diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

bug #20925 [HttpFoundation] Validate/cast cookie expire time (ro0NL) 

This PR was merged into the 2.7 branch.

Discussion
----------

[HttpFoundation] Validate/cast cookie expire time

| Q             | A
| ------------- | ---
| Branch?       | 2.7
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | #... <!-- #-prefixed issue number(s), if any -->
| License       | MIT
| Doc PR        | symfony/symfony-docs#... <!--highly recommended for new features-->

Commits
-------

8215dbdb31 [HttpFoundation] Validate/cast cookie expire time
This commit is contained in:
Fabien Potencier 2017-01-02 19:24:33 -08:00
parent 9879c8193f 8215dbdb31
commit 5fdf0e9a60
2 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/Symfony/Component/HttpFoundation/Cookie.php
View File

@ -56,7 +56,7 @@ class Cookie
} elseif (!is_numeric($expire)) {
$expire = strtotime($expire);
if (false === $expire || -1 === $expire) {
if (false === $expire) {
throw new \InvalidArgumentException('The cookie expiration time is not valid.');
}
}
@ -64,7 +64,7 @@ class Cookie
$this->name = $name;
$this->value = $value;
$this->domain = $domain;
$this->expire = $expire;
$this->expire = 0 < $expire ? (int) $expire : 0;
$this->path = empty($path) ? '/' : $path;
$this->secure = (bool) $secure;
$this->httpOnly = (bool) $httpOnly;
@ -84,7 +84,7 @@ class Cookie
} else {
$str .= urlencode($this->getValue());
if ($this->getExpiresTime() !== 0) {
if (0 !== $this->getExpiresTime()) {
$str .= '; expires='.gmdate('D, d-M-Y H:i:s T', $this->getExpiresTime());
}
}

22
src/Symfony/Component/HttpFoundation/Tests/CookieTest.php
View File

@ -52,7 +52,14 @@ class CookieTest extends \PHPUnit_Framework_TestCase
*/
public function testInvalidExpiration()
{
$cookie = new Cookie('MyCookie', 'foo', 'bar');
new Cookie('MyCookie', 'foo', 'bar');
}
public function testNegativeExpirationIsNotPossible()
{
$cookie = new Cookie('foo', 'bar', -100);
$this->assertSame(0, $cookie->getExpiresTime());
}
public function testGetValue()
@ -77,6 +84,13 @@ class CookieTest extends \PHPUnit_Framework_TestCase
$this->assertEquals(3600, $cookie->getExpiresTime(), '->getExpiresTime() returns the expire date');
}
public function testGetExpiresTimeIsCastToInt()
{
$cookie = new Cookie('foo', 'bar', 3600.9);
$this->assertSame(3600, $cookie->getExpiresTime(), '->getExpiresTime() returns the expire date as an integer');
}
public function testConstructorWithDateTime()
{
$expire = new \DateTime();
@ -143,12 +157,12 @@ class CookieTest extends \PHPUnit_Framework_TestCase
public function testToString()
{
$cookie = new Cookie('foo', 'bar', strtotime('Fri, 20-May-2011 15:25:52 GMT'), '/', '.myfoodomain.com', true);
$this->assertEquals('foo=bar; expires=Fri, 20-May-2011 15:25:52 GMT; path=/; domain=.myfoodomain.com; secure; httponly', $cookie->__toString(), '->__toString() returns string representation of the cookie');
$this->assertEquals('foo=bar; expires=Fri, 20-May-2011 15:25:52 GMT; path=/; domain=.myfoodomain.com; secure; httponly', (string) $cookie, '->__toString() returns string representation of the cookie');
$cookie = new Cookie('foo', null, 1, '/admin/', '.myfoodomain.com');
$this->assertEquals('foo=deleted; expires='.gmdate('D, d-M-Y H:i:s T', time() - 31536001).'; path=/admin/; domain=.myfoodomain.com; httponly', $cookie->__toString(), '->__toString() returns string representation of a cleared cookie if value is NULL');
$this->assertEquals('foo=deleted; expires='.gmdate('D, d-M-Y H:i:s T', time() - 31536001).'; path=/admin/; domain=.myfoodomain.com; httponly', (string) $cookie, '->__toString() returns string representation of a cleared cookie if value is NULL');
$cookie = new Cookie('foo', 'bar', 0, '/', '');
$this->assertEquals('foo=bar; path=/; httponly', $cookie->__toString());
$this->assertEquals('foo=bar; path=/; httponly', (string) $cookie);
}
}