Download the PHP package dsentker/url-fingerprint without Composer
On this page you can find all versions of the php package dsentker/url-fingerprint. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download dsentker/url-fingerprint
More information about dsentker/url-fingerprint
Files in dsentker/url-fingerprint
Package url-fingerprint
Short Description Build a hash from a url
License GPL-2.0-or-later
Homepage https://github.com/dsentker/urlhasher
Informations about the package url-fingerprint
UrlFingerprint
A library that creates a unique hash value from a URL - without getting a headache.
This library aims to get a unique but consistent digest (hash result) from a URL with or without side effects. It
generates equal hash results even if the parameter order in the query string is different or the URL contains encoded
characters like %20
.
This library uses the concept of a "Fingerprint". Depending on your settings, a specific fingerprint is generated for each URL, which contains the digest, the hash algorithm and the hashed parts of the URL.
Basic Usage
Installation & Usage
Composer 2 and PHP >= 7.4 is required.
Install url-fingerprint with composer.
Options
Configure options in the constructor to specify the way the digest is created:
Option | Type | Default | Description |
---|---|---|---|
secret |
string | (required!) Choose a secret key for the hash_hmac function. |
|
hash_algo |
string | sha256 | A hashing algorithm suitable for hash_hmac() . |
ignore_scheme |
boolean | false | Whether to hash the scheme part of the url (https://, ftp:// etc.) |
ignore_userinfo |
boolean | false | Whether to hash the user information part of the url (e.g. userinfo@host) |
ignore_host |
boolean | false | Whether to hash the host name or not |
ignore_port |
boolean | false | Whether to hash the port |
ignore_path |
boolean | false | Whether to path of the URL (e.g. /foo/index.php) |
ignore_query |
boolean | false | Whether to hash the query string parts in the URL (Keys and values). |
ignore_fragment |
boolean | false | Whether to hash the fragment / hash suffix in the URL or not. |
Examples
Testing
With PHPUnit:
$ ./vendor/bin/phpunit tests
Contributing
If you notice bugs, have general questions or want to implement a feature, you are welcome to collaborate.
Please see CONTRIBUTING for details.
Background
Motivation
Generating a unique hash from a URL is useful, e.g. when caching API responses or for security purposes. The simple idea of just hashing the URL can turn into a difficult task. Consider the following example:
This creates the same hash value (digest) each time. But what if the order of the query string parameters is changed?
Both URLs are technically the same, but the generated digest is different.
There are more parts of a URL that you may not want to include for the hash algorithm:
All three URLs could be similar according to your requirements and should therefore generate the same hash result. This is what this library was built for. There are other things in a URL that shouldn't affect the hash value of a URL:
- The order of the query parameters is different
- Another protocol is used
- URL-encoded characters such as
%20
should be taken into account
Predecessor
This library replaces the predecessor, the url-signature library.
Compared to the url-signature library, this library is rewritten completely and should solve the following drawbacks:
- The url-signature library did not follow the Single-responsibility principle
- Arrays in query string could lead to unexpected results
- I do not like setting options with bitmask flags
- A thin wrapper for normalizing query strings is not required
- Insufficient investigation possibilities to debug the hash process
All versions of url-fingerprint with dependencies
league/uri Version ^6.0
league/uri-components Version ^2.3
symfony/options-resolver Version ^5.3
ext-json Version *
ext-mbstring Version *