diff --git a/core/core.services.yml b/core/core.services.yml index 080e629..ea0afdc 100644 --- a/core/core.services.yml +++ b/core/core.services.yml @@ -152,12 +152,6 @@ services: arguments: ['@path.alias_storage', '@path.alias_whitelist', '@language_manager'] http_default_client: class: Drupal\Core\Http\Client - # Security consideration: we must not use the certificate authority file - # shipped with Guzzle because it can easily get outdated if a certificate - # authority is hacked. Instead, we rely on the certificate authority file - # provided by the operating system which is more likely going to be updated - # in a timely fashion. - arguments: [{config: {curl : {CURLOPT_TIMEOUT: 30, CURLOPT_MAXREDIRS: 3}, ssl: {ssl.certificate_authority: system}}}] theme.negotiator: class: Drupal\Core\Theme\ThemeNegotiator arguments: ['@access_check.theme', '@request_stack'] diff --git a/core/lib/Drupal/Core/Http/Client.php b/core/lib/Drupal/Core/Http/Client.php index 555672a..953e7a4 100644 --- a/core/lib/Drupal/Core/Http/Client.php +++ b/core/lib/Drupal/Core/Http/Client.php @@ -8,6 +8,7 @@ namespace Drupal\Core\Http; use GuzzleHttp\Client as GuzzleClient; +use Drupal\Component\Utility\NestedArray; /** * Drupal default HTTP client class. @@ -18,8 +19,6 @@ class Client extends GuzzleClient { * {@inheritdoc} */ public function __construct(array $config = []) { - parent::__construct($config); - // If the database prefix is being used by SimpleTest to run the tests in a // copied database then set the user-agent header to the database prefix so // that any calls to other Drupal pages will run the SimpleTest prefixed @@ -34,7 +33,26 @@ public function __construct(array $config = []) { $default_user_agent = 'Drupal (+http://drupal.org/)'; } - $this->setDefaultOption('headers/User-Agent', $default_user_agent); + $defaults = array( + 'curl' => array( + CURLOPT_TIMEOUT => 30, + CURLOPT_MAXREDIRS => 3, + ), + 'headers' => array( + 'User-Agent' => $default_user_agent, + ), + // Security consideration: we must not use the certificate authority file + // shipped with Guzzle because it can easily get outdated if a certificate + // authority is hacked. Instead, we rely on the certificate authority file + // provided by the operating system which is more likely going to be + // updated in a timely fashion. + 'ssl' => array( + 'certificate_authority' => 'system', + ), + ); + $config = NestedArray::mergeDeep($defaults, $config); + + parent::__construct($config); } diff --git a/core/modules/aggregator/lib/Drupal/aggregator/Plugin/aggregator/fetcher/DefaultFetcher.php b/core/modules/aggregator/lib/Drupal/aggregator/Plugin/aggregator/fetcher/DefaultFetcher.php index d839df1..bd6b8ed 100644 --- a/core/modules/aggregator/lib/Drupal/aggregator/Plugin/aggregator/fetcher/DefaultFetcher.php +++ b/core/modules/aggregator/lib/Drupal/aggregator/Plugin/aggregator/fetcher/DefaultFetcher.php @@ -78,8 +78,8 @@ public function fetch(FeedInterface $feed) { } $feed->source_string = $response->getBody(TRUE); - $feed->setEtag($response->getEtag()); - $feed->setLastModified(strtotime($response->getLastModified())); + $feed->setEtag($response->getHeader('ETag')); + $feed->setLastModified(strtotime($response->getHeader('Last-Modified'))); $feed->http_headers = $response->getHeaders(); // Update the feed URL in case of a 301 redirect.