malhuda/CodeIgniter4
1
0
Fork 0
mirror of https://github.com/codeigniter4/CodeIgniter4.git synced 2025-02-20 11:44:28 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #1109 from jim-parry/testing3/http

Browse Source 
Testing3/http
This commit is contained in:
Lonnie Ezell 2018-07-22 22:43:48 -05:00 committed by GitHub
commit 1a6499a46c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 582 additions and 157 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.gitignore vendored
View File

@ -126,6 +126,4 @@ nb-configuration.xml
.vscode/
/results/
/phpunit.xml
/phpunit-db.xml
/phpunit-nodb.xml
/phpunit*.xml

2
application/Config/App.php
View File

@ -215,7 +215,7 @@ class App extends BaseConfig
| Reverse Proxy IPs
|--------------------------------------------------------------------------
|
| If your getServer is behind a reverse proxy, you must whitelist the proxy
| If your server is behind a reverse proxy, you must whitelist the proxy
| IP addresses from which CodeIgniter should trust headers such as
| HTTP_X_FORWARDED_FOR and HTTP_CLIENT_IP in order to properly identify
| the visitor's IP address.

63
system/HTTP/IncomingRequest.php
View File

@ -1,4 +1,6 @@
<?php namespace CodeIgniter\HTTP;
<?php
namespace CodeIgniter\HTTP;
/**
* CodeIgniter
@ -80,7 +82,7 @@ class IncomingRequest extends Request
protected $enableCSRF = false;
/**
* A \CodeIgniter\HTTPLite\URI instance.
* A \CodeIgniter\HTTP\URI instance.
*
* @var URI
*/
@ -98,7 +100,7 @@ class IncomingRequest extends Request
*
* @var \CodeIgniter\HTTP\Negotiate
*/
protected $negotiate;
protected $negotiator;
/**
* The default Locale this request
@ -242,6 +244,8 @@ class IncomingRequest extends Request
// If the intl extension is loaded, make sure
// that we set the locale for it... if not, though,
// don't worry about it.
// this should not block code coverage thru unit testing
// @codeCoverageIgnoreStart
try
{
if (class_exists('\Locale', false))
@ -250,8 +254,9 @@ class IncomingRequest extends Request
}
} catch (\Exception $e)
{
}
// @codeCoverageIgnoreEnd
return $this;
}
@ -294,12 +299,10 @@ class IncomingRequest extends Request
if ( ! empty($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) !== 'off')
{
return true;
}
elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
} elseif (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] === 'https')
{
return true;
}
elseif ( ! empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off')
} elseif ( ! empty($_SERVER['HTTP_FRONT_END_HTTPS']) && strtolower($_SERVER['HTTP_FRONT_END_HTTPS']) !== 'off')
{
return true;
}
@ -533,7 +536,6 @@ class IncomingRequest extends Request
return $this->files->all(); // return all files
}
//--------------------------------------------------------------------
/**
@ -584,13 +586,14 @@ class IncomingRequest extends Request
$this->uri->setHost(parse_url($baseURL, PHP_URL_HOST));
$this->uri->setPort(parse_url($baseURL, PHP_URL_PORT));
$this->uri->resolveRelativeURI(parse_url($baseURL, PHP_URL_PATH));
}
else
} else
{
if(! is_cli())
// @codeCoverageIgnoreStart
if ( ! is_cli())
{
throw FrameworkException::forEmptyBaseURL();
}
// @codeCoverageIgnoreEnd
}
}
@ -604,7 +607,7 @@ class IncomingRequest extends Request
*
* @return string
*/
public function detectPath($protocol)
public function detectPath($protocol = '')
{
if (empty($protocol))
{
@ -642,25 +645,21 @@ class IncomingRequest extends Request
*/
public function negotiate(string $type, array $supported, bool $strictMatch = false)
{
if (is_null($this->negotiate))
if (is_null($this->negotiator))
{
$this->negotiate = Services::negotiator($this, true);
$this->negotiator = Services::negotiator($this, true);
}
switch (strtolower($type))
{
case 'media':
return $this->negotiate->media($supported, $strictMatch);
break;
return $this->negotiator->media($supported, $strictMatch);
case 'charset':
return $this->negotiate->charset($supported);
break;
return $this->negotiator->charset($supported);
case 'encoding':
return $this->negotiate->encoding($supported);
break;
return $this->negotiator->encoding($supported);
case 'language':
return $this->negotiate->language($supported);
break;
return $this->negotiator->language($supported);
}
throw HTTPException::forInvalidNegotiationType($type);
@ -689,25 +688,24 @@ class IncomingRequest extends Request
if (isset($_SERVER['SCRIPT_NAME'][0]))
{
// strip the script name from the beginning of the URI
if (strpos($uri, $_SERVER['SCRIPT_NAME']) === 0)
{
$uri = (string) substr($uri, strlen($_SERVER['SCRIPT_NAME']));
}
elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0)
{
$uri = (string) substr($uri, strlen(dirname($_SERVER['SCRIPT_NAME'])));
}
} elseif (strpos($uri, dirname($_SERVER['SCRIPT_NAME'])) === 0)
// if the script is nested, strip the parent folder & script from the URI
if (strpos($uri, $_SERVER['SCRIPT_NAME']) > 0)
$uri = (string) substr($uri, strpos($uri, $_SERVER['SCRIPT_NAME']) + strlen($_SERVER['SCRIPT_NAME']));
}
// This section ensures that even on servers that require the URI to be in the query string (Nginx) a correct
// This section ensures that even on servers that require the URI to contain the query string (Nginx) a correct
// URI is found, and also fixes the QUERY_STRING getServer var and $_GET array.
if (trim($uri, '/') === '' && strncmp($query, '/', 1) === 0)
{
$query = explode('?', $query, 2);
$uri = $query[0];
$_SERVER['QUERY_STRING'] = $query[1] ?? '';
}
else
} else
{
$_SERVER['QUERY_STRING'] = $query;
}
@ -738,8 +736,7 @@ class IncomingRequest extends Request
if (trim($uri, '/') === '')
{
return '';
}
elseif (strncmp($uri, '/', 1) === 0)
} elseif (strncmp($uri, '/', 1) === 0)
{
$uri = explode('?', $uri, 2);
$_SERVER['QUERY_STRING'] = $uri[1] ?? '';

2
system/HTTP/Negotiate.php
View File

@ -213,7 +213,7 @@ class Negotiate
// If no acceptable values exist, return the
// first that we support.
if (empty($acceptable))
if (count($acceptable) === 0)
{
return $supported[0];
}

8
tests/_support/HTTP/MockIncomingRequest.php
View File

@ -4,10 +4,10 @@ use CodeIgniter\HTTP\IncomingRequest;
class MockIncomingRequest extends IncomingRequest
{
public function populateHeaders()
{
// Don't do anything... force the tester to manually set the headers they want.
}
// public function populateHeaders()
// {
// // Don't do anything... force the tester to manually set the headers they want.
// }
public function detectURI($protocol, $baseURL)
{

143
tests/system/HTTP/IncomingRequestDetectingTest.php Normal file
View File

@ -0,0 +1,143 @@
<?php
namespace CodeIgniter\HTTP;
use Config\App;
use CodeIgniter\HTTP\Files\UploadedFile;
/**
* @backupGlobals enabled
*/
class IncomingRequestDetectingTest extends \CIUnitTestCase
{
/**
* @var \CodeIgniter\HTTP\IncomingRequest
*/
protected $request;
public function setUp()
{
parent::setUp();
$_POST = $_GET = $_SERVER = $_REQUEST = $_ENV = $_COOKIE = $_SESSION = [];
$origin = 'http://www.example.com/index.php/woot?code=good#pos';
$this->request = new IncomingRequest(new App(), new URI($origin), null, new UserAgent());
}
//--------------------------------------------------------------------
public function testPathDefault()
{
$this->request->uri = '/index.php/woot?code=good#pos';
$_SERVER['REQUEST_URI'] = '/index.php/woot';
$_SERVER['SCRIPT_NAME'] = '/index.php';
$expected = 'woot';
$this->assertEquals($expected, $this->request->detectPath());
}
public function testPathRequestURI()
{
$this->request->uri = '/index.php/woot?code=good#pos';
$_SERVER['REQUEST_URI'] = '/index.php/woot';
$_SERVER['SCRIPT_NAME'] = '/index.php';
$expected = 'woot';
$this->assertEquals($expected, $this->request->detectPath('REQUEST_URI'));
}
public function testPathRequestURINested()
{
$this->request->uri = '/ci/index.php/woot?code=good#pos';
$_SERVER['REQUEST_URI'] = '/index.php/woot';
$_SERVER['SCRIPT_NAME'] = '/index.php';
$expected = 'woot';
$this->assertEquals($expected, $this->request->detectPath('REQUEST_URI'));
}
public function testPathRequestURISubfolder()
{
$this->request->uri = '/ci/index.php/popcorn/woot?code=good#pos';
$_SERVER['REQUEST_URI'] = '/ci/index.php/popcorn/woot';
$_SERVER['SCRIPT_NAME'] = '/index.php';
$expected = 'popcorn/woot';
$this->assertEquals($expected, $this->request->detectPath('REQUEST_URI'));
}
public function testPathRequestURINginx()
{
$this->request->uri = '/ci/index.php/woot?code=good#pos';
$_SERVER['REQUEST_URI'] = '/index.php/woot?code=good';
$_SERVER['SCRIPT_NAME'] = '/index.php';
$expected = 'woot';
$this->assertEquals($expected, $this->request->detectPath('REQUEST_URI'));
}
public function testPathRequestURINginxRedirecting()
{
$this->request->uri = '/?/ci/index.php/woot';
$_SERVER['REQUEST_URI'] = '/?/ci/woot';
$_SERVER['SCRIPT_NAME'] = '/index.php';
$expected = 'ci/woot';
$this->assertEquals($expected, $this->request->detectPath('REQUEST_URI'));
}
public function testPathRequestURISuppressed()
{
$this->request->uri = '/woot?code=good#pos';
$_SERVER['REQUEST_URI'] = '/woot';
$_SERVER['SCRIPT_NAME'] = '/';
$expected = 'woot';
$this->assertEquals($expected, $this->request->detectPath('REQUEST_URI'));
}
//--------------------------------------------------------------------
public function testPathQueryString()
{
$this->request->uri = '/?/ci/index.php/woot';
$_SERVER['REQUEST_URI'] = '/?/ci/woot';
$_SERVER['QUERY_STRING'] = '/ci/woot';
$_SERVER['SCRIPT_NAME'] = '/index.php';
$expected = 'ci/woot';
$this->assertEquals($expected, $this->request->detectPath('QUERY_STRING'));
}
public function testPathQueryStringEmpty()
{
$this->request->uri = '/?/ci/index.php/woot';
$_SERVER['REQUEST_URI'] = '/?/ci/woot';
$_SERVER['QUERY_STRING'] = '';
$_SERVER['SCRIPT_NAME'] = '/index.php';
$expected = '';
$this->assertEquals($expected, $this->request->detectPath('QUERY_STRING'));
}
//--------------------------------------------------------------------
public function testPathPathInfo()
{
$this->request->uri = '/index.php/woot?code=good#pos';
$this->request->setGlobal('server', [
'PATH_INFO' => null,
]);
$_SERVER['REQUEST_URI'] = '/index.php/woot';
$_SERVER['SCRIPT_NAME'] = '/index.php';
$expected = 'woot';
$this->assertEquals($expected, $this->request->detectPath('PATH_INFO'));
}
public function testPathPathInfoGlobal()
{
$this->request->uri = '/index.php/woot?code=good#pos';
$this->request->uri = '/index.php/woot?code=good#pos';
$this->request->setGlobal('server', [
'PATH_INFO' => 'silliness',
]);
$_SERVER['REQUEST_URI'] = '/index.php/woot';
$_SERVER['SCRIPT_NAME'] = '/index.php';
$expected = 'silliness';
$this->assertEquals($expected, $this->request->detectPath('PATH_INFO'));
}
}

175
tests/system/HTTP/IncomingRequestTest.php
View File

@ -1,12 +1,16 @@
<?php namespace CodeIgniter\HTTP;
<?php
namespace CodeIgniter\HTTP;
use Config\App;
use CodeIgniter\HTTP\Files\UploadedFile;
/**
* @backupGlobals enabled
*/
class IncomingRequestTest extends \CIUnitTestCase
{
/**
* @var \CodeIgniter\HTTP\IncomingRequest
*/
@ -31,8 +35,6 @@ class IncomingRequestTest extends \CIUnitTestCase
$this->assertNull($this->request->getVar('TESTY'));
}
//--------------------------------------------------------------------
public function testCanGrabGetVars()
{
$_GET['TEST'] = 5;
@ -41,8 +43,6 @@ class IncomingRequestTest extends \CIUnitTestCase
$this->assertNull($this->request->getGEt('TESTY'));
}
//--------------------------------------------------------------------
public function testCanGrabPostVars()
{
$_POST['TEST'] = 5;
@ -51,8 +51,6 @@ class IncomingRequestTest extends \CIUnitTestCase
$this->assertNull($this->request->getPost('TESTY'));
}
//--------------------------------------------------------------------
public function testCanGrabPostBeforeGet()
{
$_POST['TEST'] = 5;
@ -64,20 +62,29 @@ class IncomingRequestTest extends \CIUnitTestCase
//--------------------------------------------------------------------
/**
* @group single
*/
public function testCanGetOldInput()
{
$_SESSION['_ci_old_input'] = [
'get' => ['one' => 'two'],
'post' => ['name' => 'foo']
];
public function testCanGetOldInput()
{
$_SESSION['_ci_old_input'] = [
'get' => ['one' => 'two'],
'post' => ['name' => 'foo']
];
$this->assertEquals('foo', $this->request->getOldInput('name'));
$this->assertEquals('two', $this->request->getOldInput('one'));
}
$this->assertEquals('foo', $this->request->getOldInput('name'));
$this->assertEquals('two', $this->request->getOldInput('one'));
}
public function testCanGetOldInputDotted()
{
$_SESSION['_ci_old_input'] = [
'get' => ['apple' => ['name' => 'two']],
'post' => ['banana' => ['name' => 'foo']],
];
$this->assertEquals('foo', $this->request->getOldInput('banana.name'));
$this->assertEquals('two', $this->request->getOldInput('apple.name'));
}
//--------------------------------------------------------------------
public function testCanGrabServerVars()
{
@ -89,8 +96,6 @@ class IncomingRequestTest extends \CIUnitTestCase
$this->assertNull($this->request->getServer('TESTY'));
}
//--------------------------------------------------------------------
public function testCanGrabEnvVars()
{
$server = $this->getPrivateProperty($this->request, 'globals');
@ -101,8 +106,6 @@ class IncomingRequestTest extends \CIUnitTestCase
$this->assertNull($this->request->getEnv('TESTY'));
}
//--------------------------------------------------------------------
public function testCanGrabCookieVars()
{
$_COOKIE['TEST'] = 5;
@ -111,7 +114,7 @@ class IncomingRequestTest extends \CIUnitTestCase
$this->assertNull($this->request->getCookie('TESTY'));
}
//--------------------------------------------------------------------
//--------------------------------------------------------------------
public function testStoresDefaultLocale()
{
@ -121,8 +124,6 @@ class IncomingRequestTest extends \CIUnitTestCase
$this->assertEquals($config->defaultLocale, $this->request->getLocale());
}
//--------------------------------------------------------------------
public function testSetLocaleSaves()
{
$config = new App();
@ -136,6 +137,19 @@ class IncomingRequestTest extends \CIUnitTestCase
$this->assertEquals('en', $request->getLocale());
}
public function testSetBadLocale()
{
$config = new App();
$config->supportedLocales = ['en', 'es'];
$config->defaultLocale = 'es';
$config->baseURL = 'http://example.com';
$request = new IncomingRequest($config, new URI(), null, new UserAgent());
$request->setLocale('xx');
$this->assertEquals('es', $request->getLocale());
}
//--------------------------------------------------------------------
public function testNegotiatesLocale()
@ -153,6 +167,44 @@ class IncomingRequestTest extends \CIUnitTestCase
$this->assertEquals('es', $request->getLocale());
}
// The negotiation tests below are not intended to exercise the HTTP\Negotiate class -
// that is up to the NegotiateTest. These are only to make sure that the requests
// flow through to the negotiator
public function testNegotiatesNot()
{
$this->request->setHeader('Accept-Charset', 'iso-8859-5, unicode-1-1;q=0.8');
$this->expectException(Exceptions\HTTPException::class);
$this->request->negotiate('something bogus', ['iso-8859-5', 'unicode-1-1']);
}
public function testNegotiatesCharset()
{
// $_SERVER['HTTP_ACCEPT_CHARSET'] = 'iso-8859-5, unicode-1-1;q=0.8';
$this->request->setHeader('Accept-Charset', 'iso-8859-5, unicode-1-1;q=0.8');
$this->assertEquals(strtolower($this->request->config->charset), $this->request->negotiate('charset', ['iso-8859', 'unicode-1-2']));
}
public function testNegotiatesMedia()
{
$this->request->setHeader('Accept', 'text/plain; q=0.5, text/html, text/x-dvi; q=0.8, text/x-c');
$this->assertEquals('text/html', $this->request->negotiate('media', ['text/html', 'text/x-c', 'text/x-dvi', 'text/plain']));
}
public function testNegotiatesEncoding()
{
$this->request->setHeader('Accept-Encoding', 'gzip;q=1.0, identity; q=0.4, compress;q=0.5');
$this->assertEquals('gzip', $this->request->negotiate('encoding', ['gzip', 'compress']));
}
public function testNegotiatesLanguage()
{
$this->request->setHeader('Accept-Language', 'da, en-gb;q=0.8, en;q=0.7');
$this->assertEquals('en', $this->request->negotiate('language', ['en', 'da']));
}
//--------------------------------------------------------------------
public function testCanGrabGetRawJSON()
@ -172,8 +224,6 @@ class IncomingRequestTest extends \CIUnitTestCase
$this->assertEquals($expected, $request->getJSON(true));
}
//--------------------------------------------------------------------
public function testCanGrabGetRawInput()
{
$rawstring = 'username=admin001&role=administrator&usepass=0';
@ -193,4 +243,73 @@ class IncomingRequestTest extends \CIUnitTestCase
}
//--------------------------------------------------------------------
public function testIsCLI()
{
// this should be the case in unit testing
$this->assertTrue($this->request->isCLI());
}
public function testIsAJAX()
{
$_SERVER['HTTP_X_REQUESTED_WITH'] = 'xmlhttprequest';
$this->assertTrue($this->request->isAJAX());
}
//--------------------------------------------------------------------
public function testIsSecure()
{
$_SERVER['HTTPS'] = 'on';
$this->assertTrue($this->request->isSecure());
}
public function testIsSecureFrontEnd()
{
$_SERVER['HTTP_FRONT_END_HTTPS'] = 'on';
$this->assertTrue($this->request->isSecure());
}
public function testIsSecureForwarded()
{
$_SERVER['HTTP_X_FORWARDED_PROTO'] = 'https';
$this->assertTrue($this->request->isSecure());
}
//--------------------------------------------------------------------
public function testUserAgent()
{
$_SERVER['HTTP_USER_AGENT'] = 'Mozilla';
$config = new App();
$request = new IncomingRequest($config, new URI(), null, new UserAgent());
$this->assertEquals('Mozilla', $request->getUserAgent());
}
//--------------------------------------------------------------------
public function testFileCollectionFactory()
{
$_FILES = [
'userfile' => [
'name' => 'someFile.txt',
'type' => 'text/plain',
'size' => '124',
'tmp_name' => '/tmp/myTempFile.txt',
'error' => 0
]
];
$files = $this->request->getFiles();
$this->assertCount(1, $files);
$file = array_shift($files);
$this->assertInstanceOf(UploadedFile::class, $file);
$this->assertEquals('someFile.txt', $file->getName());
$this->assertEquals(124, $file->getSize());
}
//--------------------------------------------------------------------
}

40
tests/system/HTTP/NegotiateTest.php
View File

@ -1,9 +1,12 @@
<?php namespace CodeIgniter\HTTP;
<?php
namespace CodeIgniter\HTTP;
use Config\App;
class NegotiateTest extends \CIUnitTestCase
{
/**
* @var CodeIgniter\HTTP\Request
*/
@ -36,6 +39,7 @@ class NegotiateTest extends \CIUnitTestCase
public function testNegotiateMediaFindsHighestMatch()
{
$this->request->setHeader('Accept', 'text/plain; q=0.5, text/html, text/x-dvi; q=0.8, text/x-c');
$this->negotiate->setRequest($this->request);
$this->assertEquals('text/html', $this->negotiate->media(['text/html', 'text/x-c', 'text/x-dvi', 'text/plain']));
$this->assertEquals('text/x-c', $this->negotiate->media(['text/x-c', 'text/x-dvi', 'text/plain']));
@ -50,7 +54,7 @@ class NegotiateTest extends \CIUnitTestCase
public function testParseHeaderDeterminesCorrectPrecedence()
{
$header =$this->negotiate->parseHeader('text/*, text/plain, text/plain;format=flowed, */*');
$header = $this->negotiate->parseHeader('text/*, text/plain, text/plain;format=flowed, */*');
$this->assertEquals('text/plain', $header[0]['value']);
$this->assertEquals('flowed', $header[0]['params']['format']);
@ -134,4 +138,36 @@ class NegotiateTest extends \CIUnitTestCase
}
//--------------------------------------------------------------------
public function testBestMatchEmpty()
{
$this->expectException(Exceptions\HTTPException::class);
$this->negotiate->media([]);
}
public function testBestMatchNoHeader()
{
$this->request->setHeader('Accept','');
$this->assertEquals('', $this->negotiate->media(['apple', 'banana'], true));
$this->assertEquals('apple/mac', $this->negotiate->media(['apple/mac', 'banana/yellow'], false));
}
public function testBestMatchNotAcceptable()
{
$this->request->setHeader('Accept','popcorn/cheddar');
$this->assertEquals('apple/mac', $this->negotiate->media(['apple/mac', 'banana/yellow'],false));
}
public function testBestMatchFirstSupported()
{
$this->request->setHeader('Accept','popcorn/cheddar, */*');
$this->assertEquals('apple/mac', $this->negotiate->media(['apple/mac', 'banana/yellow'],false));
}
public function testBestMatchLowQuality()
{
$this->request->setHeader('Accept','popcorn/cheddar;q=0, apple/mac, */*');
$this->assertEquals('apple/mac', $this->negotiate->media(['apple/mac', 'popcorn/cheddar'],false));
$this->assertEquals('apple/mac', $this->negotiate->media(['popcorn/cheddar','apple/mac'],false));
}
}

290
tests/system/HTTP/RequestTest.php
View File

@ -1,4 +1,5 @@
<?php namespace CodeIgniter\HTTP;
<?php
namespace CodeIgniter\HTTP;
use Config\App;
@ -7,6 +8,7 @@ use Config\App;
*/
class RequestTest extends \CIUnitTestCase
{
/**
* @var \CodeIgniter\HTTP\Request
*/
@ -16,15 +18,17 @@ class RequestTest extends \CIUnitTestCase
{
parent::setUp();
$this->request = new Request(new App());
$_POST = [];
$_GET = [];
$this->request = new Request(new App());
$_POST = [];
$_GET = [];
}
//--------------------------------------------------------------------
public function testFetchGlobalsSingleValue()
{
$_POST['foo'] = 'bar';
$_GET['bar'] = 'baz';
$_POST['foo'] = 'bar';
$_GET['bar'] = 'baz';
$this->assertEquals('bar', $this->request->fetchGlobal('post', 'foo'));
$this->assertEquals('baz', $this->request->fetchGlobal('get', 'bar'));
@ -38,8 +42,8 @@ class RequestTest extends \CIUnitTestCase
public function testFetchGlobalsFiltersValues()
{
$this->request->setGlobal('post', [
'foo' => 'bar<script>',
'bar' => 'baz',
'foo' => 'bar<script>',
'bar' => 'baz',
]);
$this->assertEquals('bar%3Cscript%3E', $this->request->fetchGlobal('post', 'foo', FILTER_SANITIZE_ENCODED));
@ -49,21 +53,21 @@ class RequestTest extends \CIUnitTestCase
public function testFetchGlobalsWithFilterFlag()
{
$this->request->setGlobal('post', [
'foo' => '`bar<script>',
'bar' => 'baz',
'foo' => '`bar<script>',
'bar' => 'baz',
]);
$this->assertEquals('bar%3Cscript%3E', $this->request->fetchGlobal('post','foo', FILTER_SANITIZE_ENCODED, FILTER_FLAG_STRIP_BACKTICK));
$this->assertEquals('bar%3Cscript%3E', $this->request->fetchGlobal('post', 'foo', FILTER_SANITIZE_ENCODED, FILTER_FLAG_STRIP_BACKTICK));
$this->assertEquals('baz', $this->request->fetchGlobal('post', 'bar'));
}
public function testFetchGlobalReturnsAllWhenEmpty()
{
$post = [
'foo' => 'bar',
'bar' => 'baz',
'xxx' => 'yyy',
'yyy' => 'zzz'
'foo' => 'bar',
'bar' => 'baz',
'xxx' => 'yyy',
'yyy' => 'zzz'
];
$this->request->setGlobal('post', $post);
@ -72,18 +76,18 @@ class RequestTest extends \CIUnitTestCase
public function testFetchGlobalFiltersAllValues()
{
$post = [
'foo' => 'bar<script>',
'bar' => 'baz<script>',
'xxx' => 'yyy<script>',
'yyy' => 'zzz<script>'
$post = [
'foo' => 'bar<script>',
'bar' => 'baz<script>',
'xxx' => 'yyy<script>',
'yyy' => 'zzz<script>'
];
$this->request->setGlobal('post', $post);
$expected = [
'foo' => 'bar%3Cscript%3E',
'bar' => 'baz%3Cscript%3E',
'xxx' => 'yyy%3Cscript%3E',
'yyy' => 'zzz%3Cscript%3E'
$expected = [
'foo' => 'bar%3Cscript%3E',
'bar' => 'baz%3Cscript%3E',
'xxx' => 'yyy%3Cscript%3E',
'yyy' => 'zzz%3Cscript%3E'
];
$this->assertEquals($expected, $this->request->fetchGlobal('post', null, FILTER_SANITIZE_ENCODED));
@ -91,35 +95,35 @@ class RequestTest extends \CIUnitTestCase
public function testFetchGlobalFilterWithFlagAllValues()
{
$post = [
'foo' => '`bar<script>',
'bar' => '`baz<script>',
'xxx' => '`yyy<script>',
'yyy' => '`zzz<script>'
$post = [
'foo' => '`bar<script>',
'bar' => '`baz<script>',
'xxx' => '`yyy<script>',
'yyy' => '`zzz<script>'
];
$this->request->setGlobal('post', $post);
$expected = [
'foo' => 'bar%3Cscript%3E',
'bar' => 'baz%3Cscript%3E',
'xxx' => 'yyy%3Cscript%3E',
'yyy' => 'zzz%3Cscript%3E'
$expected = [
'foo' => 'bar%3Cscript%3E',
'bar' => 'baz%3Cscript%3E',
'xxx' => 'yyy%3Cscript%3E',
'yyy' => 'zzz%3Cscript%3E'
];
$this->assertEquals($expected, $this->request->fetchGlobal('post',null, FILTER_SANITIZE_ENCODED, FILTER_FLAG_STRIP_BACKTICK));
$this->assertEquals($expected, $this->request->fetchGlobal('post', null, FILTER_SANITIZE_ENCODED, FILTER_FLAG_STRIP_BACKTICK));
}
public function testFetchGlobalReturnsSelectedKeys()
{
$post = [
'foo' => 'bar',
'bar' => 'baz',
'xxx' => 'yyy',
'yyy' => 'zzz'
$post = [
'foo' => 'bar',
'bar' => 'baz',
'xxx' => 'yyy',
'yyy' => 'zzz'
];
$this->request->setGlobal('post', $post);
$expected = [
'foo' => 'bar',
'bar' => 'baz',
$expected = [
'foo' => 'bar',
'bar' => 'baz',
];
$this->assertEquals($expected, $this->request->fetchGlobal('post', ['foo', 'bar']));
@ -127,16 +131,16 @@ class RequestTest extends \CIUnitTestCase
public function testFetchGlobalFiltersSelectedValues()
{
$post = [
'foo' => 'bar<script>',
'bar' => 'baz<script>',
'xxx' => 'yyy<script>',
'yyy' => 'zzz<script>'
$post = [
'foo' => 'bar<script>',
'bar' => 'baz<script>',
'xxx' => 'yyy<script>',
'yyy' => 'zzz<script>'
];
$this->request->setGlobal('post', $post);
$expected = [
'foo' => 'bar%3Cscript%3E',
'bar' => 'baz%3Cscript%3E',
$expected = [
'foo' => 'bar%3Cscript%3E',
'bar' => 'baz%3Cscript%3E',
];
$this->assertEquals($expected, $this->request->fetchGlobal('post', ['foo', 'bar'], FILTER_SANITIZE_ENCODED));
@ -144,16 +148,16 @@ class RequestTest extends \CIUnitTestCase
public function testFetchGlobalFilterWithFlagSelectedValues()
{
$post = [
'foo' => '`bar<script>',
'bar' => '`baz<script>',
'xxx' => '`yyy<script>',
'yyy' => '`zzz<script>'
$post = [
'foo' => '`bar<script>',
'bar' => '`baz<script>',
'xxx' => '`yyy<script>',
'yyy' => '`zzz<script>'
];
$this->request->setGlobal('post', $post);
$expected = [
'foo' => 'bar%3Cscript%3E',
'bar' => 'baz%3Cscript%3E',
$expected = [
'foo' => 'bar%3Cscript%3E',
'bar' => 'baz%3Cscript%3E',
];
$this->assertEquals($expected, $this->request->fetchGlobal('post', ['foo', 'bar'], FILTER_SANITIZE_ENCODED, FILTER_FLAG_STRIP_BACKTICK));
@ -164,19 +168,19 @@ class RequestTest extends \CIUnitTestCase
*/
public function testFetchGlobalReturnsArrayValues()
{
$post = [
'ANNOUNCEMENTS' => [
1 => [
$post = [
'ANNOUNCEMENTS' => [
1 => [
'DETAIL' => 'asdf'
],
2 => [
2 => [
'DETAIL' => 'sdfg'
]
],
'submit' => 'SAVE'
'submit' => 'SAVE'
];
$this->request->setGlobal('post', $post);
$result = $this->request->fetchGlobal('post');
$result = $this->request->fetchGlobal('post');
$this->assertEquals($post, $result);
$this->assertInternalType('array', $result['ANNOUNCEMENTS']);
@ -194,7 +198,7 @@ class RequestTest extends \CIUnitTestCase
];
$this->request->setGlobal('post', $post);
$this->assertEquals(['address' => ['zipcode' => 90210]], $this->request->fetchGlobal('post','clients'));
$this->assertEquals(['address' => ['zipcode' => 90210]], $this->request->fetchGlobal('post', 'clients'));
}
public function testFetchGlobalWithArrayChildNumeric()
@ -215,7 +219,7 @@ class RequestTest extends \CIUnitTestCase
];
$this->request->setGlobal('post', $post);
$this->assertEquals(['zipcode' => 60610], $this->request->fetchGlobal('post','clients[1][address]'));
$this->assertEquals(['zipcode' => 60610], $this->request->fetchGlobal('post', 'clients[1][address]'));
}
public function testFetchGlobalWithArrayChildElement()
@ -229,7 +233,23 @@ class RequestTest extends \CIUnitTestCase
];
$this->request->setGlobal('post', $post);
$this->assertEquals(['zipcode' => 90210], $this->request->fetchGlobal('post','clients[address]'));
$this->assertEquals(['zipcode' => 90210], $this->request->fetchGlobal('post', 'clients[address]'));
$this->assertEquals(null, $this->request->fetchGlobal('post', 'clients[zipcode]'));
}
public function testFetchGlobalWithKeylessArrayChildElement()
{
$post = [
'clients' => [
'address' => [
'zipcode' => 90210
],
'stuff' => [['a']]
]
];
$this->request->setGlobal('post', $post);
$this->assertEquals([['a']], $this->request->fetchGlobal('post', 'clients[stuff]'));
}
public function testFetchGlobalWithArrayLastElement()
@ -246,33 +266,145 @@ class RequestTest extends \CIUnitTestCase
$this->assertEquals(90210, $this->request->fetchGlobal('post', 'clients[address][zipcode]'));
}
public function testFetchGlobalWithEmptyNotation()
{
$expected = [
[
'address' => [
'zipcode' => 90210
],
],
[
'address' => [
'zipcode' => 60610
],
],
];
$post = [
'clients' => $expected
];
$this->request->setGlobal('post', $post);
// echo var_dump($this->request->fetchGlobal('post', 'clients[][zipcode]'));
$this->assertEquals($expected, $this->request->fetchGlobal('post', 'clients[]'));
}
//--------------------------------------------------------------------
public function ipAddressChecks()
{
return [
'empty' => [false, ''],
'zero' => [false , 0],
'large_ipv4' => [false, '256.256.256.999', 'ipv4'],
'good_ipv4' => [true, '100.100.100.0', 'ipv4'],
'good_default' => [true, '100.100.100.0'],
'zeroed_ipv4' => [true, '0.0.0.0'],
'large_ipv6' => [false, 'h123:0000:0000:0000:0000:0000:0000:0000', 'ipv6'],
'good_ipv6' => [true, '2001:0db8:85a3:0000:0000:8a2e:0370:7334'],
'confused_ipv6' => [false, '255.255.255.255', 'ipv6'],
'empty' => [false, ''],
'zero' => [false, 0],
'large_ipv4' => [false, '256.256.256.999', 'ipv4'],
'good_ipv4' => [true, '100.100.100.0', 'ipv4'],
'good_default' => [true, '100.100.100.0'],
'zeroed_ipv4' => [true, '0.0.0.0'],
'large_ipv6' => [false, 'h123:0000:0000:0000:0000:0000:0000:0000', 'ipv6'],
'good_ipv6' => [true, '2001:0db8:85a3:0000:0000:8a2e:0370:7334'],
'confused_ipv6' => [false, '255.255.255.255', 'ipv6'],
];
}
/**
* @dataProvider ipAddressChecks
*/
public function testValidIPAddress($expected, $address, $type=null)
public function testValidIPAddress($expected, $address, $type = null)
{
$this->assertEquals($expected, $this->request->isValidIP($address, $type));
}
//--------------------------------------------------------------------
public function testGetIPAddressDefault()
{
$this->assertEquals('0.0.0.0', $this->request->getIPAddress());
}
public function testGetIPAddressNormal()
{
$expected = '123.123.123.123';
$_SERVER['REMOTE_ADDR'] = $expected;
$this->request = new Request(new App());
$this->assertEquals($expected, $this->request->getIPAddress());
// call a second time to exercise the initial conditional block in getIPAddress()
$this->assertEquals($expected, $this->request->getIPAddress());
}
public function testGetIPAddressThruProxy()
{
$expected = '123.123.123.123';
$_SERVER['REMOTE_ADDR'] = '10.0.1.200';
$config = new App();
$config->proxyIPs = '10.0.1.200,192.168.5.0/24';
$_SERVER['HTTP_X_FORWARDED_FOR'] = $expected;
$this->request = new Request($config);
// we should see the original forwarded address
$this->assertEquals($expected, $this->request->getIPAddress());
}
public function testGetIPAddressThruProxyInvalid()
{
$expected = '123.456.23.123';
$_SERVER['REMOTE_ADDR'] = '10.0.1.200';
$config = new App();
$config->proxyIPs = '10.0.1.200,192.168.5.0/24';
$_SERVER['HTTP_X_FORWARDED_FOR'] = $expected;
$this->request = new Request($config);
// spoofed address invalid
$this->assertEquals('10.0.1.200', $this->request->getIPAddress());
}
public function testGetIPAddressThruProxyNotWhitelisted()
{
$expected = '123.456.23.123';
$_SERVER['REMOTE_ADDR'] = '10.10.1.200';
$config = new App();
$config->proxyIPs = '10.0.1.200,192.168.5.0/24';
$_SERVER['HTTP_X_FORWARDED_FOR'] = $expected;
$this->request = new Request($config);
// spoofed address invalid
$this->assertEquals('10.10.1.200', $this->request->getIPAddress());
}
public function testGetIPAddressThruProxySubnet()
{
$expected = '123.123.123.123';
$_SERVER['REMOTE_ADDR'] = '192.168.5.21';
$config = new App();
$config->proxyIPs = ['192.168.5.0/24'];
$_SERVER['HTTP_X_FORWARDED_FOR'] = $expected;
$this->request = new Request($config);
// we should see the original forwarded address
$this->assertEquals($expected, $this->request->getIPAddress());
}
public function testGetIPAddressThruProxyOutofSubnet()
{
$expected = '123.123.123.123';
$_SERVER['REMOTE_ADDR'] = '192.168.5.21';
$config = new App();
$config->proxyIPs = ['192.168.5.0/28'];
$_SERVER['HTTP_X_FORWARDED_FOR'] = $expected;
$this->request = new Request($config);
// we should see the original forwarded address
$this->assertEquals('192.168.5.21', $this->request->getIPAddress());
}
//FIXME getIPAddress should have more testing, to 100% code coverage
//--------------------------------------------------------------------
public function testMethodReturnsRightStuff()
{
// Defaults method to GET now.
$this->assertEquals('get', $this->request->getMethod());
$this->assertEquals('GET', $this->request->getMethod(true));
}
}

12
user_guide_src/source/libraries/request.rst
View File

@ -15,7 +15,7 @@ See the documentation for the :doc:`IncomingRequest Class </libraries/incomingre
Class Reference
===============
.. php:class:: CodeIgniter\\HTTP\\IncomingRequest
.. php:class:: CodeIgniter\\HTTP\\Request
.. php:method:: getIPAddress()
@ -28,7 +28,7 @@ Class Reference
echo $request->getIPAddress();
.. important:: This method takes into account the ``App->proxy_ips`` setting and will
.. important:: This method takes into account the ``App->proxyIPs`` setting and will
return the reported HTTP_X_FORWARDED_FOR, HTTP_CLIENT_IP, HTTP_X_CLIENT_IP, or
HTTP_X_CLUSTER_CLIENT_IP address for the allowed IP address.
@ -58,7 +58,7 @@ Class Reference
Accepts an optional second string parameter of 'ipv4' or 'ipv6' to specify
an IP format. The default checks for both formats.
.. php:method:: method([$upper = FALSE])
.. php:method:: getMethod([$upper = FALSE])
:param bool $upper: Whether to return the request method name in upper or lower case
:returns: HTTP request method
@ -68,9 +68,9 @@ Class Reference
in uppercase or lowercase.
::
echo $request->method(TRUE); // Outputs: POST
echo $request->method(FALSE); // Outputs: post
echo $request->method(); // Outputs: post
echo $request->getMethod(TRUE); // Outputs: POST
echo $request->getMethod(FALSE); // Outputs: post
echo $request->getMethod(); // Outputs: post
.. php:method:: getServer([$index = null[, $filter = null[, $flags = null]]])