[HttpFoundation] Allow curly braces in trusted host patterns
This commit is contained in:
parent
7f24883f48
commit
6038b75eaf
|
@ -553,7 +553,7 @@ class Request
|
|||
public static function setTrustedHosts(array $hostPatterns)
|
||||
{
|
||||
self::$trustedHostPatterns = array_map(function ($hostPattern) {
|
||||
return sprintf('{%s}i', str_replace('}', '\\}', $hostPattern));
|
||||
return sprintf('#%s#i', $hostPattern);
|
||||
}, $hostPatterns);
|
||||
// we need to reset trusted hosts on trusted host patterns change
|
||||
self::$trustedHosts = array();
|
||||
|
|
|
@ -1601,7 +1601,7 @@ class RequestTest extends \PHPUnit_Framework_TestCase
|
|||
$this->assertEquals('evil.com', $request->getHost());
|
||||
|
||||
// add a trusted domain and all its subdomains
|
||||
Request::setTrustedHosts(array('.*\.?trusted.com$'));
|
||||
Request::setTrustedHosts(array('^([a-z]{9}\.)?trusted\.com$'));
|
||||
|
||||
// untrusted host
|
||||
$request->headers->set('host', 'evil.com');
|
||||
|
|
Reference in New Issue