search

joomla / joomla-cms

Home of the Joomla! Content Management System
https://www.joomla.org
GNU General Public License v2.0
4.74k stars 3.64k forks source link

Undefined array key in "browser.php" #39778

Closed dsimonse closed 1 year ago

dsimonse commented 1 year ago

Steps to reproduce the issue

Using Firefox 109.0.1

Expected result

No PHP-notice

Actual result

PHP Warning: Undefined array key 1 in /libraries/src/Environment/Browser.php on line 691

System information (as much as possible)

Joomla 3.10.11 PHP 8.0.11

Additional comments

Browser.zip

ReLater commented 1 year ago

What does "System Information" in Joomla's backend tell you about "User Agent"?

grafik

I think that something is manipulating the agent string when using the Browser class. Normally Firefox sends always a string like Firefox/x.y.

In your case it looks like it's only Firefox/x (without the dot between numbers).

BTW: I don't think that this issue will be fixed in Joomla 3 because it's not a security issue.

dsimonse commented 1 year ago

Hi,

Well it looks the same as your output:

Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/109.0

But it seems as if the error occurs a bit random.

dsimonse commented 1 year ago

I also get a similar message from "WebClient.php": PHP Warning: Undefined array key 1 in /libraries/vendor/joomla/application/src/Web/WebClient.php on line 405 It seems to appy to a Chrome-client?

//Dennis WebClient.zip

Quy commented 1 year ago

Duplicate #39637?

ReLater commented 1 year ago

But it seems as if the error occurs a bit random.

I'm asking because Joomla 4 uses the same code in class Browser.

Is it a warning that you see in your error log file "coming from somewhere" or when you visit your Joomla page yourself with your Firefox browser? Other words: You are sure that your browser triggers this warning?

I never have seen a PHP message like this and work a lot with Firefox, Joomla 3 and 4 with debugger tools that display warnings, too.

I think that something is manipulating the agent string when using the Browser class. Normally Firefox sends always a string like Firefox/x.y.

ReLater commented 1 year ago

Duplicate https://github.com/joomla/joomla-cms/issues/39637?

Yes, the second part concerning Chrome. See also https://github.com/joomla-framework/application/issues/112

dsimonse commented 1 year ago

Hi,

It has occurred 26 times since september 2022, 24 times at line 691 and 2 times at line 620 – and this is on my lab site that has bee visited by me and ”ACYMailing”- , ”RSJoomla!”- and ”ChronoEngine” -support during this time. So it could be their browsers.

I obviously visited the site a lot more that 26 times.

The live site only has 1 entry for line 691 – but I missed out on logging for january.

So I suspect it has something to do with the shift to PHP8.0 that have runned for a longer time at the lab-site and just recently (january) been applied to the live site.

Från: ReLater Skickat: den 4 februari 2023 01:28 Till: joomla/joomla-cms @.> Kopia: dsimonse @.>; Author @.***> Ämne: Re: [joomla/joomla-cms] Undefined array key in "browser.php" (Issue #39778)

But it seems as if the error occurs a bit random.

I'm asking because Joomla 4 uses the same code in class Browser.

Is it a warning that you see in your error log file "coming from somewhere" or when you visit your Joomla page yourself with your Firefox browser? Other words: You are sure that your browser triggers this warning?

I never have seen a PHP message like this and work a lot with Firefox, Joomla 3 and 4 with debugger tools that display warnings, too.

I think that something is manipulating the agent string when using the Browser class. Normally Firefox sends always a string like Firefox/x.y.

— Reply to this email directly, view it on GitHub https://github.com/joomla/joomla-cms/issues/39778#issuecomment-1416555498 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AEDPNYXRH2GNVDADBRSCRJLWVWO7PANCNFSM6AAAAAAUPT5PWI . You are receiving this because you authored the thread. https://github.com/notifications/beacon/AEDPNYWNUKV4H2JVRM63SULWVWO7PA5CNFSM6AAAAAAUPT5PWKWGG33NNVSW45C7OR4XAZNMJFZXG5LFINXW23LFNZ2KUY3PNVWWK3TUL5UWJTSUN3V6U.gif Message ID: @. @.> >

ReLater commented 1 year ago

So I suspect it has something to do with the shift to PHP8.0

Yes. In PHP7 it was a notice (often ignored by error_reporting). Now it's a warning.

If you can check your web server access logs what the user agent is we would know if it is just a "new" one (like the Chrome case) or just a "stupid" one.

dsimonse commented 1 year ago

Hi,

Is this helpful?

//Dennis

Från: ReLater Skickat: den 4 februari 2023 12:19 Till: joomla/joomla-cms @.> Kopia: dsimonse @.>; Author @.***> Ämne: Re: [joomla/joomla-cms] Undefined array key in "browser.php" (Issue #39778)

So I suspect it has something to do with the shift to PHP8.0

Yes. In PHP7 it was a notice (often ignored by error_reporting). Now it's a warning.

If you can check your web server access logs what the user agent is we would know if it is just a "new" one (like the Chrome case) or just a "stupid" one.

— Reply to this email directly, view it on GitHub https://github.com/joomla/joomla-cms/issues/39778#issuecomment-1416726078 , or unsubscribe https://github.com/notifications/unsubscribe-auth/AEDPNYXG6KMRVYK2OOTTNWLWVY3KXANCNFSM6AAAAAAUPT5PWI . You are receiving this because you authored the thread.Message ID: @.***>

[02-Feb-2023 17:04:12 Europe/Stockholm] PHP Warning: Undefined array key 1 in /storage/content/25/4000325/rojteatern.nu/public_html/libraries/src/Environment/Browser.php on line 691

114.119.137.195 - - [02/Feb/2023:17:04:05 +0100] "GET /component/rseventspro/vecka/09-07-2020.html?format=feed&type=rss HTTP/1.1" 200 1636 "https://rojteatern.nu/component/rseventspro/vecka/09-07-2020.html" "Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)" 198.136.54.132 - - [02/Feb/2023:17:04:07 +0100] "GET /wp-login.php HTTP/1.1" 301 578 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96" 198.136.54.132 - - [02/Feb/2023:17:04:08 +0100] "GET /wp-login.php HTTP/1.1" 200 774 "http://rojteatern.nu/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96" 198.136.54.132 - - [02/Feb/2023:17:04:11 +0100] "GET / HTTP/1.1" 200 14405 "https://rojteatern.nu/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96" 114.119.156.152 - - [02/Feb/2023:17:04:49 +0100] "GET /component/rseventspro/dag/08-10-2020.html?Itemid=2952&format=feed&type=rss HTTP/1.1" 200 1635 "https://rojteatern.nu/component/rseventspro/dag/08-10-2020.html?Itemid=2952" "Mozilla/5.0 (Linux; Android 7.0;) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; PetalBot;+https://webmaster.petalsearch.com/site/petalbot)"

[03-Feb-2023 19:46:09 Europe/Stockholm] PHP Warning: Undefined array key 1 in /storage/content/25/4000325/rojteatern.nu/public_html/libraries/vendor/joomla/application/src/Web/WebClient.php on line 405

54.36.149.34 - - [03/Feb/2023:19:46:04 +0100] "GET /tidigare-produktioner/1980-tal/kungavalet-i-trollskogen.html HTTP/1.1" 200 14871 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)" 74.125.208.30 - - [03/Feb/2023:19:46:08 +0100] "GET /.well-known/traffic-advice HTTP/1.1" 200 934 "-" "Chrome Privacy Preserving Prefetch Proxy" 193.186.4.100 - - [03/Feb/2023:19:46:09 +0100] "GET /historien-om-majakovskij-och-lili-brik.html HTTP/1.1" 200 13695 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36"

[03-Feb-2023 21:05:44 Europe/Stockholm] PHP Warning: Undefined array key 1 in /storage/content/25/4000325/rojteatern.nu/public_html/libraries/vendor/joomla/application/src/Web/WebClient.php on line 405

193.186.4.100 - - [03/Feb/2023:21:05:43 +0100] "GET /tidigare-produktioner/2010-tal/kejsarn-av-portugallien.html?view=category&id=91 HTTP/1.1" 200 18761 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Mobile Safari/537.36" 74.125.208.28 - - [03/Feb/2023:21:05:43 +0100] "GET /.well-known/traffic-advice HTTP/1.1" 200 934 "-" "Chrome Privacy Preserving Prefetch Proxy"

[02-Feb-2023 22:03:53 Europe/Stockholm] PHP Warning: Undefined array key 1 in /storage/content/25/4000325/biljett.rojteatern.nu/public_html/libraries/src/Environment/Browser.php on line 691

159.223.148.63 - - [02/Feb/2023:22:03:51 +0100] "GET /wp-login.php HTTP/1.1" 301 603 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96" 159.223.148.63 - - [02/Feb/2023:22:03:52 +0100] "GET /wp-login.php HTTP/1.1" 200 937 "http://www.biljett.rojteatern.nu/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96" 159.223.148.63 - - [02/Feb/2023:22:03:54 +0100] "GET / HTTP/1.1" 200 117459 "https://www.biljett.rojteatern.nu/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96"

[03-Feb-2023 00:10:20 Europe/Stockholm] PHP Warning: Undefined array key 1 in /storage/content/25/4000325/biljett.rojteatern.nu/public_html/libraries/src/Environment/Browser.php on line 691

47.57.186.73 - - [03/Feb/2023:00:10:18 +0100] "GET /wp-login.php HTTP/1.1" 301 594 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96" 47.57.186.73 - - [03/Feb/2023:00:10:19 +0100] "GET /wp-login.php HTTP/1.1" 200 937 "http://biljett.rojteatern.nu/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96" 47.57.186.73 - - [03/Feb/2023:00:10:21 +0100] "GET / HTTP/1.1" 200 117537 "https://biljett.rojteatern.nu/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96"

[03-Feb-2023 17:43:03 Europe/Stockholm] PHP Warning: Undefined array key 1 in /storage/content/25/4000325/biljett.rojteatern.nu/public_html/libraries/src/Environment/Browser.php on line 620

39.103.187.166 - - [03/Feb/2023:17:42:20 +0100] "HEAD / HTTP/1.1" 301 430 "-" "Mozilla/5.0 (linux; u; android 9; zh-cn; v1816a build/pkq1.180819.001) applewebkit/537.36 (khtml, like gecko) version/4.0 chrome/57" 39.103.187.166 - - [03/Feb/2023:17:42:24 +0100] "GET / HTTP/1.1" 301 626 "-" "Mozilla/5.0 (linux; u; android 9; zh-cn; v1816a build/pkq1.180819.001) applewebkit/537.36 (khtml, like gecko) version/4.0 chrome/57" 39.103.187.166 - - [03/Feb/2023:17:42:35 +0100] "GET / HTTP/1.1" 200 125421 "-" "Mozilla/5.0 (linux; u; android 9; zh-cn; v1816a build/pkq1.180819.001) applewebkit/537.36 (khtml, like gecko) version/4.0 chrome/57" 39.103.187.166 - - [03/Feb/2023:17:43:02 +0100] "GET / HTTP/1.1" 200 107648 "-" "Mozilla/5.0 (linux; u; android 9; zh-cn; v1816a build/pkq1.180819.001) applewebkit/537.36 (khtml, like gecko) version/4.0 chrome/57"

ReLater commented 1 year ago

47.57.186.73 - - [03/Feb/2023:00:10:18 +0100] "GET /wp-login.php HTTP/1.1" 301 594 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96"

These are typical trials of spammers/hackers/whatever to check out a site's environment. With a faked Firefox UserAgent.

74.125.208.28 - - [03/Feb/2023:21:05:43 +0100] "GET /.well-known/traffic-advice HTTP/1.1" 200 934 "-" "Chrome Privacy Preserving Prefetch Proxy"

is an annoying Google bot that has been mentioned here already:

Yes, the second part concerning Chrome. See also https://github.com/joomla-framework/application/issues/112

brianteeman commented 1 year ago

I am closing this for the reasons stated above. Obviously we can't do anything about faked user agent strings. It can always be reopened if someone disagrees with that