adulau/cakephp2-php8
1
0
Fork 0
mirror of https://github.com/kamilwylegala/cakephp2-php8.git synced 2024-11-15 11:28:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Moving tests into CakeRequest from dispatcher test.

Browse source 
Dispatcher tests are all working again.
This commit is contained in:
Mark Story 2010-05-01 23:49:22 -04:00
parent e4cf8a6937
commit 13cc8e746d
2 changed files with 46 additions and 42 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

72
cake/tests/cases/dispatcher.test.php
View file

@ -1412,8 +1412,7 @@ class DispatcherTest extends CakeTestCase {
'views' => array(TEST_CAKE_CORE_INCLUDE_PATH . 'tests' . DS . 'test_app' . DS . 'views' . DS), 'views' => array(TEST_CAKE_CORE_INCLUDE_PATH . 'tests' . DS . 'test_app' . DS . 'views' . DS),
), true); ), true);
$dispatcher =& new TestDispatcher(); $dispatcher = new TestDispatcher();
$dispatcher->base = false;
$url = '/'; $url = '/';
@ -1434,7 +1433,6 @@ class DispatcherTest extends CakeTestCase {
$filename = $this->__cachePath($dispatcher->here); $filename = $this->__cachePath($dispatcher->here);
unlink($filename); unlink($filename);
$dispatcher->base = false;
$url = 'test_cached_pages/index'; $url = 'test_cached_pages/index';
ob_start(); ob_start();
@ -1524,6 +1522,7 @@ class DispatcherTest extends CakeTestCase {
$this->assertEqual($result, $expected); $this->assertEqual($result, $expected);
$filename = $this->__cachePath($dispatcher->here); $filename = $this->__cachePath($dispatcher->here);
$this->assertTrue(file_exists($filename)); $this->assertTrue(file_exists($filename));
unlink($filename); unlink($filename);
} }
@ -1580,64 +1579,55 @@ class DispatcherTest extends CakeTestCase {
Router::mapResources('Posts'); Router::mapResources('Posts');
$_SERVER['REQUEST_METHOD'] = 'POST'; $_SERVER['REQUEST_METHOD'] = 'POST';
$dispatcher =& new Dispatcher(); $dispatcher = new Dispatcher();
$dispatcher->base = false;
$result = $dispatcher->parseParams('/posts'); $result = $dispatcher->parseParams(new CakeRequest('/posts'));
$expected = array('pass' => array(), 'named' => array(), 'plugin' => null, 'controller' => 'posts', 'action' => 'add', '[method]' => 'POST', 'form' => array(), 'url' => array()); $expected = array('pass' => array(), 'named' => array(), 'plugin' => null, 'controller' => 'posts', 'action' => 'add', '[method]' => 'POST', 'form' => array());
$this->assertEqual($result, $expected); foreach ($expected as $key => $value) {
$this->assertEqual($result[$key], $value, 'Value mismatch for ' . $key . ' %s');
}
$_SERVER['REQUEST_METHOD'] = 'GET'; $_SERVER['REQUEST_METHOD'] = 'GET';
$_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'] = 'PUT'; $_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE'] = 'PUT';
$result = $dispatcher->parseParams('/posts/5'); $result = $dispatcher->parseParams(new CakeRequest('/posts/5'));
$expected = array('pass' => array('5'), 'named' => array(), 'id' => '5', 'plugin' => null, 'controller' => 'posts', 'action' => 'edit', '[method]' => 'PUT', 'form' => array(), 'url' => array()); $expected = array('pass' => array('5'), 'named' => array(), 'id' => '5', 'plugin' => null, 'controller' => 'posts', 'action' => 'edit', '[method]' => 'PUT', 'form' => array());
$this->assertEqual($result, $expected); foreach ($expected as $key => $value) {
$this->assertEqual($result[$key], $value, 'Value mismatch for ' . $key . ' %s');
}
unset($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE']); unset($_SERVER['HTTP_X_HTTP_METHOD_OVERRIDE']);
$_SERVER['REQUEST_METHOD'] = 'GET'; $_SERVER['REQUEST_METHOD'] = 'GET';
$result = $dispatcher->parseParams('/posts/5'); $result = $dispatcher->parseParams(new CakeRequest('/posts/5'));
$expected = array('pass' => array('5'), 'named' => array(), 'id' => '5', 'plugin' => null, 'controller' => 'posts', 'action' => 'view', '[method]' => 'GET', 'form' => array(), 'url' => array()); $expected = array('pass' => array('5'), 'named' => array(), 'id' => '5', 'plugin' => null, 'controller' => 'posts', 'action' => 'view', '[method]' => 'GET', 'form' => array());
$this->assertEqual($result, $expected); foreach ($expected as $key => $value) {
$this->assertEqual($result[$key], $value, 'Value mismatch for ' . $key . ' %s');
}
$_POST['_method'] = 'PUT'; $_POST['_method'] = 'PUT';
$result = $dispatcher->parseParams('/posts/5'); $result = $dispatcher->parseParams(new CakeRequest('/posts/5'));
$expected = array('pass' => array('5'), 'named' => array(), 'id' => '5', 'plugin' => null, 'controller' => 'posts', 'action' => 'edit', '[method]' => 'PUT', 'form' => array(), 'url' => array()); $expected = array('pass' => array('5'), 'named' => array(), 'id' => '5', 'plugin' => null, 'controller' => 'posts', 'action' => 'edit', '[method]' => 'PUT', 'form' => array());
$this->assertEqual($result, $expected); foreach ($expected as $key => $value) {
$this->assertEqual($result[$key], $value, 'Value mismatch for ' . $key . ' %s');
}
$_POST['_method'] = 'POST'; $_POST['_method'] = 'POST';
$_POST['data'] = array('Post' => array('title' => 'New Post')); $_POST['data'] = array('Post' => array('title' => 'New Post'));
$_POST['extra'] = 'data'; $_POST['extra'] = 'data';
$_SERVER = array(); $_SERVER = array();
$result = $dispatcher->parseParams('/posts'); $result = $dispatcher->parseParams(new CakeRequest('/posts'));
$expected = array( $expected = array(
'pass' => array(), 'named' => array(), 'plugin' => null, 'controller' => 'posts', 'action' => 'add', 'pass' => array(), 'named' => array(), 'plugin' => null, 'controller' => 'posts', 'action' => 'add',
'[method]' => 'POST', 'form' => array('extra' => 'data'), 'data' => array('Post' => array('title' => 'New Post')), '[method]' => 'POST', 'form' => array('extra' => 'data'), 'data' => array('Post' => array('title' => 'New Post')),
'url' => array()
); );
$this->assertEqual($result, $expected); foreach ($expected as $key => $value) {
$this->assertEqual($result[$key], $value, 'Value mismatch for ' . $key . ' %s');
unset($_POST['_method']);
} }
/** unset($_POST['_method']);
* Tests that invalid characters cannot be injected into the application base path.
*
* @return void
*/
public function testBasePathInjection() {
$self = $_SERVER['PHP_SELF'];
$_SERVER['PHP_SELF'] = urldecode(
"/index.php/%22%3E%3Ch1%20onclick=%22alert('xss');%22%3Eheya%3C/h1%3E"
);
$dispatcher =& new Dispatcher();
$result = $dispatcher->baseUrl();
$expected = '/index.php/h1 onclick=alert(xss);heya';
$this->assertEqual($result, $expected);
} }
/** /**
@ -1650,18 +1640,16 @@ class DispatcherTest extends CakeTestCase {
$_SERVER['PHP_SELF'] = '/cake/repo/branches/1.2.x.x/index.php'; $_SERVER['PHP_SELF'] = '/cake/repo/branches/1.2.x.x/index.php';
Router::reload(); Router::reload();
$Dispatcher =& new TestDispatcher(); $Dispatcher = new TestDispatcher();
Router::connect('/myalias/:action/*', array('controller' => 'my_controller', 'action' => null)); Router::connect('/myalias/:action/*', array('controller' => 'my_controller', 'action' => null));
$Dispatcher->base = false; $Dispatcher->base = false;
$url = 'myalias/'; //Fails $url = 'myalias/'; //Fails
$controller = $Dispatcher->dispatch($url, array('return' => 1)); $result = $Dispatcher->parseParams(new CakeRequest($url));
$result = $Dispatcher->parseParams($url);
$this->assertEqual('index', $result['action']); $this->assertEqual('index', $result['action']);
$url = 'myalias'; //Passes $url = 'myalias'; //Passes
$controller = $Dispatcher->dispatch($url, array('return' => 1)); $result = $Dispatcher->parseParams(new CakeRequest($url));
$result = $Dispatcher->parseParams($url);
$this->assertEqual('index', $result['action']); $this->assertEqual('index', $result['action']);
} }

16
cake/tests/cases/libs/cake_request.test.php
View file

@ -1089,6 +1089,22 @@ class CakeRequestTestCase extends CakeTestCase {
$this->__loadEnvironment(array_merge(array('reload' => true), $backup)); $this->__loadEnvironment(array_merge(array('reload' => true), $backup));
} }
/**
* test that XSS can't be performed against the base path.
*
* @return void
*/
function testBasePathInjection() {
$self = $_SERVER['PHP_SELF'];
$_SERVER['PHP_SELF'] = urldecode(
"/index.php/%22%3E%3Ch1%20onclick=%22alert('xss');%22%3Eheya%3C/h1%3E"
);
$request = new CakeRequest();
$expected = '/index.php/h1 onclick=alert(xss);heya';
$this->assertEqual($request->base, $expected);
}
/** /**
* backupEnvironment method * backupEnvironment method
* *