add basic validation of callback name
This commit is contained in:
parent
266f76d963
commit
601b87ca01
@ -56,6 +56,14 @@ class JsonResponse extends Response
|
|||||||
*/
|
*/
|
||||||
public function setCallback($callback = null)
|
public function setCallback($callback = null)
|
||||||
{
|
{
|
||||||
|
if ($callback) {
|
||||||
|
// taken from http://www.geekality.net/2011/08/03/valid-javascript-identifier/
|
||||||
|
$pattern = '/^[$_\p{L}][$_\p{L}\p{Mn}\p{Mc}\p{Nd}\p{Pc}\x{200C}\x{200D}]*+$/u';
|
||||||
|
if (!preg_match($pattern, $callback)) {
|
||||||
|
throw new \InvalidArgumentException('The callback name is not valid.');
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
$this->callback = $callback;
|
$this->callback = $callback;
|
||||||
|
|
||||||
return $this->update();
|
return $this->update();
|
||||||
|
@ -104,4 +104,12 @@ class JsonResponseTest extends \PHPUnit_Framework_TestCase
|
|||||||
$this->assertEquals('callback({"foo":"bar"});', $response->getContent());
|
$this->assertEquals('callback({"foo":"bar"});', $response->getContent());
|
||||||
$this->assertEquals('text/javascript', $response->headers->get('Content-Type'));
|
$this->assertEquals('text/javascript', $response->headers->get('Content-Type'));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testSetCallbackInvalidIdentifier()
|
||||||
|
{
|
||||||
|
$response = new JsonResponse('foo');
|
||||||
|
|
||||||
|
$this->setExpectedException('InvalidArgumentException');
|
||||||
|
$response->setCallback('+invalid');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user