Merge branch '2.7' into 2.8
* 2.7: use Precise on Travis to keep PHP LDAP support fix(security): ensure the 'route' index is set before attempting to use it
This commit is contained in:
commit
6158ab363d
@ -1,5 +1,6 @@
|
|||||||
language: php
|
language: php
|
||||||
|
|
||||||
|
dist: precise
|
||||||
sudo: false
|
sudo: false
|
||||||
|
|
||||||
git:
|
git:
|
||||||
|
@ -108,7 +108,7 @@ class HttpUtils
|
|||||||
$parameters = $this->urlMatcher->match($request->getPathInfo());
|
$parameters = $this->urlMatcher->match($request->getPathInfo());
|
||||||
}
|
}
|
||||||
|
|
||||||
return $path === $parameters['_route'];
|
return isset($parameters['_route']) && $path === $parameters['_route'];
|
||||||
} catch (MethodNotAllowedException $e) {
|
} catch (MethodNotAllowedException $e) {
|
||||||
return false;
|
return false;
|
||||||
} catch (ResourceNotFoundException $e) {
|
} catch (ResourceNotFoundException $e) {
|
||||||
|
@ -221,6 +221,19 @@ class HttpUtilsTest extends TestCase
|
|||||||
$utils->checkRequestPath($this->getRequest(), 'foobar');
|
$utils->checkRequestPath($this->getRequest(), 'foobar');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testCheckPathWithoutRouteParam()
|
||||||
|
{
|
||||||
|
$urlMatcher = $this->getMockBuilder('Symfony\Component\Routing\Matcher\UrlMatcherInterface')->getMock();
|
||||||
|
$urlMatcher
|
||||||
|
->expects($this->any())
|
||||||
|
->method('match')
|
||||||
|
->willReturn(array('_controller' => 'PathController'))
|
||||||
|
;
|
||||||
|
|
||||||
|
$utils = new HttpUtils(null, $urlMatcher);
|
||||||
|
$this->assertFalse($utils->checkRequestPath($this->getRequest(), 'path/index.html'));
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @expectedException \InvalidArgumentException
|
* @expectedException \InvalidArgumentException
|
||||||
* @expectedExceptionMessage Matcher must either implement UrlMatcherInterface or RequestMatcherInterface
|
* @expectedExceptionMessage Matcher must either implement UrlMatcherInterface or RequestMatcherInterface
|
||||||
|
Reference in New Issue
Block a user