N°6204 - Fix REST/JSON API crash when using JSON-P and iBackofficeDictXXX interfaces

2026-02-13 15:34:12 +01:00 · 2023-04-18 15:32:24 +02:00
parent d46d1db8e4
commit 51617113eb
12 changed files with 170 additions and 92 deletions
--- a/lib/autoload.php
+++ b/lib/autoload.php
@@ -2,24 +2,6 @@

 // autoload.php @generated by Composer

-if (PHP_VERSION_ID < 50600) {
-    if (!headers_sent()) {
-        header('HTTP/1.1 500 Internal Server Error');
-    }
-    $err = 'Composer 2.3.0 dropped support for autoloading on PHP <5.6 and you are running '.PHP_VERSION.', please upgrade PHP or use Composer 2.2 LTS via "composer self-update --2.2". Aborting.'.PHP_EOL;
-    if (!ini_get('display_errors')) {
-        if (PHP_SAPI === 'cli' || PHP_SAPI === 'phpdbg') {
-            fwrite(STDERR, $err);
-        } elseif (!headers_sent()) {
-            echo $err;
-        }
-    }
-    trigger_error(
-        $err,
-        E_USER_ERROR
-    );
-}
-
 require_once __DIR__ . '/composer/autoload_real.php';

 return ComposerAutoloaderInit7f81b4a2a468a061c306af5e447a9a9f::getLoader();
--- a/lib/composer/ClassLoader.php
+++ b/lib/composer/ClassLoader.php
@@ -42,9 +42,6 @@ namespace Composer\Autoload;
 */
 class ClassLoader
 {
-    /** @var \Closure(string):void */
-    private static $includeFile;
-
    /** @var ?string */
    private $vendorDir;

@@ -109,7 +106,6 @@ class ClassLoader
    public function __construct($vendorDir = null)
    {
        $this->vendorDir = $vendorDir;
-        self::initializeIncludeClosure();
    }

    /**
@@ -153,7 +149,7 @@ class ClassLoader

    /**
     * @return string[] Array of classname => path
-     * @psalm-return array<string, string>
+     * @psalm-var array<string, string>
     */
    public function getClassMap()
    {
@@ -429,8 +425,7 @@ class ClassLoader
    public function loadClass($class)
    {
        if ($file = $this->findFile($class)) {
-            $includeFile = self::$includeFile;
-            $includeFile($file);
+            includeFile($file);

            return true;
        }
@@ -560,26 +555,18 @@ class ClassLoader

        return false;
    }
-
-    /**
-     * @return void
-     */
-    private static function initializeIncludeClosure()
-    {
-        if (self::$includeFile !== null) {
-            return;
-        }
-
-        /**
-         * Scope isolated include.
-         *
-         * Prevents access to $this/self from included files.
-         *
-         * @param  string $file
-         * @return void
-         */
-        self::$includeFile = \Closure::bind(static function($file) {
-            include $file;
-        }, null, null);
-    }
+}
+
+/**
+ * Scope isolated include.
+ *
+ * Prevents access to $this/self from included files.
+ *
+ * @param  string $file
+ * @return void
+ * @private
+ */
+function includeFile($file)
+{
+    include $file;
 }
--- a/lib/composer/autoload_classmap.php
+++ b/lib/composer/autoload_classmap.php
@@ -2,7 +2,7 @@

 // autoload_classmap.php @generated by Composer

-$vendorDir = dirname(__DIR__);
+$vendorDir = dirname(dirname(__FILE__));
 $baseDir = dirname($vendorDir);

 return array(
@@ -686,6 +686,7 @@ return array(
    'JSButtonItem' => $baseDir . '/application/applicationextension.inc.php',
    'JSPopupMenuItem' => $baseDir . '/application/applicationextension.inc.php',
    'JsonException' => $vendorDir . '/symfony/polyfill-php73/Resources/stubs/JsonException.php',
+    'JsonPPage' => $baseDir . '/sources/Application/WebPage/JsonPPage.php',
    'JsonPage' => $baseDir . '/sources/Application/WebPage/JsonPage.php',
    'KeyValueStore' => $baseDir . '/core/counter.class.inc.php',
    'Laminas\\Loader\\AutoloaderFactory' => $vendorDir . '/laminas/laminas-loader/src/AutoloaderFactory.php',
--- a/lib/composer/autoload_files.php
+++ b/lib/composer/autoload_files.php
@@ -2,24 +2,24 @@

 // autoload_files.php @generated by Composer

-$vendorDir = dirname(__DIR__);
+$vendorDir = dirname(dirname(__FILE__));
 $baseDir = dirname($vendorDir);

 return array(
-    'a4a119a56e50fbb293281d9a48007e0e' => $vendorDir . '/symfony/polyfill-php80/bootstrap.php',
    '6e3fae29631ef280660b3cdad06f25a8' => $vendorDir . '/symfony/deprecation-contracts/function.php',
+    'a4a119a56e50fbb293281d9a48007e0e' => $vendorDir . '/symfony/polyfill-php80/bootstrap.php',
    '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => $vendorDir . '/symfony/polyfill-mbstring/bootstrap.php',
    '320cde22f66dd4f5d3fd621d3e88b98f' => $vendorDir . '/symfony/polyfill-ctype/bootstrap.php',
-    '23c18046f52bef3eea034657bafda50f' => $vendorDir . '/symfony/polyfill-php81/bootstrap.php',
    '0d59ee240a4cd96ddbb4ff164fccea4d' => $vendorDir . '/symfony/polyfill-php73/bootstrap.php',
+    '23c18046f52bef3eea034657bafda50f' => $vendorDir . '/symfony/polyfill-php81/bootstrap.php',
    '667aeda72477189d0494fecd327c3641' => $vendorDir . '/symfony/var-dumper/Resources/functions/dump.php',
-    '7b11c4dc42b3b3023073cb14e519683c' => $vendorDir . '/ralouphie/getallheaders/src/getallheaders.php',
-    'c964ee0ededf28c96ebd9db5099ef910' => $vendorDir . '/guzzlehttp/promises/src/functions_include.php',
    'e69f7f6ee287b969198c3c9d6777bd38' => $vendorDir . '/symfony/polyfill-intl-normalizer/bootstrap.php',
-    '37a3dc5111fe8f707ab4c132ef1dbc62' => $vendorDir . '/guzzlehttp/guzzle/src/functions_include.php',
    'c9d07b32a2e02bc0fc582d4f0c1b56cc' => $vendorDir . '/laminas/laminas-servicemanager/src/autoload.php',
+    '7b11c4dc42b3b3023073cb14e519683c' => $vendorDir . '/ralouphie/getallheaders/src/getallheaders.php',
    '8825ede83f2f289127722d4e842cf7e8' => $vendorDir . '/symfony/polyfill-intl-grapheme/bootstrap.php',
+    'c964ee0ededf28c96ebd9db5099ef910' => $vendorDir . '/guzzlehttp/promises/src/functions_include.php',
+    'b6b991a57620e2fb6b2f66f03fe9ddc2' => $vendorDir . '/symfony/string/Resources/functions.php',
+    '37a3dc5111fe8f707ab4c132ef1dbc62' => $vendorDir . '/guzzlehttp/guzzle/src/functions_include.php',
    '25072dd6e2470089de65ae7bf11d3109' => $vendorDir . '/symfony/polyfill-php72/bootstrap.php',
    'f598d06aa772fa33d905e87be6398fb1' => $vendorDir . '/symfony/polyfill-intl-idn/bootstrap.php',
-    'b6b991a57620e2fb6b2f66f03fe9ddc2' => $vendorDir . '/symfony/string/Resources/functions.php',
 );
--- a/lib/composer/autoload_namespaces.php
+++ b/lib/composer/autoload_namespaces.php
@@ -2,7 +2,7 @@

 // autoload_namespaces.php @generated by Composer

-$vendorDir = dirname(__DIR__);
+$vendorDir = dirname(dirname(__FILE__));
 $baseDir = dirname($vendorDir);

 return array(
--- a/lib/composer/autoload_psr4.php
+++ b/lib/composer/autoload_psr4.php
@@ -2,7 +2,7 @@

 // autoload_psr4.php @generated by Composer

-$vendorDir = dirname(__DIR__);
+$vendorDir = dirname(dirname(__FILE__));
 $baseDir = dirname($vendorDir);

 return array(
--- a/lib/composer/autoload_real.php
+++ b/lib/composer/autoload_real.php
@@ -25,31 +25,46 @@ class ComposerAutoloaderInit7f81b4a2a468a061c306af5e447a9a9f
        require __DIR__ . '/platform_check.php';

        spl_autoload_register(array('ComposerAutoloaderInit7f81b4a2a468a061c306af5e447a9a9f', 'loadClassLoader'), true, true);
-        self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(__DIR__));
+        self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(\dirname(__FILE__)));
        spl_autoload_unregister(array('ComposerAutoloaderInit7f81b4a2a468a061c306af5e447a9a9f', 'loadClassLoader'));

        $includePaths = require __DIR__ . '/include_paths.php';
        $includePaths[] = get_include_path();
        set_include_path(implode(PATH_SEPARATOR, $includePaths));

-        require __DIR__ . '/autoload_static.php';
-        call_user_func(\Composer\Autoload\ComposerStaticInit7f81b4a2a468a061c306af5e447a9a9f::getInitializer($loader));
+        $useStaticLoader = PHP_VERSION_ID >= 50600 && !defined('HHVM_VERSION') && (!function_exists('zend_loader_file_encoded') || !zend_loader_file_encoded());
+        if ($useStaticLoader) {
+            require __DIR__ . '/autoload_static.php';
+
+            call_user_func(\Composer\Autoload\ComposerStaticInit7f81b4a2a468a061c306af5e447a9a9f::getInitializer($loader));
+        } else {
+            $classMap = require __DIR__ . '/autoload_classmap.php';
+            if ($classMap) {
+                $loader->addClassMap($classMap);
+            }
+        }

        $loader->setClassMapAuthoritative(true);
        $loader->register(true);

-        $filesToLoad = \Composer\Autoload\ComposerStaticInit7f81b4a2a468a061c306af5e447a9a9f::$files;
-        $requireFile = \Closure::bind(static function ($fileIdentifier, $file) {
-            if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
-                $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true;
-
-                require $file;
-            }
-        }, null, null);
-        foreach ($filesToLoad as $fileIdentifier => $file) {
-            $requireFile($fileIdentifier, $file);
+        if ($useStaticLoader) {
+            $includeFiles = Composer\Autoload\ComposerStaticInit7f81b4a2a468a061c306af5e447a9a9f::$files;
+        } else {
+            $includeFiles = require __DIR__ . '/autoload_files.php';
+        }
+        foreach ($includeFiles as $fileIdentifier => $file) {
+            composerRequire7f81b4a2a468a061c306af5e447a9a9f($fileIdentifier, $file);
        }

        return $loader;
    }
 }
+
+function composerRequire7f81b4a2a468a061c306af5e447a9a9f($fileIdentifier, $file)
+{
+    if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
+        require $file;
+
+        $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true;
+    }
+}
--- a/lib/composer/autoload_static.php
+++ b/lib/composer/autoload_static.php
@@ -7,22 +7,22 @@ namespace Composer\Autoload;
 class ComposerStaticInit7f81b4a2a468a061c306af5e447a9a9f
 {
    public static $files = array (
-        'a4a119a56e50fbb293281d9a48007e0e' => __DIR__ . '/..' . '/symfony/polyfill-php80/bootstrap.php',
        '6e3fae29631ef280660b3cdad06f25a8' => __DIR__ . '/..' . '/symfony/deprecation-contracts/function.php',
+        'a4a119a56e50fbb293281d9a48007e0e' => __DIR__ . '/..' . '/symfony/polyfill-php80/bootstrap.php',
        '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => __DIR__ . '/..' . '/symfony/polyfill-mbstring/bootstrap.php',
        '320cde22f66dd4f5d3fd621d3e88b98f' => __DIR__ . '/..' . '/symfony/polyfill-ctype/bootstrap.php',
-        '23c18046f52bef3eea034657bafda50f' => __DIR__ . '/..' . '/symfony/polyfill-php81/bootstrap.php',
        '0d59ee240a4cd96ddbb4ff164fccea4d' => __DIR__ . '/..' . '/symfony/polyfill-php73/bootstrap.php',
+        '23c18046f52bef3eea034657bafda50f' => __DIR__ . '/..' . '/symfony/polyfill-php81/bootstrap.php',
        '667aeda72477189d0494fecd327c3641' => __DIR__ . '/..' . '/symfony/var-dumper/Resources/functions/dump.php',
-        '7b11c4dc42b3b3023073cb14e519683c' => __DIR__ . '/..' . '/ralouphie/getallheaders/src/getallheaders.php',
-        'c964ee0ededf28c96ebd9db5099ef910' => __DIR__ . '/..' . '/guzzlehttp/promises/src/functions_include.php',
        'e69f7f6ee287b969198c3c9d6777bd38' => __DIR__ . '/..' . '/symfony/polyfill-intl-normalizer/bootstrap.php',
-        '37a3dc5111fe8f707ab4c132ef1dbc62' => __DIR__ . '/..' . '/guzzlehttp/guzzle/src/functions_include.php',
        'c9d07b32a2e02bc0fc582d4f0c1b56cc' => __DIR__ . '/..' . '/laminas/laminas-servicemanager/src/autoload.php',
+        '7b11c4dc42b3b3023073cb14e519683c' => __DIR__ . '/..' . '/ralouphie/getallheaders/src/getallheaders.php',
        '8825ede83f2f289127722d4e842cf7e8' => __DIR__ . '/..' . '/symfony/polyfill-intl-grapheme/bootstrap.php',
+        'c964ee0ededf28c96ebd9db5099ef910' => __DIR__ . '/..' . '/guzzlehttp/promises/src/functions_include.php',
+        'b6b991a57620e2fb6b2f66f03fe9ddc2' => __DIR__ . '/..' . '/symfony/string/Resources/functions.php',
+        '37a3dc5111fe8f707ab4c132ef1dbc62' => __DIR__ . '/..' . '/guzzlehttp/guzzle/src/functions_include.php',
        '25072dd6e2470089de65ae7bf11d3109' => __DIR__ . '/..' . '/symfony/polyfill-php72/bootstrap.php',
        'f598d06aa772fa33d905e87be6398fb1' => __DIR__ . '/..' . '/symfony/polyfill-intl-idn/bootstrap.php',
-        'b6b991a57620e2fb6b2f66f03fe9ddc2' => __DIR__ . '/..' . '/symfony/string/Resources/functions.php',
    );

    public static $prefixLengthsPsr4 = array (
@@ -1051,6 +1051,7 @@ class ComposerStaticInit7f81b4a2a468a061c306af5e447a9a9f
        'JSButtonItem' => __DIR__ . '/../..' . '/application/applicationextension.inc.php',
        'JSPopupMenuItem' => __DIR__ . '/../..' . '/application/applicationextension.inc.php',
        'JsonException' => __DIR__ . '/..' . '/symfony/polyfill-php73/Resources/stubs/JsonException.php',
+        'JsonPPage' => __DIR__ . '/../..' . '/sources/Application/WebPage/JsonPPage.php',
        'JsonPage' => __DIR__ . '/../..' . '/sources/Application/WebPage/JsonPage.php',
        'KeyValueStore' => __DIR__ . '/../..' . '/core/counter.class.inc.php',
        'Laminas\\Loader\\AutoloaderFactory' => __DIR__ . '/..' . '/laminas/laminas-loader/src/AutoloaderFactory.php',
--- a/lib/composer/include_paths.php
+++ b/lib/composer/include_paths.php
@@ -2,7 +2,7 @@

 // include_paths.php @generated by Composer

-$vendorDir = dirname(__DIR__);
+$vendorDir = dirname(dirname(__FILE__));
 $baseDir = dirname($vendorDir);

 return array(
--- a/sources/Application/WebPage/JsonPPage.php
+++ b/sources/Application/WebPage/JsonPPage.php
@@ -0,0 +1,73 @@
+<?php
+/*
+ * @copyright   Copyright (C) 2010-2023 Combodo SARL
+ * @license     http://opensource.org/licenses/AGPL-3.0
+ */
+
+
+/**
+ * Class JsonPPage
+ * Handles JSON-P calls {@link https://en.wikipedia.org/wiki/JSONP}
+ *
+ * @author Stephen Abello <stephen.abello@combodo.com>
+ * @since 3.1.0
+ */
+class JsonPPage extends JsonPage
+{
+	/** @var string Name of the callback to call on response */
+	protected $sCallbackName;
+
+	/**
+	 * JsonPPage constructor.
+	 *
+	 * @param string $sCallbackName
+	 *
+	 * @throws \CoreException
+	 */
+	public function __construct(string $sCallbackName)
+	{
+		$oKpi = new ExecutionKPI();
+		parent::__construct();
+		$this->sContentType = 'application/javascript';
+		$this->SetCallbackName($sCallbackName);
+		$oKpi->ComputeStats(get_class($this).' creation', 'JsonPPage');
+	}
+
+	/**
+	 * @param string $sCallbackName
+	 *
+	 * @return $this
+	 * @throws \CoreException
+	 *@see \JsonPPage::$sCallbackName
+	 *
+	 */
+	public function SetCallbackName(string $sCallbackName)
+	{
+		if (utils::IsNullOrEmptyString($sCallbackName)) {
+			throw new CoreException('JsonPPage callback cannot be empty');
+		}
+
+		$this->sCallbackName = $sCallbackName;
+
+		return $this;
+	}
+
+	/**
+	 * @return string
+	 *@see \JsonPPage::$sCallbackName
+	 */
+	public function GetCallbackName(): string
+	{
+		return $this->sCallbackName;
+	}
+
+	/**
+	 * @inheritDoc
+	 */
+	protected function ComputeContent(): string
+	{
+		$sContent = parent::ComputeContent();
+
+		return $this->sCallbackName . '(' . $sContent . ');';
+	}
+}
--- a/sources/Application/WebPage/JsonPage.php
+++ b/sources/Application/WebPage/JsonPage.php
@@ -29,6 +29,7 @@ class JsonPage extends WebPage
 	{
 		$oKpi = new ExecutionKPI();
 		parent::__construct('');
+		$this->sContentType = 'application/json';
 		$oKpi->ComputeStats(get_class($this).' creation', 'JsonPage');
 	}

@@ -78,29 +79,48 @@ class JsonPage extends WebPage
 	}

 	/**
-	 * @inheritDoc
+	 * Output the headers
+	 *
+	 * @return void
+	 * @since 3.1.0
 	 */
-	public function output()
+	protected function OutputHeaders(): void
 	{
-		$oKpi = new ExecutionKPI();
-		$this->add_header('Content-type: application/json');
+		$this->add_header('Content-type: ' . $this->sContentType);

 		foreach ($this->a_headers as $s_header) {
 			header($s_header);
 		}
+	}

+	/**
+	 * @return string Content to output
+	 * @since 3.1.0
+	 */
+	protected function ComputeContent(): string
+	{
 		$aScripts = array_merge($this->a_init_scripts, $this->a_scripts, $this->a_ready_scripts);

 		$aJson = $this->bOutputDataOnly ? $this->aData : [
 			'data'    => $this->aData,
 			'scripts' => $aScripts,
 		];
-		$sJSON = json_encode($aJson);
-		$oKpi->ComputeAndReport(get_class($this).' output');

-		echo $sJSON;
-		$oKpi->ComputeAndReport('Echoing ('.round(strlen($sJSON) / 1024).' Kb)');
-		ExecutionKPI::ReportStats();
+		return json_encode($aJson);
 	}

+	/**
+	 * @inheritDoc
+	 */
+	public function output()
+	{
+		$oKpi = new ExecutionKPI();
+		$this->OutputHeaders();
+		$sContent = $this->ComputeContent();
+		$oKpi->ComputeAndReport(get_class($this).' output');
+
+		echo $sContent;
+		$oKpi->ComputeAndReport('Echoing ('.round(strlen($sContent) / 1024).' Kb)');
+		ExecutionKPI::ReportStats();
+	}
 }
--- a/webservices/rest.php
+++ b/webservices/rest.php
@@ -63,7 +63,6 @@ if (!function_exists('json_last_error_msg')) {
 //
 // Main
 //
-$oP = new AjaxPage('rest');
 $oCtx = new ContextTag(ContextTag::TAG_REST);

 $sVersion = utils::ReadParam('version', null, false, 'raw_data');
@@ -256,19 +255,19 @@ if ($sResponse === false)
 	$sResponse = json_encode($oJsonIssue);
 }

-$oP->add_header('Access-Control-Allow-Origin: *');

 $sCallback = utils::ReadParam('callback', null);
 if ($sCallback == null)
 {
-	$oP->SetContentType('application/json');
-	$oP->add($sResponse);
+	$oP = new JsonPage();
+	$oP->SetOutputDataOnly(true);
 }
 else
 {
-	$oP->SetContentType('application/javascript');
-	$oP->add($sCallback.'('.$sResponse.')');
+	$oP = new JsonPPage($sCallback);
 }
+$oP->add_header('Access-Control-Allow-Origin: *');
+$oP->SetData(json_decode($sResponse, true));
 $oP->Output();

 // Log usage