Skip to content

Instantly share code, notes, and snippets.

@naderman
Last active December 5, 2022 23:52
Show Gist options
  • Select an option

  • Save naderman/377e40c1c76e0fe8b905c1a333c4112a to your computer and use it in GitHub Desktop.

Select an option

Save naderman/377e40c1c76e0fe8b905c1a333c4112a to your computer and use it in GitHub Desktop.
Composer HTTP Proxy Test
<?php
error_reporting(E_ERROR);
@ini_set('display_errors', 'Off');
echo "Unencrypted HTTP ";
check('http://packagist.org/packages.json', false);
echo "\nEncrypted HTTPS ";
check('https://packagist.org/packages.json', true);
echo "\n";
function check($url, $ssl) {
foreach (array(false, true) as $fulluri) {
$httpRes = file_get_contents($url, false, createContext($url, $ssl, $fulluri));
echo $fulluri ? 'FULL-' : 'PATH-';
echo strpos($httpRes, 'provider-includes') !== false ? 'OK ' : 'FAIL ';
}
}
function createContext($url, $ssl, $fulluri)
{
$options = array('http' => array(
));
if (PHP_SAPI === 'cli' && (!empty($_SERVER['HTTP_PROXY']) || !empty($_SERVER['http_proxy']))) {
$proxy = parse_url(!empty($_SERVER['http_proxy']) ? $_SERVER['http_proxy'] : $_SERVER['HTTP_PROXY']);
echo 'HTTP_PROXY ';
}
if (!empty($_SERVER['CGI_HTTP_PROXY'])) {
$proxy = parse_url($_SERVER['CGI_HTTP_PROXY']);
echo 'CGI_HTTP_PROXY ';
}
if (preg_match('{^https://}i', $url) && (!empty($_SERVER['HTTPS_PROXY']) || !empty($_SERVER['https_proxy']))) {
$proxy = parse_url(!empty($_SERVER['https_proxy']) ? $_SERVER['https_proxy'] : $_SERVER['HTTPS_PROXY']);
echo 'HTTPS_PROXY ';
}
if (!empty($_SERVER['NO_PROXY']) || !empty($_SERVER['no_proxy']) && parse_url($url, PHP_URL_HOST)) {
echo 'NO_PROXY ';
}
if (!empty($proxy)) {
$proxyURL = isset($proxy['scheme']) ? $proxy['scheme'] . '://' : '';
$proxyURL .= isset($proxy['host']) ? $proxy['host'] : '';
if (isset($proxy['port'])) {
$proxyURL .= ":" . $proxy['port'];
} elseif ('http://' == substr($proxyURL, 0, 7)) {
$proxyURL .= ":80";
} elseif ('https://' == substr($proxyURL, 0, 8)) {
$proxyURL .= ":443";
}
$proxyURL = str_replace(array('http://', 'https://'), array('tcp://', 'ssl://'), $proxyURL);
if (0 === strpos($proxyURL, 'ssl:') && !extension_loaded('openssl')) {
throw new \RuntimeException('You must enable the openssl extension to use a proxy over https');
}
$options['http']['proxy'] = $proxyURL;
$options['http']['request_fulluri'] = $fulluri;
if ('https' === parse_url($url, PHP_URL_SCHEME)) {
$options['ssl']['SNI_enabled'] = true;
if (PHP_VERSION_ID < 50600) {
$options['ssl']['SNI_server_name'] = parse_url($url, PHP_URL_HOST);
}
}
if (isset($proxy['user'])) {
$auth = urldecode($proxy['user']);
if (isset($proxy['pass'])) {
$auth .= ':' . urldecode($proxy['pass']);
}
$auth = base64_encode($auth);
$options['http']['header'] = array("Proxy-Authorization: Basic {$auth}");
}
}
$options['http']['header'][] = 'User-Agent: Proxy-Test';
uasort($options['http']['header'], function ($el) {
return preg_match('{^content-type}i', $el) ? 1 : -1;
});
return stream_context_create($options);
}
@garethellis36

Copy link
Copy Markdown
Unencrypted HTTP PATH-OK FULL-OK 
Encrypted HTTPS PATH-OK FULL-OK 

@pronskiy

Copy link
Copy Markdown

Unencrypted HTTP PATH-FAIL FULL-OK
Encrypted HTTPS PATH-OK FULL-OK

@antoniogarcia78

Copy link
Copy Markdown

Unencrypted HTTP HTTP_PROXY PATH-FAIL HTTP_PROXY FULL-OK
Encrypted HTTPS HTTP_PROXY HTTPS_PROXY PATH-OK HTTP_PROXY HTTPS_PROXY FULL-OK

@sunlix

sunlix commented Aug 16, 2018

Copy link
Copy Markdown
Unencrypted HTTP HTTP_PROXY NO_PROXY PATH-FAIL HTTP_PROXY NO_PROXY FULL-OK
Encrypted HTTPS HTTP_PROXY HTTPS_PROXY NO_PROXY PATH-OK HTTP_PROXY HTTPS_PROXY NO_PROXY FULL-OK

@croensch

Copy link
Copy Markdown
Unencrypted HTTP HTTP_PROXY NO_PROXY PATH-FAIL HTTP_PROXY NO_PROXY FULL-OK
Encrypted HTTPS HTTP_PROXY HTTPS_PROXY NO_PROXY PATH-OK HTTP_PROXY HTTPS_PROXY NO_PROXY FULL-OK

@naderman

Copy link
Copy Markdown
Author

Received this elsewhere:

Unencrypted HTTP HTTP_PROXY PATH-OK HTTP_PROXY FULL-OK
Encrypted HTTPS HTTP_PROXY HTTPS_PROXY PATH-OK HTTP_PROXY HTTPS_PROXY FULL-FAIL

@vsalguero

Copy link
Copy Markdown

Unencrypted HTTP PATH-OK FULL-OK Encrypted HTTPS PATH-OK FULL-OK

@AndreaBori94

Copy link
Copy Markdown

Unencrypted HTTP PATH-FAIL FULL-FAIL Encrypted HTTPS PATH-OK FULL-OK

@reeslo

reeslo commented Dec 6, 2018

Copy link
Copy Markdown

Unencrypted HTTP PATH-OK FULL-OK Encrypted HTTPS PATH-OK FULL-OK

@delassiter

delassiter commented Dec 12, 2018

Copy link
Copy Markdown

at my customer, when using cntlm:

Unencrypted HTTP HTTP_PROXY NO_PROXY PATH-FAIL HTTP_PROXY NO_PROXY FULL-OK 
Encrypted HTTPS HTTP_PROXY HTTPS_PROXY NO_PROXY PATH-FAIL HTTP_PROXY HTTPS_PROXY NO_PROXY FULL-FAIL 

If I add a tinyproxy in front, and always configure it to add the Connection: keep-alive header, I get this result:

Unencrypted HTTP HTTP_PROXY NO_PROXY PATH-OK HTTP_PROXY NO_PROXY FULL-OK 
Encrypted HTTPS HTTP_PROXY HTTPS_PROXY NO_PROXY PATH-OK HTTP_PROXY HTTPS_PROXY NO_PROXY FULL-OK

@tlay

tlay commented Jun 14, 2019

Copy link
Copy Markdown

On centos7.6.1810

I am trying to build a tool as a non-interactive user via sudo without success and it led me to this test. Most other build tools and components seem to grab my proxy settings or allow me to specify them via the direct command line as an option. I haven't cracked Composer though.

variables

$SUDO_WWW = sudo -H -u apache
$RUN_PHP = /usr/bin/scl enable rh-php72

With proxy set for normaluser in .bash_profile, .gitconfig, .curlrc

[normaluser@mybox somedir]$ $RUN_PHP "php proxy-test.php"
Unencrypted HTTP HTTP_PROXY PATH-OK HTTP_PROXY FULL-OK
Encrypted HTTPS HTTP_PROXY HTTPS_PROXY PATH-FAIL HTTP_PROXY HTTPS_PROXY FULL-FAIL

With proxy set for builduser in .gitconfig, .curlrc

[builduser@mybox somedir]$ $SUDO_WWW $RUN_PHP "php proxy-test.php"
[sudo] password for builduser:
Unencrypted HTTP PATH-FAIL FULL-FAIL
Encrypted HTTPS PATH-FAIL FULL-FAIL

@juank537

Copy link
Copy Markdown

Unencrypted HTTP PATH-FAIL FULL-FAIL Encrypted HTTPS PATH-FAIL FULL-FAIL

@juliocapuano

Copy link
Copy Markdown

Unencrypted HTTP PATH-FAIL FULL-FAIL
Encrypted HTTPS PATH-FAIL FULL-FAIL

@naderman

naderman commented Dec 5, 2019

Copy link
Copy Markdown
Author

@tlay never saw this, but if still relevant, as per your output the HTTP_PROXY/HTTPS_PROXY env vars are not actually set for builduser at all, so no way for Composer to use them.

@naderman

naderman commented Dec 5, 2019

Copy link
Copy Markdown
Author

@juank537 @juliocapuano you do not seem to have any HTTP_PROXY/HTTPS_PROXY environment variables set up, so no proxy can be used.

@AbhinavBajpai

Copy link
Copy Markdown

Unencrypted HTTP HTTP_PROXY PATH-FAIL HTTP_PROXY FULL-OK
Encrypted HTTPS HTTP_PROXY HTTPS_PROXY PATH-OK HTTP_PROXY HTTPS_PROXY FULL-OK

@tlay

tlay commented Jan 28, 2020 via email

Copy link
Copy Markdown

@Hassancxpm

Copy link
Copy Markdown

Unencrypted HTTP PATH-FAIL FULL-FAIL
Encrypted HTTPS PATH-OK FULL-OK

@jegrandet

Copy link
Copy Markdown

For me only :
Unencrypted HTTP PATH-FAIL

@Ibrahim-krimi

Copy link
Copy Markdown

Unencrypted HTTP PATH-OK FULL-OK
Encrypted HTTPS PATH-FAIL FULL-FAIL

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment