xp-framework / http Goto Github PK
View Code? Open in Web Editor NEWHTTP protocol support for the XP Framework
http's Issues
SNI with PHP 5.4
Scenario: HTTP proxy which talks to a HTTPS site.
When connecting to an HTTPS server through HTTP proxy, the first request to the proxy will use plain HTTP, then issuing a CONNECT call which subsequently enables cryptography.
In PHP 5.4, the (now deprecated) SNI_server_name and SNI_enabled values are read from the stream context prior to the creation of the socket; setting these values afterwards has no effect. The server then will respond with this message: [error] Hostname A provided via SNI and hostname B provided via HTTP are different.
A fix is to settle these values early in time:
protected function connect($s, $read, $connect) {
$s->isConnected() && $s->close();
$s->setTimeout($read);
$ctx= $s->getClass()->getField('context')->setAccessible(true)->get($s);
stream_context_set_option($ctx, 'ssl', 'SNI_enabled', true);
stream_context_set_option($ctx, 'ssl', 'SNI_server_name', 'example.com');
$s->connect($connect);
return $s;
} NO_PROXY
The NO_PROXY environment variable is not taken into account (while no_proxy is). Some programs expect this to be in all-caps, see https://wiki.archlinux.org/index.php/Proxy_settings.
See also https://www.npmjs.com/package/proxy-from-env and https://www.gnu.org/software/wget/manual/wget.html#Proxies
/cc @kiesel
Proxies with HTTPS broken
The following tries to connect to the proxy via HTTPS. Instead, it should connect there with HTTP and issue a CONNECT verb.
$c= new HttpConnection('https://...');
$c->setProxy(new HttpProxy('proxy.local.lan', 8080));
$response= $c->get();Result:
Uncaught exception: Exception lang.reflect.TargetInvocationException (Proxy::main)
at peer.http.SSLSocketHttpTransport::newSocket() [line 21 of SSLSocketHttpTransport.class.php] Missing argument 2 for peer\http\SSLSocketHttpTransport::newSocket(), called in C:\cygwin\home\Timm\devel\xp\http\src\main\php\peer\http\SocketHttpTransport.class.php on line 45 and defined
at peer.http.SSLSocketHttpTransport::newSocket() [line 22 of SSLSocketHttpTransport.class.php] Undefined variable: arg
at lang.reflect.Method::invoke(NULL, array[1]) [line 248 of class-main.php]
Caused by Exception peer.ConnectException (Failed connecting to ********:3128 within 2 seconds [0: ])
at peer.http.SSLSocketHttpTransport::newSocket() [line 21 of SSLSocketHttpTransport.class.php] Missing argument 2 for peer\http\SSLSocketHttpTransport::newSocket(), called in C:\cygwin\home\Timm\devel\xp\http\src\main\php\peer\http\SocketHttpTransport.class.php on line 45 and defined
at peer.http.SSLSocketHttpTransport::newSocket() [line 22 of SSLSocketHttpTransport.class.php] Undefined variable: arg
at <main>::stream_socket_client() [line 140 of Socket.class.php] stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
at <main>::stream_socket_client() [line 140 of Socket.class.php] stream_socket_client(): Failed to enable crypto
at <main>::stream_socket_client() [line 140 of Socket.class.php] stream_socket_client(): unable to connect to ssl://********:3128 (Unknown error)
at peer.Socket::connect(2) [line 80 of SocketHttpTransport.class.php]
at peer.http.SocketHttpTransport::send(peer.http.HttpRequest{}, 60, 2) [line 123 of HttpConnection.class.php]
at peer.http.HttpConnection::send(peer.http.HttpRequest{}) [line 164 of HttpConnection.class.php]
at peer.http.HttpConnection::request((0x3)'GET', NULL, array[0]) [line 175 of HttpConnection.class.php]
at peer.http.HttpConnection::get() [line 14 of Proxy.class.php]
at Proxy::main(array[0]) [line 0 of StackTraceElement.class.php]
... 2 more
Performance with CURL
Via xp-forge/neo4j#3
# With Sockets
$ xp test.script.php xp-forge/neo4j http://discovery:[email protected]:7474
[xp-forge/neo4j, http * 100] returns << [:var]
0.601 seconds, 1770.47 kB
# With CURL
$ xp test.script.php xp-forge/neo4j http://discovery:[email protected]:7474
[xp-forge/neo4j, http * 100] returns << [:var]
0.326 seconds, 1754.30 kBClearly, either the CURL transport should be preferred or the socket implementation's performance should be improved upon!
Skip SSL verification
Currently only possible via:
index 6cd14dc..b732637 100644
--- a/src/main/php/peer/http/SSLSocketHttpTransport.class.php
+++ b/src/main/php/peer/http/SSLSocketHttpTransport.class.php
@@ -21,11 +21,14 @@ class SSLSocketHttpTransport extends SocketHttpTransport {
*/
protected function newSocket(\peer\URL $url, $arg) {
if ('tls' === $arg) {
- return new TLSSocket($url->getHost(), $url->getPort(443), null);
+ $s= new TLSSocket($url->getHost(), $url->getPort(443), null);
} else {
sscanf($arg, 'v%d', $version);
- return new SSLSocket($url->getHost(), $url->getPort(443), null, $version);
+ $s= new SSLSocket($url->getHost(), $url->getPort(443), null, $version);
}
+ $s->setVerifyPeer(false);
+ $s->setAllowSelfSigned(false);
+ return $s;
}(plus a couple more tweeks for proxy setups)
Especially for testing against self-signed certificates, this can be tedious. Maybe passing https+unverified://example.com/ can make this easier but not compromise default security
/cc @kiesel
Class 'Com' not found
$ xp Imports
Uncaught error: Fatal error (Class 'Com' not found)
at <source> [line 19 of C:\...\peer\http\proxy\RegistrySettings.class.php]
at <main>() [line 0 of Imports.class.php](Windows only)
Support Mac OS X proxies
From /Library/Preferences/SystemConfiguration/preferences.plist
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>CurrentSet</key>
<string>/Sets/8DD211B4-4284-455D-8F0F-209916D5A782</string>
<key>Model</key>
<string>MacBookPro10,1</string>
<key>NetworkServices</key>
<dict>
<key>73B15BE1-D77D-4336-82E6-376B27803928</key>
<dict>
<key>DNS</key>
<dict/>
<key>IPv4</key>
<dict>
<key>ConfigMethod</key>
<string>DHCP</string>
</dict>
<key>IPv6</key>
<dict>
<key>ConfigMethod</key>
<string>Automatic</string>
</dict>
<key>Interface</key>
<dict>
<key>DeviceName</key>
<string>en0</string>
<key>Hardware</key>
<string>Ethernet</string>
<key>Type</key>
<string>Ethernet</string>
<key>UserDefinedName</key>
<string>Ethernet</string>
</dict>
<key>Proxies</key>
<dict>
<key>ExceptionsList</key>
<array>
<string>*.local</string>
<string>169.254/16</string>
</array>
<key>FTPPassive</key>
<integer>1</integer>
<key>HTTPEnable</key>
<integer>1</integer>
<key>HTTPPort</key>
<integer>3128</integer>
<key>HTTPProxy</key>
<string>proxy.example.com</string>
</dict>
<key>SMB</key>
<dict/>
<key>UserDefinedName</key>
<string>Ethernet</string>
</dict>
</dict>
<key>Sets</key>
<dict>
<key>8DD211B4-4284-455D-8F0F-209916D5A782</key>
<dict>
<key>Network</key>
<dict>
<key>Global</key>
<dict>
<key>IPv4</key>
<dict>
<key>ServiceOrder</key>
<array>
<string>73B15BE1-D77D-4336-82E6-376B27803928</string>
</array>
</dict>
</dict>
<key>Service</key>
<dict>
<key>73B15BE1-D77D-4336-82E6-376B27803928</key>
<dict>
<key>__LINK__</key>
<string>/NetworkServices/73B15BE1-D77D-4336-82E6-376B27803928</string>
</dict>
</dict>
</dict>
<key>UserDefinedName</key>
<string>Automatic</string>
</dict>
</dict>
<key>System</key>
<dict>
<key>Network</key>
<dict>
<key>HostNames</key>
<dict>
<key>LocalHostName</key>
<string>Timms-Mac</string>
</dict>
</dict>
<key>System</key>
<dict>
<key>ComputerName</key>
<string>Timm’s Mac</string>
<key>ComputerNameEncoding</key>
<integer>0</integer>
</dict>
</dict>
</dict>
</plist>Keepalive
HTTP Connections should support Keep-Alive.
Further reading
http://docs.oracle.com/javase/7/docs/technotes/guides/net/http-keepalive.html
http://hc.apache.org/httpcomponents-client-ga/tutorial/html/connmgmt.html
https://msdn.microsoft.com/en-us/library/system.net.httpwebrequest.keepalive(v=vs.110).aspx
nodejs/node-v0.x-archive#4769
https://github.com/billywhizz/node-httpclient
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.