merged branch pst/master (PR #7871)

This PR was submitted for the master branch but it was merged into the 2.1 branch instead (closes #7871). Discussion ---------- Fix getPort() returning 80 instead of 443 when X-FORWARDED-PROTO is set to https [HttpFoundation] fixed something | Q | A | ------------- | --- | Bug fix? | yes | New feature? | no | BC breaks? | no | Deprecations? | no | Tests pass? | yes | Fixed tickets | #7870 | License | MIT | Doc PR | Ensure that the getPort() method returns port 443 as default when X-FORWARDED-PROTO is set to https. Currently it would return port 80 if X-FORWARDED-PROTO was set to https and X-FORWARDED-PORT was not set by the trusted proxy. Commits ------- 8554af3 Fix getPort() returning 80 instead of 443 when X-FORWARDED-PROTO is set to https
2013-04-30 19:03:37 +02:00 · 2013-04-30 19:03:37 +02:00 · 0dacd56ee9
commit 0dacd56ee9
parent 02e9b19f29 2a531d78be
2 changed files with 43 additions and 2 deletions
--- a/src/Symfony/Component/HttpFoundation/Request.php
+++ b/src/Symfony/Component/HttpFoundation/Request.php
@ -793,8 +793,14 @@ class Request
     */
    public function getPort()
    {
-        if (self::$trustProxy && self::$trustedHeaders[self::HEADER_CLIENT_PORT] && $port = $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_PORT])) {
-            return $port;
+        if (self::$trustProxy) {
+            if (self::$trustedHeaders[self::HEADER_CLIENT_PORT] && $port = $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_PORT])) {
+                return $port;
+            }
+
+            if (self::$trustedHeaders[self::HEADER_CLIENT_PROTO] && 'https' === $this->headers->get(self::$trustedHeaders[self::HEADER_CLIENT_PROTO], 'http')) {
+                return 443;
+            }
        }

        return $this->server->get('SERVER_PORT');
--- a/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
+++ b/src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
@ -583,6 +583,41 @@ class RequestTest extends \PHPUnit_Framework_TestCase
        $this->stopTrustingProxyData();
    }

+    public function testGetPort()
+    {
+        $request = Request::create('http://example.com', 'GET', array(), array(), array(), array(
+            'HTTP_X_FORWARDED_PROTO' => 'https',
+            'HTTP_X_FORWARDED_PORT' => '443'
+        ));
+        $port = $request->getPort();
+
+        $this->assertEquals(80, $port, 'Without trusted proxies FORWARDED_PROTO and FORWARDED_PORT are ignored.');
+
+        Request::setTrustedProxies(array('1.1.1.1'));
+        $request = Request::create('http://example.com', 'GET', array(), array(), array(), array(
+            'HTTP_X_FORWARDED_PROTO' => 'https',
+            'HTTP_X_FORWARDED_PORT'  => '8443'
+        ));
+        $port = $request->getPort();
+
+        $this->assertEquals(8443, $port, 'With PROTO and PORT set PORT takes precedence.');
+
+        $request = Request::create('http://example.com', 'GET', array(), array(), array(), array(
+            'HTTP_X_FORWARDED_PROTO' => 'https'
+        ));
+        $port = $request->getPort();
+
+        $this->assertEquals(443, $port, 'With only PROTO set getPort() defaults to 443.');
+
+        $request = Request::create('http://example.com', 'GET', array(), array(), array(), array(
+            'HTTP_X_FORWARDED_PROTO' => 'http'
+        ));
+        $port = $request->getPort();
+
+        $this->assertEquals(80, $port, 'If X_FORWARDED_PROTO is set to http return 80.');
+        Request::setTrustedProxies(array());
+    }
+
    /**
     * @expectedException RuntimeException
     */