Chris@13: <?php
Chris@13: 
Chris@13: namespace Drupal\Core\Security;
Chris@13: 
Chris@13: use Symfony\Component\HttpFoundation\Request;
Chris@13: 
Chris@13: /**
Chris@13:  * Sanitizes user input.
Chris@13:  */
Chris@13: class RequestSanitizer {
Chris@13: 
Chris@13:   /**
Chris@13:    * Request attribute to mark the request as sanitized.
Chris@13:    */
Chris@13:   const SANITIZED = '_drupal_request_sanitized';
Chris@13: 
Chris@13:   /**
Chris@13:    * The name of the setting that configures the whitelist.
Chris@13:    */
Chris@13:   const SANITIZE_WHITELIST = 'sanitize_input_whitelist';
Chris@13: 
Chris@13:   /**
Chris@13:    * The name of the setting that determines if sanitized keys are logged.
Chris@13:    */
Chris@13:   const SANITIZE_LOG = 'sanitize_input_logging';
Chris@13: 
Chris@13:   /**
Chris@13:    * Strips dangerous keys from user input.
Chris@13:    *
Chris@13:    * @param \Symfony\Component\HttpFoundation\Request $request
Chris@13:    *   The incoming request to sanitize.
Chris@13:    * @param string[] $whitelist
Chris@13:    *   An array of keys to whitelist as safe. See default.settings.php.
Chris@13:    * @param bool $log_sanitized_keys
Chris@13:    *   (optional) Set to TRUE to log an keys that are sanitized.
Chris@13:    *
Chris@13:    * @return \Symfony\Component\HttpFoundation\Request
Chris@13:    *   The sanitized request.
Chris@13:    */
Chris@13:   public static function sanitize(Request $request, $whitelist, $log_sanitized_keys = FALSE) {
Chris@13:     if (!$request->attributes->get(self::SANITIZED, FALSE)) {
Chris@13:       // Process query string parameters.
Chris@13:       $get_sanitized_keys = [];
Chris@13:       $request->query->replace(static::stripDangerousValues($request->query->all(), $whitelist, $get_sanitized_keys));
Chris@13:       if ($log_sanitized_keys && !empty($get_sanitized_keys)) {
Chris@13:         trigger_error(sprintf('Potentially unsafe keys removed from query string parameters (GET): %s', implode(', ', $get_sanitized_keys)));
Chris@13:       }
Chris@13: 
Chris@13:       // Request body parameters.
Chris@13:       $post_sanitized_keys = [];
Chris@13:       $request->request->replace(static::stripDangerousValues($request->request->all(), $whitelist, $post_sanitized_keys));
Chris@13:       if ($log_sanitized_keys && !empty($post_sanitized_keys)) {
Chris@13:         trigger_error(sprintf('Potentially unsafe keys removed from request body parameters (POST): %s', implode(', ', $post_sanitized_keys)));
Chris@13:       }
Chris@13: 
Chris@13:       // Cookie parameters.
Chris@13:       $cookie_sanitized_keys = [];
Chris@13:       $request->cookies->replace(static::stripDangerousValues($request->cookies->all(), $whitelist, $cookie_sanitized_keys));
Chris@13:       if ($log_sanitized_keys && !empty($cookie_sanitized_keys)) {
Chris@13:         trigger_error(sprintf('Potentially unsafe keys removed from cookie parameters: %s', implode(', ', $cookie_sanitized_keys)));
Chris@13:       }
Chris@13: 
Chris@13:       if (!empty($get_sanitized_keys) || !empty($post_sanitized_keys) || !empty($cookie_sanitized_keys)) {
Chris@13:         $request->overrideGlobals();
Chris@13:       }
Chris@13:       $request->attributes->set(self::SANITIZED, TRUE);
Chris@13:     }
Chris@13:     return $request;
Chris@13:   }
Chris@13: 
Chris@13:   /**
Chris@13:    * Strips dangerous keys from $input.
Chris@13:    *
Chris@13:    * @param mixed $input
Chris@13:    *   The input to sanitize.
Chris@13:    * @param string[] $whitelist
Chris@13:    *   An array of keys to whitelist as safe.
Chris@13:    * @param string[] $sanitized_keys
Chris@13:    *   An array of keys that have been removed.
Chris@13:    *
Chris@13:    * @return mixed
Chris@13:    *   The sanitized input.
Chris@13:    */
Chris@13:   protected static function stripDangerousValues($input, array $whitelist, array &$sanitized_keys) {
Chris@13:     if (is_array($input)) {
Chris@13:       foreach ($input as $key => $value) {
Chris@13:         if ($key !== '' && $key[0] === '#' && !in_array($key, $whitelist, TRUE)) {
Chris@13:           unset($input[$key]);
Chris@13:           $sanitized_keys[] = $key;
Chris@13:         }
Chris@13:         else {
Chris@13:           $input[$key] = static::stripDangerousValues($input[$key], $whitelist, $sanitized_keys);
Chris@13:         }
Chris@13:       }
Chris@13:     }
Chris@13:     return $input;
Chris@13:   }
Chris@13: 
Chris@13: }