client\Interceptor\Hsts; | ||
|
|
||
| class CombinationHstsJar implements HstsJar | ||
| { | ||
| /** | ||
| * @var ReadableHstsJar[] | ||
| */ | ||
| private readonly array $jars; | ||
|
|
||
| public function __construct(ReadableHstsJar ...$jars) | ||
| { | ||
| $this->jars = $jars; | ||
| } | ||
|
|
||
| public function test(string $host): bool | ||
| { | ||
| foreach ($this->jars as $jar) { | ||
| if ($jar->test($host)) { | ||
| return true; | ||
| } | ||
| } | ||
| return false; | ||
| } | ||
|
|
||
| /** | ||
| * Registers into first HSTS jar that is not read-only. | ||
| */ | ||
| public function register(string $host, bool $includeSubDomains = false): void | ||
| { | ||
| foreach ($this->jars as $jar) { | ||
| if ($jar instanceof HstsJar) { | ||
| $jar->register($host, $includeSubDomains); | ||
| return; | ||
| } | ||
| } | ||
| } | ||
|
|
||
| /** | ||
| * Unregisters from all HSTS jars. | ||
| */ | ||
| public function unregister(string $host): void | ||
| { | ||
| foreach ($this->jars as $jar) { | ||
| if ($jar instanceof HstsJar) { | ||
| $jar->unregister($host); | ||
| return; | ||
| } | ||
| } | ||
| } | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,18 @@ | ||
| <?php | ||
|
|
||
| namespace Amp\Http\Client\Interceptor\Hsts; | ||
|
|
||
| final class GooglePreloadListJar extends ReadOnlyHstsJar | ||
|
There was a problem hiding this comment. Reads from the Google preload list https://hstspreload.org/ - not an official standard but the de facto preload list for most browsers (Chrome, Firefox, Opera, Safari, IE 11+ and Edge) |
||
| { | ||
| public function __construct() | ||
| { | ||
| $jar = new InMemoryHstsJar(); | ||
| $entries = \json_decode(\file_get_contents(__DIR__ . "/transport_security_state_static.json"), associative: true)["entries"]; | ||
| foreach ($entries as $entry) { | ||
| if (($entry["mode"] ?? null) === "force-https") { | ||
| $jar->register($entry["name"], $entry["include_subdomains"] ?? false); | ||
| } | ||
| } | ||
| parent::__construct($jar); | ||
| } | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,44 @@ | ||
| <?php | ||
|
|
||
| namespace Amp\Http\Client\Interceptor\Hsts; | ||
|
|
||
| use Amp\Cancellation; | ||
| use Amp\Http\Client\ApplicationInterceptor; | ||
| use Amp\Http\Client\DelegateHttpClient; | ||
| use Amp\Http\Client\Request; | ||
| use Amp\Http\Client\Response; | ||
|
|
||
| final class HstsInterceptor implements ApplicationInterceptor | ||
| { | ||
| public function __construct(private readonly ReadableHstsJar $hstsJar) | ||
| { | ||
| } | ||
|
|
||
| public function request(Request $request, Cancellation $cancellation, DelegateHttpClient $httpClient): Response | ||
| { | ||
| if ($request->getUri()->getScheme() === "http" && $this->hstsJar->test($request->getUri()->getHost())) { | ||
|
There was a problem hiding this comment. Not sure if we have to test any other schemes than http here (ex. ws => wss) |
||
| $request->setUri($request->getUri()->withScheme("https")); | ||
| } | ||
| $response = $httpClient->request($request, $cancellation); | ||
| if ($strictTransportSecurity = $response->getHeader("Strict-Transport-Security")) { | ||
| $directives = \array_map(trim(...), \explode(";", $strictTransportSecurity)); | ||
| $includeSubDomains = false; | ||
| $remove = false; | ||
| foreach ($directives as $directive) { | ||
| if ($directive === "includeSubDomains") { | ||
| $includeSubDomains = true; | ||
| } elseif ($directive === "max-age=0") { | ||
| $remove = true; | ||
| } | ||
| } | ||
| if ($this->hstsJar instanceof HstsJar) { | ||
| if ($remove) { | ||
| $this->hstsJar->unregister($request->getUri()->getHost()); | ||
| } else { | ||
| $this->hstsJar->register($request->getUri()->getHost(), $includeSubDomains); | ||
| } | ||
| } | ||
| } | ||
| return $response; | ||
| } | ||
| } | ||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,17 @@ | ||
| <?php | ||
|
|
||
| namespace Amp\Http\Client\Interceptor\Hsts; | ||
|
|
||
| interface HstsJar extends ReadableHstsJar | ||
| { | ||
| /** | ||
| * Mark a host as HSTS. | ||
| * @param bool $includeSubDomains Whether the includeSubDomains directive was specified | ||
| */ | ||
| public function register(string $host, bool $includeSubDomains = false): void; | ||
|
|
||
| /** | ||
| * Un-mark a host as HSTS, if it exists. | ||
| */ | ||
| public function unregister(string $host): void; | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,39 @@ | ||
| <?php | ||
|
|
||
| namespace Amp\Http\Client\Interceptor\Hsts; | ||
|
|
||
| final class InMemoryHstsJar implements HstsJar | ||
| { | ||
| /** | ||
| * Array of host to either true (includeSubDomain) or false (no includeSubDomain). | ||
| * @var array<string,bool> | ||
| */ | ||
| private array $hosts = []; | ||
|
|
||
| public function test(string $host, bool $requireIncludeSubDomains = false): bool | ||
| { | ||
| if ( | ||
| // Host must have been marked HSTS | ||
| \array_key_exists($host, $this->hosts) && | ||
| // If "includeSubDomains" is required, it must be marked as such | ||
| (!$requireIncludeSubDomains || $this->hosts[$host]) | ||
| ) { | ||
| return true; | ||
| } | ||
| if (($dotPosition = \strpos($host, ".")) !== false) { | ||
| // Test if a parent domain has been registered with includeSubDomains | ||
| return $this->test(\substr($host, $dotPosition + 1), true); | ||
| } | ||
| return false; | ||
| } | ||
|
|
||
| public function register(string $host, bool $includeSubDomains = false): void | ||
| { | ||
| $this->hosts[$host] = $includeSubDomains; | ||
| } | ||
|
|
||
| public function unregister(string $host): void | ||
| { | ||
| unset($this->hosts[$host]); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,15 @@ | ||
| <?php | ||
|
|
||
| namespace Amp\Http\Client\Interceptor\Hsts; | ||
|
|
||
| class ReadOnlyHstsJar implements ReadableHstsJar | ||
| { | ||
| public function __construct(private ReadableHstsJar $proxyJar) | ||
| { | ||
| } | ||
|
|
||
| public function test(string $host): bool | ||
| { | ||
| return $this->proxyJar->test($host); | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,11 @@ | ||
| <?php | ||
|
|
||
| namespace Amp\Http\Client\Interceptor\Hsts; | ||
|
|
||
| interface ReadableHstsJar | ||
| { | ||
| /** | ||
| * Test whether a host is registered as HSTS. | ||
| */ | ||
| public function test(string $host): bool; | ||
| } |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure if this would be a helpful thing to include - this would allow you to do something like
CombinationHstsJar(InMemoryHstsJar, GooglePreloadHstsJar)to mimic standard browser behavior - anything on the preload list already would be promoted before you accessed it, but any new sites you access which advertise themselves as HSTS would be added to the jar.