From 7965dc6fde8d57a626988a94f5447dcb47e8dca0 Mon Sep 17 00:00:00 2001
From: wkania <wojciech.kania+github@gmail.com>
Date: Sun, 27 Apr 2025 16:24:15 +0200
Subject: [PATCH 1/2] Fix overwriting an array element

---
 Tests/RequestTest.php | 2 --
 1 file changed, 2 deletions(-)

diff --git a/Tests/RequestTest.php b/Tests/RequestTest.php
index 7a4807ecf..f1aa0ebea 100644
--- a/Tests/RequestTest.php
+++ b/Tests/RequestTest.php
@@ -604,7 +604,6 @@ public function testGetUri()
 
         $server['REDIRECT_QUERY_STRING'] = 'query=string';
         $server['REDIRECT_URL'] = '/path/info';
-        $server['SCRIPT_NAME'] = '/index.php';
         $server['QUERY_STRING'] = 'query=string';
         $server['REQUEST_URI'] = '/path/info?toto=test&1=1';
         $server['SCRIPT_NAME'] = '/index.php';
@@ -731,7 +730,6 @@ public function testGetUriForPath()
 
         $server['REDIRECT_QUERY_STRING'] = 'query=string';
         $server['REDIRECT_URL'] = '/path/info';
-        $server['SCRIPT_NAME'] = '/index.php';
         $server['QUERY_STRING'] = 'query=string';
         $server['REQUEST_URI'] = '/path/info?toto=test&1=1';
         $server['SCRIPT_NAME'] = '/index.php';

From 6b7c97fe1ddac8df3cc9ba6410c8abc683e148ae Mon Sep 17 00:00:00 2001
From: Athorcis <Athorcis@users.noreply.github.com>
Date: Mon, 28 Apr 2025 13:34:00 +0200
Subject: [PATCH 2/2] [HttpFoundation] Fix: Encode path in X-Accel-Redirect
 header

we need to encode the path in X-Accel-Redirect header, otherwise nginx fail when certain characters are present in it (like % or ?)

https://github.com/rack/rack/issues/1306
---
 BinaryFileResponse.php           |  2 +-
 Tests/BinaryFileResponseTest.php | 11 ++++++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/BinaryFileResponse.php b/BinaryFileResponse.php
index 41a244b81..c22f283cb 100644
--- a/BinaryFileResponse.php
+++ b/BinaryFileResponse.php
@@ -229,7 +229,7 @@ public function prepare(Request $request): static
                         $path = $location.substr($path, \strlen($pathPrefix));
                         // Only set X-Accel-Redirect header if a valid URI can be produced
                         // as nginx does not serve arbitrary file paths.
-                        $this->headers->set($type, $path);
+                        $this->headers->set($type, rawurlencode($path));
                         $this->maxlen = 0;
                         break;
                     }
diff --git a/Tests/BinaryFileResponseTest.php b/Tests/BinaryFileResponseTest.php
index c7d47a4d7..8f298b77f 100644
--- a/Tests/BinaryFileResponseTest.php
+++ b/Tests/BinaryFileResponseTest.php
@@ -314,7 +314,15 @@ public function testXAccelMapping($realpath, $mapping, $virtual)
         $property->setValue($response, $file);
 
         $response->prepare($request);
-        $this->assertEquals($virtual, $response->headers->get('X-Accel-Redirect'));
+        $header = $response->headers->get('X-Accel-Redirect');
+
+        if ($virtual) {
+            // Making sure the path doesn't contain characters unsupported by nginx
+            $this->assertMatchesRegularExpression('/^([^?%]|%[0-9A-F]{2})*$/', $header);
+            $header = rawurldecode($header);
+        }
+
+        $this->assertEquals($virtual, $header);
     }
 
     public function testDeleteFileAfterSend()
@@ -361,6 +369,7 @@ public static function getSampleXAccelMappings()
             ['/home/Foo/bar.txt', '/var/www/=/files/,/home/Foo/=/baz/', '/baz/bar.txt'],
             ['/home/Foo/bar.txt', '"/var/www/"="/files/", "/home/Foo/"="/baz/"', '/baz/bar.txt'],
             ['/tmp/bar.txt', '"/var/www/"="/files/", "/home/Foo/"="/baz/"', null],
+            ['/var/www/var/www/files/foo%.txt', '/var/www/=/files/', '/files/var/www/files/foo%.txt'],
         ];
     }
 

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://github.com/symfony/http-foundation/compare/symfony:3f0c7ea...symfony:6b7c97f.patch" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://github.com/symfony/http-foundation/compare/symfony:3f0c7ea...symfony:6b7c97f.patch" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://github.com/symfony/http-foundation/compare/symfony:3f0c7ea...symfony:6b7c97f.patch" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://github.com/symfony/http-foundation/compare/symfony:3f0c7ea...symfony:6b7c97f.patch" target="_blank">pFad v4 Proxy</a></p></body>
</html>