WordPress.org

Make WordPress Core

Opened 2 years ago

Closed 23 months ago

#37494 closed defect (bug) (fixed)

Proxy authentication is ignored by Requests

Reported by: francescobagnoli Owned by: dd32
Milestone: 4.6 Priority: normal
Severity: normal Version: 4.6
Component: HTTP API Keywords: has-patch commit dev-reviewed
Focuses: Cc:

Description (last modified by ocean90)

in wp-config.php

define('WP_PROXY_HOST',     '172.16.XXX.XXX');
define('WP_PROXY_PORT',     '3128');
define('WP_PROXY_USERNAME', 'XXX');
define('WP_PROXY_PASSWORD', 'XXX');

in function.php

$headers['X-Forwarded-For'] = $_SERVER['REMOTE_ADDR'];
$response = wp_remote_get('http://example.com/', array('headers' => $headers));

the proxy server raise an exception on authentication failed.

debugging i see in Requests_Proxy_HTTP class, $use_authentication property is always false and in curl_before_send() method if $use_authentication is false curl_setopt CURLOPT_PROXYUSERPWD is never set. If I force $use_authentication to be true, everything works.

the fix for me is edit /wp-includes/class-http.php line 354:

$options['proxy'] = new Requests_Proxy_HTTP( $proxy->host() . ':' . $proxy->port() );
if ( $proxy->use_authentication() ) {
    $options['proxy']->user = $proxy->username();
    $options['proxy']->pass = $proxy->password();
}

change to

if ( $proxy->use_authentication() ) {
    $options['proxy']->user = $proxy->username();
    $options['proxy']->pass = $proxy->password();
                                
    $options['proxy'] = new Requests_Proxy_HTTP( array($proxy->host() . ':' . $proxy->port(), $proxy->username(), $proxy->password()) );
} else {
    $options['proxy'] = new Requests_Proxy_HTTP( $proxy->host() . ':' . $proxy->port() );
}

This because Requests_Proxy_HTTP set $use_authentication property to true, only if Requests_Proxy_HTTP::__construct() has 3 parameters

public function __construct($args = null) {
    if (is_string($args)) {
        $this->proxy = $args;
    }
    elseif (is_array($args)) {
        if (count($args) == 1) {
            list($this->proxy) = $args;
        }
        elseif (count($args) == 3) {
            list($this->proxy, $this->user, $this->pass) = $args;
            $this->use_authentication = true;
        }
        else {
            throw new Requests_Exception('Invalid number of arguments', 'proxyhttpbadargs');
        }
    }
}

Attachments (3)

37494.patch (712 bytes) - added by ocean90 2 years ago.
37494.2.patch (521 bytes) - added by ocean90 2 years ago.
37494.3.patch (721 bytes) - added by ocean90 23 months ago.
Like 37494.patch, but uses an array

Download all attachments as: .zip

Change History (12)

@ocean90
2 years ago

#1 @ocean90
2 years ago

  • Description modified (diff)
  • Keywords has-patch added
  • Milestone changed from Awaiting Review to 4.6
  • Summary changed from Wordpress 4.6 Beta 4: Proxy setting not work to Proxy authentication is ignored by Requests

Hello @francescobagnoli, welcome to our Trac!

Thanks for your detailed report, I've added 37494.patch which includes your suggested fix.

@ocean90
2 years ago

#2 @ocean90
2 years ago

  • Owner set to rmccue
  • Status changed from new to reviewing

37494.2.patch is an alternative but I think 37494.patch looks better. @rmccue, what do you think?

#3 @francescobagnoli
23 months ago

@ocean90 Requests_Proxy_HTTP set $use_authentication property to true, only if Requests_Proxy_HTTP::__construct() an array parameter with 3 args!

<?php
$options['proxy'] = new Requests_Proxy_HTTP( array($proxy->host() . ':' . $proxy->port(), $proxy->username(), $proxy->password()) );
Last edited 23 months ago by ocean90 (previous) (diff)

@ocean90
23 months ago

Like 37494.patch, but uses an array

#4 follow-up: @rmccue
23 months ago

37494.2.patch looks like the best option to me; the property is intentionally public, and marked as part of the public API, so it's fine to use it.

#5 in reply to: ↑ 4 @ocean90
23 months ago

  • Keywords commit added

Replying to rmccue:

37494.2.patch looks like the best option to me; the property is intentionally public, and marked as part of the public API, so it's fine to use it.

Fine by me, as long as you're not planning to make them private or so. 😉

#6 @ocean90
23 months ago

  • Owner changed from rmccue to dd32

@dd32 Could you please review 37494.2.patch?

#7 @dd32
23 months ago

I personally prefer branching and not doing it conditionally like this, so 37494.3.patch is how I'd personally do it (although it needs to remove the first $options['proxy'] = new ..).

However, as @rmccue notes, use_authentication (along with user and pass) are public and so a valid approach and consistent with the existing code, so 37494.2.patch also has my +1 for commit

#8 @ocean90
23 months ago

  • Keywords dev-reviewed added

#9 @ocean90
23 months ago

  • Resolution set to fixed
  • Status changed from reviewing to closed

In 38173:

HTTP API: Set $use_authentication property of Requests_Proxy_HTTP to true when proxy authentication is required.

Props francescobagnoli for initial patch.
Fixes #37494.

Note: See TracTickets for help on using tickets.