@php-wasm/universal
Advanced tools
@php-wasm/universal - npm Package Compare versions
@@ -231,2 +231,91 @@ import type { PHP } from './php'; | ||
| request(request: PHPRequest): Promise<PHPResponse>; | ||
| /** | ||
| * Computes the essential $_SERVER entries for a request. | ||
| * | ||
| * php_wasm.c sets some defaults, assuming it runs as a CLI script. | ||
| * This function overrides them with the values correct in the request | ||
| * context. | ||
| * | ||
| * @TODO: Consolidate the $_SERVER setting logic into a single place instead | ||
| * of splitting it between the C SAPI and the TypeScript code. The PHP | ||
| * class has a `.cli()` method that could take care of the CLI-specific | ||
| * $_SERVER values. | ||
| * | ||
| * Path and URL-related $_SERVER entries are theoretically documented | ||
| * at https://www.php.net/manual/en/reserved.variables.server.php, | ||
| * but that page is not very helpful in practice. Here are tables derived | ||
| * by interacting with PHP servers: | ||
| * | ||
| * ## PHP Dev Server | ||
| * | ||
| * Setup: | ||
| * – `/home/adam/subdir/script.php` file contains `<?php phpinfo(); ?>` | ||
| * – `php -S 127.0.0.1:8041` running in `/home/adam` directory | ||
| * – A request is sent to `http://127.0.0.1:8041/subdir/script.php/b.php/c.php` | ||
| * | ||
| * Results: | ||
| * | ||
| * $_SERVER['REQUEST_URI'] | `/subdir/script.php/b.php/c.php` | ||
| * $_SERVER['SCRIPT_NAME'] | `/subdir/script.php` | ||
| * $_SERVER['SCRIPT_FILENAME']| `/home/adam/subdir/script.php` | ||
| * $_SERVER['PATH_INFO'] | `/b.php/c.php` | ||
| * $_SERVER['PHP_SELF'] | `/subdir/script.php/b.php/c.php` | ||
| * | ||
| * ## Apache – rewriting rules | ||
| * | ||
| * Setup: | ||
| * – `/var/www/html/subdir/script.php` file contains `<?php phpinfo(); ?>` | ||
| * – Apache is listening on port 8041 | ||
| * – The document root is `/var/www/html` | ||
| * – A request is sent to `http://127.0.0.1:8041/api/v1/user/123` | ||
| * | ||
| * .htaccess file: | ||
| * | ||
| * ```apache | ||
| * RewriteEngine On | ||
| * RewriteRule ^api/v1/user/([0-9]+)$ /subdir/script.php?endpoint=user&id=$1 [L,QSA] | ||
| * ``` | ||
| * | ||
| * Results: | ||
| * | ||
| * ``` | ||
| * $_SERVER['REQUEST_URI'] | /api/v1/user/123 | ||
| * $_SERVER['SCRIPT_NAME'] | /subdir/script.php | ||
| * $_SERVER['SCRIPT_FILENAME'] | /var/www/html/subdir/script.php | ||
| * $_SERVER['PATH_INFO'] | (key not set) | ||
| * $_SERVER['PHP_SELF'] | /subdir/script.php | ||
| * $_SERVER['QUERY_STRING'] | endpoint=user&id=123 | ||
| * $_SERVER['REDIRECT_STATUS'] | 200 | ||
| * $_SERVER['REDIRECT_URL'] | /api/v1/user/123 | ||
| * $_SERVER['REDIRECT_QUERY_STRING'] | endpoint=user&id=123 | ||
| * === $_GET Variables === | ||
| * $_GET['endpoint'] | user | ||
| * $_GET['id'] | 123 | ||
| * ``` | ||
| * | ||
| * ## Apache – vanilla request | ||
| * | ||
| * Setup: | ||
| * – The same as above. | ||
| * – A request sent http://localhost:8041/subdir/script.php?param=value | ||
| * | ||
| * Results: | ||
| * | ||
| * ``` | ||
| * $_SERVER['REQUEST_URI'] | /subdir/script.php?param=value | ||
| * $_SERVER['SCRIPT_NAME'] | /subdir/script.php | ||
| * $_SERVER['SCRIPT_FILENAME'] | /var/www/html/subdir/script.php | ||
| * $_SERVER['PATH_INFO'] | (key not set) | ||
| * $_SERVER['PHP_SELF'] | /subdir/script.php | ||
| * $_SERVER['REDIRECT_URL'] | (key not set) | ||
| * $_SERVER['REDIRECT_STATUS'] | (key not set) | ||
| * $_SERVER['QUERY_STRING'] | param=value | ||
| * $_SERVER['REQUEST_METHOD'] | GET | ||
| * $_SERVER['DOCUMENT_ROOT'] | /var/www/html | ||
| * | ||
| * === $_GET Variables === | ||
| * $_GET['param'] | value | ||
| * ``` | ||
| */ | ||
| private prepare_$_SERVER_superglobal; | ||
| [Symbol.asyncDispose](): Promise<void>; | ||
@@ -233,0 +322,0 @@ } |
@@ -85,3 +85,5 @@ import type { Remote } from './comlink-sync'; | ||
| /** | ||
| * Request path following the domain:port part. | ||
| * Request path following the domain:port part – | ||
| * after any URL rewriting rules (e.g. apache .htaccess) | ||
| * have been applied. | ||
| */ | ||
@@ -88,0 +90,0 @@ relativeUri?: string; |
+7
-7
| { | ||
| "name": "@php-wasm/universal", | ||
| "version": "3.0.19", | ||
| "version": "3.0.20", | ||
| "description": "PHP.wasm – emscripten bindings for PHP", | ||
@@ -40,3 +40,3 @@ "repository": { | ||
| "license": "GPL-2.0-or-later", | ||
| "gitHead": "5d6cbf03fb33b4c58c587c43a4a7793d4b050885", | ||
| "gitHead": "8fb1044d507cb9fc8d53a24b60d8d37a277c2a9f", | ||
| "engines": { | ||
@@ -48,7 +48,7 @@ "node": ">=20.18.3", | ||
| "ini": "4.1.2", | ||
| "@php-wasm/node-polyfills": "3.0.19", | ||
| "@php-wasm/logger": "3.0.19", | ||
| "@php-wasm/util": "3.0.19", | ||
| "@php-wasm/stream-compression": "3.0.19", | ||
| "@php-wasm/progress": "3.0.19" | ||
| "@php-wasm/node-polyfills": "3.0.20", | ||
| "@php-wasm/logger": "3.0.20", | ||
| "@php-wasm/util": "3.0.20", | ||
| "@php-wasm/stream-compression": "3.0.20", | ||
| "@php-wasm/progress": "3.0.20" | ||
| }, | ||
@@ -55,0 +55,0 @@ "packageManager": "npm@10.9.2", |
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
Sorry, the diff of this file is too big to display
New alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Fixed alerts
Uses eval
Supply chain riskPackage uses dynamic code execution (e.g., eval()), which is a dangerous practice. This can prevent the code from running in certain environments and increases the risk that the code may contain exploits or malicious behavior.
Found 1 instance in 1 package
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
URL strings
Supply chain riskPackage contains fragments of external URLs or IP addresses, which the package may be accessing at runtime.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
904102
4.09%- Lines of code
6819
3.63%Dependency changes
+ Added
@php-wasm/logger@3.0.20(transitive)+ Added
@php-wasm/node-polyfills@3.0.20(transitive)+ Added
@php-wasm/progress@3.0.20(transitive)+ Added
@php-wasm/stream-compression@3.0.20(transitive)+ Added
@php-wasm/util@3.0.20(transitive)- Removed
@php-wasm/logger@3.0.19(transitive)- Removed
@php-wasm/node-polyfills@3.0.19(transitive)- Removed
@php-wasm/progress@3.0.19(transitive)- Removed
@php-wasm/stream-compression@3.0.19(transitive)- Removed
@php-wasm/util@3.0.19(transitive)Updated
@php-wasm/logger@3.0.20Updated
@php-wasm/progress@3.0.20Updated
@php-wasm/util@3.0.20