Connection: Fix PHPCS errors in Jetpack_Signature#13489

tyxla · 2019-09-16T22:36:56Z

This PR fixes all the PHPCS errors and warnings in the Jetpack_Signature class.

Changes proposed in this Pull Request:

Connection: Fix PHPCS errors in Jetpack_Signature

Is this a new feature or does it add/remove features to an existing part of Jetpack?

Part of the connection package work.

Testing instructions:

Not necessary, this is mostly adding docs.
If you really wish, you can do some smoke testing.

Proposed changelog entry for your changes:

- Connection: Fix PHPCS errors in Jetpack_Signature

jetpackbot · 2019-09-16T22:41:55Z

Thank you for the great PR description!

When this PR is ready for review, please apply the [Status] Needs Review label. If you are an a11n, please have someone from your team review the code if possible. The Jetpack team will also review this PR and merge it to be included in the next Jetpack release.

Scheduled Jetpack release: October 1, 2019.
Scheduled code freeze: September 24, 2019

Generated by 🚫 dangerJS against b5f1f8b

jeherve

This looks good. Thanks for that!

…ures When WordPress is hosted behind a reverse proxy, we ask site owners to add a `X-Forwarded-Port` header from the reverse proxy to the origin so that Jetpack can know what port to use in the signature's input. We also allow site owners to define `JETPACK_SIGNATURE__HTTPS_PORT` and `JETPACK_SIGNATURE__HTTP_PORT` constants if adding a header is not possible. Often, site owners will add the following snippet to their wp-config.php to make use of those constants: ``` define( 'JETPACK_SIGNATURE__HTTP_PORT', $_SERVER['SERVER_PORT'] ); define( 'JETPACK_SIGNATURE__HTTPS_PORT', $_SERVER['SERVER_PORT'] ); ``` Unfortunately, we broke that snippet in #13489, since we moved to strict comparisons in: * https://github.com/Automattic/jetpack/blob/97cc7bb9b26d4184ba4915efd5928e59d4456b38/packages/connection/legacy/class-jetpack-signature.php#L95 * https://github.com/Automattic/jetpack/blob/97cc7bb9b26d4184ba4915efd5928e59d4456b38/packages/connection/legacy/class-jetpack-signature.php#L102 `$_SERVER['SERVER_PORT']` is a string in most environments, and the new code demands integers. Switch back to loose comparison.

When WordPress is hosted behind a reverse proxy, we ask site owners to add a `X-Forwarded-Port` header from the reverse proxy to the origin so that Jetpack can know what port to use in the signature's input. We also allow site owners to define `JETPACK_SIGNATURE__HTTPS_PORT` and `JETPACK_SIGNATURE__HTTP_PORT` constants if adding a header is not possible. Often, site owners will add the following snippet to their wp-config.php to make use of those constants: ``` define( 'JETPACK_SIGNATURE__HTTP_PORT', $_SERVER['SERVER_PORT'] ); define( 'JETPACK_SIGNATURE__HTTPS_PORT', $_SERVER['SERVER_PORT'] ); ``` Unfortunately, we broke that snippet in #13489, since we moved to strict comparisons in: * https://github.com/Automattic/jetpack/blob/97cc7bb9b26d4184ba4915efd5928e59d4456b38/packages/connection/legacy/class-jetpack-signature.php#L95 * https://github.com/Automattic/jetpack/blob/97cc7bb9b26d4184ba4915efd5928e59d4456b38/packages/connection/legacy/class-jetpack-signature.php#L102 `$_SERVER['SERVER_PORT']` is a string in most environments, and the new code demands integers. Switch back to loose comparison.

…ures (#14111) When WordPress is hosted behind a reverse proxy, we ask site owners to add a `X-Forwarded-Port` header from the reverse proxy to the origin so that Jetpack can know what port to use in the signature's input. We also allow site owners to define `JETPACK_SIGNATURE__HTTPS_PORT` and `JETPACK_SIGNATURE__HTTP_PORT` constants if adding a header is not possible. Often, site owners will add the following snippet to their wp-config.php to make use of those constants: ``` define( 'JETPACK_SIGNATURE__HTTP_PORT', $_SERVER['SERVER_PORT'] ); define( 'JETPACK_SIGNATURE__HTTPS_PORT', $_SERVER['SERVER_PORT'] ); ``` Unfortunately, we broke that snippet in #13489, since we moved to strict comparisons in: * https://github.com/Automattic/jetpack/blob/97cc7bb9b26d4184ba4915efd5928e59d4456b38/packages/connection/legacy/class-jetpack-signature.php#L95 * https://github.com/Automattic/jetpack/blob/97cc7bb9b26d4184ba4915efd5928e59d4456b38/packages/connection/legacy/class-jetpack-signature.php#L102 `$_SERVER['SERVER_PORT']` is a string in most environments, and the new code demands integers. Switch back to loose comparison.

When WordPress is hosted behind a reverse proxy, we ask site owners to add a `X-Forwarded-Port` header from the reverse proxy to the origin so that Jetpack can know what port to use in the signature's input. We also allow site owners to define `JETPACK_SIGNATURE__HTTPS_PORT` and `JETPACK_SIGNATURE__HTTP_PORT` constants if adding a header is not possible. Often, site owners will add the following snippet to their wp-config.php to make use of those constants: ``` define( 'JETPACK_SIGNATURE__HTTP_PORT', $_SERVER['SERVER_PORT'] ); define( 'JETPACK_SIGNATURE__HTTPS_PORT', $_SERVER['SERVER_PORT'] ); ``` Unfortunately, we broke that snippet in Automattic/jetpack#13489, since we moved to strict comparisons in: * https://github.com/Automattic/jetpack/blob/97cc7bb9b26d4184ba4915efd5928e59d4456b38/packages/connection/legacy/class-jetpack-signature.php#L95 * https://github.com/Automattic/jetpack/blob/97cc7bb9b26d4184ba4915efd5928e59d4456b38/packages/connection/legacy/class-jetpack-signature.php#L102 `$_SERVER['SERVER_PORT']` is a string in most environments, and the new code demands integers. Switch back to loose comparison.

Connection: Fix PHPCS errors in Jetpack_Signature

b5f1f8b

tyxla added [Status] Needs Review This PR is ready for review. [Type] Janitorial [Pri] Low Connect Flow Connection banners, buttons, ... labels Sep 16, 2019

tyxla added this to the 7.8 milestone Sep 16, 2019

tyxla requested review from a team September 16, 2019 22:36

tyxla self-assigned this Sep 16, 2019

github-actions Bot added the [Status] Needs Package Release This PR made changes to a package. Let's update that package now. label Sep 16, 2019

jeherve approved these changes Sep 17, 2019

View reviewed changes

jeherve added [Status] Ready to Merge Go ahead, you can push that green button! and removed [Status] Needs Review This PR is ready for review. labels Sep 17, 2019

kraftbj approved these changes Sep 17, 2019

View reviewed changes

kraftbj merged commit cb98c0f into master Sep 17, 2019

kraftbj deleted the fix/phpcs-connection-signature branch September 17, 2019 15:54

matticbot added [Status] Needs Changelog and removed [Status] Ready to Merge Go ahead, you can push that green button! labels Sep 17, 2019

kraftbj removed the [Status] Needs Changelog label Sep 17, 2019

jeherve removed the [Status] Needs Package Release This PR made changes to a package. Let's update that package now. label Sep 20, 2019

tyxla mentioned this pull request Sep 24, 2019

Connection: Make sure port is an integer #13523

Merged

mdawaffe mentioned this pull request Nov 22, 2019

Connection: Loose Comparison for Port Number in Signatures #14111

Merged

leogermani mentioned this pull request Nov 4, 2020

Handle empty SERVER_PORT information on signature checks #17713

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Connection: Fix PHPCS errors in Jetpack_Signature#13489