use PHPUnit\Framework\TestCase;
use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
-use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;
-use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Session\Session;
+use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;
class RequestTest extends TestCase
{
protected function tearDown()
{
- // reset
Request::setTrustedProxies(array(), -1);
Request::setTrustedHosts(array());
}
$request->setMethod('POST');
$request->headers->set('X-HTTP-METHOD-OVERRIDE', 'delete');
$this->assertEquals('DELETE', $request->getMethod(), '->getMethod() returns the method from X-HTTP-Method-Override if defined and POST');
+
+ $request = new Request();
+ $request->setMethod('POST');
+ $request->query->set('_method', array('delete', 'patch'));
+ $this->assertSame('POST', $request->getMethod(), '->getMethod() returns the request method if invalid type is defined in query');
}
/**
public function getClientIpsProvider()
{
- // $expected $remoteAddr $httpForwardedFor $trustedProxies
+ // $expected $remoteAddr $httpForwardedFor $trustedProxies
return array(
// simple IPv4
array(array('88.88.88.88'), '88.88.88.88', null, null),
// forwarded for with remote IPv4 addr not trusted
array(array('127.0.0.1'), '127.0.0.1', '88.88.88.88', null),
- // forwarded for with remote IPv4 addr trusted
- array(array('88.88.88.88'), '127.0.0.1', '88.88.88.88', array('127.0.0.1')),
+ // forwarded for with remote IPv4 addr trusted + comma
+ array(array('88.88.88.88'), '127.0.0.1', '88.88.88.88,', array('127.0.0.1')),
// forwarded for with remote IPv4 and all FF addrs trusted
array(array('88.88.88.88'), '127.0.0.1', '88.88.88.88', array('127.0.0.1', '88.88.88.88')),
// forwarded for with remote IPv4 range trusted
'HTTP_X_FORWARDED_FOR' => $httpXForwardedFor,
);
- Request::setTrustedProxies(array('88.88.88.88'), Request::HEADER_X_FORWARDED_ALL);
+ Request::setTrustedProxies(array('88.88.88.88'), -1);
$request->initialize(array(), array(), array(), array(), array(), $server);
{
return array(
array(
- array(
- 'X_ORIGINAL_URL' => '/foo/bar',
- ),
- array(),
- '/foo/bar',
- ),
- array(
- array(
- 'X_REWRITE_URL' => '/foo/bar',
- ),
array(),
- '/foo/bar',
- ),
- array(
- array(),
- array(
- 'IIS_WasUrlRewritten' => '1',
- 'UNENCODED_URL' => '/foo/bar',
- ),
- '/foo/bar',
- ),
- array(
- array(
- 'X_ORIGINAL_URL' => '/foo/bar',
- ),
- array(
- 'HTTP_X_ORIGINAL_URL' => '/foo/bar',
- ),
- '/foo/bar',
- ),
- array(
- array(
- 'X_ORIGINAL_URL' => '/foo/bar',
- ),
array(
'IIS_WasUrlRewritten' => '1',
'UNENCODED_URL' => '/foo/bar',
),
'/foo/bar',
),
- array(
- array(
- 'X_ORIGINAL_URL' => '/foo/bar',
- ),
- array(
- 'HTTP_X_ORIGINAL_URL' => '/foo/bar',
- 'IIS_WasUrlRewritten' => '1',
- 'UNENCODED_URL' => '/foo/bar',
- ),
- '/foo/bar',
- ),
array(
array(),
array(
$this->assertEquals($expectedBaseUrl, $request->getBaseUrl());
$this->assertEquals($expectedBasePath, $request->getBasePath());
}
+
+ public function testTrustedHost()
+ {
+ Request::setTrustedProxies(array('1.1.1.1'), -1);
+
+ $request = Request::create('/');
+ $request->server->set('REMOTE_ADDR', '1.1.1.1');
+ $request->headers->set('Forwarded', 'host=localhost:8080');
+ $request->headers->set('X-Forwarded-Host', 'localhost:8080');
+
+ $this->assertSame('localhost:8080', $request->getHttpHost());
+ $this->assertSame(8080, $request->getPort());
+
+ $request = Request::create('/');
+ $request->server->set('REMOTE_ADDR', '1.1.1.1');
+ $request->headers->set('Forwarded', 'host="[::1]:443"');
+ $request->headers->set('X-Forwarded-Host', '[::1]:443');
+ $request->headers->set('X-Forwarded-Port', 443);
+
+ $this->assertSame('[::1]:443', $request->getHttpHost());
+ $this->assertSame(443, $request->getPort());
+ }
+
+ public function testTrustedPort()
+ {
+ Request::setTrustedProxies(array('1.1.1.1'), -1);
+
+ $request = Request::create('/');
+ $request->server->set('REMOTE_ADDR', '1.1.1.1');
+ $request->headers->set('Forwarded', 'host=localhost:8080');
+ $request->headers->set('X-Forwarded-Port', 8080);
+
+ $this->assertSame(8080, $request->getPort());
+
+ $request = Request::create('/');
+ $request->server->set('REMOTE_ADDR', '1.1.1.1');
+ $request->headers->set('Forwarded', 'host=localhost');
+ $request->headers->set('X-Forwarded-Port', 80);
+
+ $this->assertSame(80, $request->getPort());
+
+ $request = Request::create('/');
+ $request->server->set('REMOTE_ADDR', '1.1.1.1');
+ $request->headers->set('Forwarded', 'host="[::1]"');
+ $request->headers->set('X-Forwarded-Proto', 'https');
+ $request->headers->set('X-Forwarded-Port', 443);
+
+ $this->assertSame(443, $request->getPort());
+ }
}
class RequestContentProxy extends Request