diff options
author | Peter Zhang <peter@innocraft.com> | 2022-04-11 16:10:53 +0300 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-04-11 16:10:53 +0300 |
commit | 8a8b51243641b08064a1b57813da711e96e76298 (patch) | |
tree | 186ae164a68f2a5de7f000e0e4645ef064f5638a /core | |
parent | 793c7db0bec494d7165c60e04cbf4db5f701419b (diff) |
[Bug]fix prefilght cors OPTIONS request record in the action visits (#19030)
* extend request with options and method
when options header and method is options do not record in the database.
* update function
update function
* update tests
update tests
* update tests
adjust code only trigger on option request
* remove class variable
remove server
* Update Request.php
add check request method
* drop option request
drop prefight request
* update reset
update reset
* return 204 on prefight
return 204 on prefight
* Update Tracker.php
accept cors
* fix typo & add type hint
* Update core/Tracker/RequestSet.php
* apply PSR12 code formatting
* adds test
Co-authored-by: sgiehl <stefan@matomo.org>
Diffstat (limited to 'core')
-rw-r--r-- | core/Tracker.php | 31 | ||||
-rw-r--r-- | core/Tracker/Action.php | 2 | ||||
-rw-r--r-- | core/Tracker/Request.php | 4 | ||||
-rw-r--r-- | core/Tracker/RequestSet.php | 3 |
4 files changed, 34 insertions, 6 deletions
diff --git a/core/Tracker.php b/core/Tracker.php index 9d813c0796..90485e1a5d 100644 --- a/core/Tracker.php +++ b/core/Tracker.php @@ -1,4 +1,5 @@ <?php + /** * Matomo - free/libre analytics platform * @@ -6,6 +7,7 @@ * @license http://www.gnu.org/licenses/gpl-3.0.html GPL v3 or later * */ + namespace Piwik; use Exception; @@ -110,11 +112,21 @@ class Tracker { try { $this->init(); + + if ($this->isPreFlightCorsRequest()) { + Common::sendHeader('Access-Control-Allow-Methods: GET, POST'); + Common::sendHeader('Access-Control-Allow-Headers: *'); + Common::sendHeader('Access-Control-Allow-Origin: *'); + Common::sendResponseCode(204); + $this->logger->debug("Tracker detected preflight CORS request. Skipping..."); + return null; + } + $handler->init($this, $requestSet); $this->track($handler, $requestSet); } catch (Exception $e) { - StaticContainer::get(LoggerInterface::class)->debug("Tracker encountered an exception: {ex}", [$e]); + $this->logger->debug("Tracker encountered an exception: {ex}", [$e]); $handler->onException($this, $requestSet, $e); } @@ -171,7 +183,8 @@ class Tracker */ public static function initCorePiwikInTrackerMode() { - if (SettingsServer::isTrackerApiRequest() + if ( + SettingsServer::isTrackerApiRequest() && self::$initTrackerMode === false ) { self::$initTrackerMode = true; @@ -291,7 +304,8 @@ class Tracker } // Tests using window_look_back_for_visitor - if (Common::getRequestVar('forceLargeWindowLookBackForVisitor', false, null, $args) == 1 + if ( + Common::getRequestVar('forceLargeWindowLookBackForVisitor', false, null, $args) == 1 // also look for this in bulk requests (see fake_logs_replay.log) || strpos(json_encode($args, true), '"forceLargeWindowLookBackForVisitor":"1"') !== false ) { @@ -330,7 +344,8 @@ class Tracker private function handleFatalErrors() { - register_shutdown_function(function () { // TODO: add a log here + register_shutdown_function(function () { + // TODO: add a log here $lastError = error_get_last(); if (!empty($lastError) && $lastError['type'] == E_ERROR) { Common::sendResponseCode(500); @@ -355,4 +370,12 @@ class Tracker return false; } + + public function isPreFlightCorsRequest(): bool + { + if (isset($_SERVER['REQUEST_METHOD']) && strtoupper($_SERVER['REQUEST_METHOD']) === 'OPTIONS') { + return !empty($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']) || !empty($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']); + } + return false; + } } diff --git a/core/Tracker/Action.php b/core/Tracker/Action.php index bd0cc078ca..13baf6c0dd 100644 --- a/core/Tracker/Action.php +++ b/core/Tracker/Action.php @@ -381,6 +381,8 @@ abstract class Action */ public function record(Visitor $visitor, $idReferrerActionUrl, $idReferrerActionName) { + + $this->loadIdsFromLogActionTable(); $visitAction = array( diff --git a/core/Tracker/Request.php b/core/Tracker/Request.php index 58911a25a5..2b1496f451 100644 --- a/core/Tracker/Request.php +++ b/core/Tracker/Request.php @@ -44,6 +44,8 @@ class Request protected $tokenAuth; + + /** * Stores plugin specific tracking request metadata. RequestProcessors can store * whatever they want in this array, and other RequestProcessors can modify these @@ -72,6 +74,7 @@ class Request $this->timestamp = time(); $this->isEmptyRequest = empty($params); + // When the 'url' and referrer url parameter are not given, we might be in the 'Simple Image Tracker' mode. // The URL can default to the Referrer, which will be in this case // the URL of the page containing the Simple Image beacon @@ -921,4 +924,5 @@ class Request } return false; } + } diff --git a/core/Tracker/RequestSet.php b/core/Tracker/RequestSet.php index d243f45504..7249ea2262 100644 --- a/core/Tracker/RequestSet.php +++ b/core/Tracker/RequestSet.php @@ -36,7 +36,7 @@ class RequestSet if (empty($requests)|| !is_array($requests)) { return; } - + foreach ($requests as $request) { if (empty($request) && !is_array($request)) { continue; @@ -45,7 +45,6 @@ class RequestSet if (!$request instanceof Request) { $request = new Request($request, $this->getTokenAuth()); } - $this->requests[] = $request; } } |