From 3b4046e89467dc1fb5e079e377c2cfd4c239f904 Mon Sep 17 00:00:00 2001
From: Fabien Potencier <fabien.potencier@gmail.com>
Date: Mon, 1 Sep 2014 23:14:11 +0200
Subject: [PATCH] [HttpFoundation] added some missing tests

---
 .../HttpFoundation/Tests/ServerBagTest.php    | 22 ++++++++++---------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/src/Symfony/Component/HttpFoundation/Tests/ServerBagTest.php b/src/Symfony/Component/HttpFoundation/Tests/ServerBagTest.php
index 2fef317978..662c5880b1 100644
--- a/src/Symfony/Component/HttpFoundation/Tests/ServerBagTest.php
+++ b/src/Symfony/Component/HttpFoundation/Tests/ServerBagTest.php
@@ -71,19 +71,20 @@ class ServerBagTest extends \PHPUnit_Framework_TestCase
     {
         $bag = new ServerBag(array('HTTP_AUTHORIZATION' => 'Basic_'.base64_encode('foo:bar')));
 
-        $this->assertEquals(array(
-            'AUTHORIZATION' => 'Basic_'.base64_encode('foo:bar'),
-        ), $bag->getHeaders());
+        // Username and passwords should not be set as the header is bogus
+        $headers = $bag->getHeaders();
+        $this->assertFalse(isset($headers['PHP_AUTH_USER']));
+        $this->assertFalse(isset($headers['PHP_AUTH_PW']));
     }
 
     public function testHttpBasicAuthWithPhpCgiRedirect()
     {
-        $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => 'Basic '.base64_encode('foo:bar')));
+        $bag = new ServerBag(array('REDIRECT_HTTP_AUTHORIZATION' => 'Basic '.base64_encode('username:pass:word')));
 
         $this->assertEquals(array(
-            'AUTHORIZATION' => 'Basic '.base64_encode('foo:bar'),
-            'PHP_AUTH_USER' => 'foo',
-            'PHP_AUTH_PW' => 'bar'
+            'AUTHORIZATION' => 'Basic '.base64_encode('username:pass:word'),
+            'PHP_AUTH_USER' => 'username',
+            'PHP_AUTH_PW' => 'pass:word'
         ), $bag->getHeaders());
     }
 
@@ -114,9 +115,10 @@ class ServerBagTest extends \PHPUnit_Framework_TestCase
         $digest = 'Digest_username="foo", realm="acme", nonce="'.md5('secret').'", uri="/protected, qop="auth"';
         $bag = new ServerBag(array('HTTP_AUTHORIZATION' => $digest));
 
-        $this->assertEquals(array(
-            'AUTHORIZATION' => $digest,
-        ), $bag->getHeaders());
+        // Username and passwords should not be set as the header is bogus
+        $headers = $bag->getHeaders();
+        $this->assertFalse(isset($headers['PHP_AUTH_USER']));
+        $this->assertFalse(isset($headers['PHP_AUTH_PW']));
     }
 
     public function testHttpDigestAuthWithPhpCgiRedirect()