function Config::prohibitUrlByConfig

Validates that the passed URL is allowed to be used by current config, or throws an exception.

Parameters

IOInterface $io:

mixed[] $repoOptions:

File

vendor/composer/composer/src/Composer/Config.php, line 598

Class

Config

@author Jordi Boggiano <j.boggiano@seld.be>

Namespace

Composer

Code

public function prohibitUrlByConfig(string $url, ?IOInterface $io = null, array $repoOptions = []) : void {
    // Return right away if the URL is malformed or custom (see issue #5173), but only for non-HTTP(S) URLs
    if (false === filter_var($url, FILTER_VALIDATE_URL) && !Preg::isMatch('{^https?://}', $url)) {
        return;
    }
    // Extract scheme and throw exception on known insecure protocols
    $scheme = parse_url($url, PHP_URL_SCHEME);
    $hostname = parse_url($url, PHP_URL_HOST);
    if (in_array($scheme, [
        'http',
        'git',
        'ftp',
        'svn',
    ])) {
        if ($this->get('secure-http')) {
            if ($scheme === 'svn') {
                if (in_array($hostname, $this->get('secure-svn-domains'), true)) {
                    return;
                }
                throw new TransportException("Your configuration does not allow connections to {$url}. See https://getcomposer.org/doc/06-config.md#secure-svn-domains for details.");
            }
            throw new TransportException("Your configuration does not allow connections to {$url}. See https://getcomposer.org/doc/06-config.md#secure-http for details.");
        }
        if ($io !== null) {
            if (is_string($hostname)) {
                if (!isset($this->warnedHosts[$hostname])) {
                    $io->writeError("<warning>Warning: Accessing {$hostname} over {$scheme} which is an insecure protocol.</warning>");
                }
                $this->warnedHosts[$hostname] = true;
            }
        }
    }
    if ($io !== null && is_string($hostname) && !isset($this->sslVerifyWarnedHosts[$hostname])) {
        $warning = null;
        if (isset($repoOptions['ssl']['verify_peer']) && !(bool) $repoOptions['ssl']['verify_peer']) {
            $warning = 'verify_peer';
        }
        if (isset($repoOptions['ssl']['verify_peer_name']) && !(bool) $repoOptions['ssl']['verify_peer_name']) {
            $warning = $warning === null ? 'verify_peer_name' : $warning . ' and verify_peer_name';
        }
        if ($warning !== null) {
            $io->writeError("<warning>Warning: Accessing {$hostname} with {$warning} disabled.</warning>");
            $this->sslVerifyWarnedHosts[$hostname] = true;
        }
    }
}