Making CakeErrorController get the most recent request, this will help when using requestAction.

Updating test cases for error404. Updating ErrorHandler
2025-01-31 09:06:17 +00:00 · 2010-08-28 23:32:14 -04:00 · 2010-08-28 23:32:14 -04:00 · 756baeafdb
commit 756baeafdb
parent 8712a90c8b
4 changed files with 50 additions and 43 deletions
--- a/cake/libs/controller/cake_error_controller.php
+++ b/cake/libs/controller/cake_error_controller.php
@ -26,7 +26,7 @@ class CakeErrorController extends AppController {
 	function __construct() {
 		parent::__construct();
 		$this->_set(Router::getPaths());
-		$this->request = $this->params = Router::getRequest();
+		$this->request = $this->params = Router::getRequest(false);
 		$this->constructClasses();
 		$this->Components->trigger('initialize', array(&$this));
 		$this->_set(array('cacheAction' => false, 'viewPath' => 'errors'));
--- a/cake/libs/error.php
+++ b/cake/libs/error.php
@ -98,7 +98,7 @@ class ErrorHandler {
 			$controller = new Controller();
 			$controller->viewPath = 'errors';
 		}
-		return $controller; 
+		return $controller;
 	}

 /**
@ -128,15 +128,8 @@ class ErrorHandler {
 *
 * @param array $params Parameters for controller
 */
-	public function error($params) {
-		extract($params, EXTR_OVERWRITE);
-		$this->controller->set(array(
-			'code' => $code,
-			'name' => $name,
-			'message' => $message,
-			'title' => $code . ' ' . $name
-		));
-		$this->_outputMessage('error404');
+	public function error(Exception $error) {
+		$this->error404($error);
 	}

 /**
@ -144,17 +137,13 @@ class ErrorHandler {
 *
 * @param array $params Parameters for controller
 */
-	public function error404($exception) {
-		if (!isset($url)) {
-			$url = $this->controller->here;
-		}
-		$url = Router::normalize($url);
+	public function error404($error) {
+		$url = Router::normalize($this->controller->request->here);
 		$this->controller->response->statusCode(404);
 		$this->controller->set(array(
-			'code' => '404',
-			'name' => __('Not Found'),
-			'message' => h($url),
-			'base' => $this->controller->request->base
+			'code' => 404,
+			'name' => $error->getMessage(),
+			'url' => h($url),
 		));
 		$this->_outputMessage('error404');
 	}
--- a/cake/libs/view/errors/error404.ctp
+++ b/cake/libs/view/errors/error404.ctp
@ -20,5 +20,8 @@
 <h2><?php echo $name; ?></h2>
 <p class="error">
 	<strong><?php echo __('Error'); ?>: </strong>
-	<?php printf(__('The requested address %s was not found on this server.'), "<strong>'{$message}'</strong>"); ?>
+	<?php printf(
+		__('The requested address %s was not found on this server.'),
+		"<strong>'{$url}'</strong>"
+	); ?>
 </p>
--- a/cake/tests/cases/libs/error.test.php
+++ b/cake/tests/cases/libs/error.test.php
@ -274,7 +274,7 @@ class ErrorHandlerTest extends CakeTestCase {
 		ob_start();
 		ErrorHandler::handleException($error);
 		$result = ob_get_clean();
-		$this->assertPattern('/Not Found/', $result, 'message missing.');
+		$this->assertPattern('/Kaboom!/', $result, 'message missing.');
 	}

 /**
@ -345,15 +345,13 @@ class ErrorHandlerTest extends CakeTestCase {
 * @return void
 */
 	function testError() {
-		$this->markTestIncomplete('Not done');
-		$exception = new Error404Exception('Page not found');
+		$exception = new Exception('Page not found');
 		$ErrorHandler = new ErrorHandler($exception);

 		ob_start();
-		$ErrorHandler->error($excpetion);
+		$ErrorHandler->error($exception);
 		$result = ob_get_clean();
-		$this->assertPattern("/<h2>Couldn't find what you were looking for<\/h2>/", $result);
-		$this->assertPattern('/Page not Found/', $result);
+		$this->assertPattern("/<h2>Page not found<\/h2>/", $result);
 	}

 /**
@ -363,32 +361,49 @@ class ErrorHandlerTest extends CakeTestCase {
 * @return void
 */
 	function testError404() {
-		$this->markTestIncomplete('Not implemented now');
 		App::build(array(
 			'views' => array(TEST_CAKE_CORE_INCLUDE_PATH . 'libs' . DS . 'view' . DS)
 		), true);
+		Router::reload();
+
+		$request = new CakeRequest('posts/view/1000', false);
+		Router::setRequestInfo($request);
+
+		$exception = new Error404Exception('Custom message');
+		$ErrorHandler = new ErrorHandler($exception);

 		ob_start();
-		$ErrorHandler = new ErrorHandler('error404', array('message' => 'Page not found', 'url' => '/test_error'));
+		$ErrorHandler->render();
 		$result = ob_get_clean();
-		$this->assertPattern('/<h2>Not Found<\/h2>/', $result);
-	 	$this->assertPattern("/<strong>'\/test_error'<\/strong>/", $result);
-
-		ob_start();
-		$ErrorHandler = new ErrorHandler('error404', array('message' => 'Page not found'));
-		ob_get_clean();
-		ob_start();
-		$ErrorHandler->error404(array(
-			'url' => 'pages/<span id=333>pink</span></id><script>document.body.style.background = t=document.getElementById(333).innerHTML;window.alert(t);</script>',
-			'message' => 'Page not found'
-		));
-		$result = ob_get_clean();
-		$this->assertNoPattern('#<script>#', $result);
-		$this->assertNoPattern('#</script>#', $result);

+		$this->assertPattern('/<h2>Custom message<\/h2>/', $result);
+		$this->assertPattern("/<strong>'\/posts\/view\/1000'<\/strong>/", $result);
+		
 		App::build();
 	}

+/**
+ * test that error404 doesn't expose XSS
+ *
+ * @return void
+ */
+	function testError404NoInjection() {
+		Router::reload();
+
+		$request = new CakeRequest('pages/<span id=333>pink</span></id><script>document.body.style.background = t=document.getElementById(333).innerHTML;window.alert(t);</script>', false);
+		Router::setRequestInfo($request);
+
+		$exception = new Error404Exception('Custom message');
+		$ErrorHandler = new ErrorHandler($exception);
+
+		ob_start();
+		$ErrorHandler->render();
+		$result = ob_get_clean();
+
+		$this->assertNoPattern('#<script>document#', $result);
+		$this->assertNoPattern('#alert\(t\);</script>#', $result);
+	}
+
 /**
 * testError500 method
 *