diogo
/
symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[HttpFoundation] Allow curly braces in trusted host patterns

This commit is contained in:
Sebastian Grodzicki 2015-04-28 20:14:20 +02:00
parent 7f24883f48
commit 6038b75eaf
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/Symfony/Component/HttpFoundation/Request.php
View File

@ -553,7 +553,7 @@ class Request
public static function setTrustedHosts(array $hostPatterns) public static function setTrustedHosts(array $hostPatterns)
{ {
self::$trustedHostPatterns = array_map(function ($hostPattern) { self::$trustedHostPatterns = array_map(function ($hostPattern) {
return sprintf('{%s}i', str_replace('}', '\\}', $hostPattern)); return sprintf('#%s#i', $hostPattern);
}, $hostPatterns); }, $hostPatterns);
// we need to reset trusted hosts on trusted host patterns change // we need to reset trusted hosts on trusted host patterns change
self::$trustedHosts = array(); self::$trustedHosts = array();

2
src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
View File

@ -1601,7 +1601,7 @@ class RequestTest extends \PHPUnit_Framework_TestCase
$this->assertEquals('evil.com', $request->getHost()); $this->assertEquals('evil.com', $request->getHost());
// add a trusted domain and all its subdomains // add a trusted domain and all its subdomains
Request::setTrustedHosts(array('.*\.?trusted.com$')); Request::setTrustedHosts(array('^([a-z]{9}\.)?trusted\.com$'));
// untrusted host // untrusted host
$request->headers->set('host', 'evil.com'); $request->headers->set('host', 'evil.com');