diogo/symfony
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

merged branch lazyhammer/fix-inline-fragment (PR #7893)

Browse Source 
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes #7893).

Discussion
----------

[HttpKernel] Fix internal sub-request creation

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | n/a
| License       | MIT
| Doc PR        | n/a

Fixes the creation of internal sub-request in case of disabled trusted
client-ip header.

Commits
-------

85d5413 [HttpKernel] Fix internal sub-request creation
This commit is contained in:
Fabien Potencier 2013-08-11 19:29:22 +02:00
commit 615bd0ba7d
2 changed files with 39 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/Symfony/Component/HttpKernel/Fragment/InlineFragmentRenderer.php
View File

@ -111,10 +111,11 @@ class InlineFragmentRenderer extends RoutableFragmentRenderer
// Sub-request object will point to localhost as client ip and real client ip
// will be included into trusted header for client ip
try {
$trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP);
$currentXForwardedFor = $request->headers->get($trustedHeaderName, '');
if ($trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP)) {
$currentXForwardedFor = $request->headers->get($trustedHeaderName, '');
$server['HTTP_'.$trustedHeaderName] = ($currentXForwardedFor ? $currentXForwardedFor.', ' : '').$request->getClientIp();
$server['HTTP_'.$trustedHeaderName] = ($currentXForwardedFor ? $currentXForwardedFor.', ' : '').$request->getClientIp();
}
} catch (\InvalidArgumentException $e) {
// Do nothing
}

37
src/Symfony/Component/HttpKernel/Tests/Fragment/InlineFragmentRendererTest.php
View File

@ -67,6 +67,26 @@ class InlineFragmentRendererTest extends \PHPUnit_Framework_TestCase
$strategy->render(new ControllerReference('main_controller', array('object' => $object), array()), Request::create('/'));
}
public function testRenderWithTrustedHeaderDisabled()
{
$trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP);
Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, '');
$kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface');
$kernel
->expects($this->any())
->method('handle')
->with(Request::create('/'))
;
$strategy = new InlineFragmentRenderer($kernel);
$strategy->render('/', Request::create('/'));
Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, $trustedHeaderName);
}
/**
* @expectedException \RuntimeException
*/
@ -147,8 +167,11 @@ class InlineFragmentRendererTest extends \PHPUnit_Framework_TestCase
{
$expectedSubRequest = Request::create('/');
$expectedSubRequest->headers->set('Surrogate-Capability', 'abc="ESI/1.0"');
$expectedSubRequest->headers->set('x-forwarded-for', array('127.0.0.1'));
$expectedSubRequest->server->set('HTTP_X_FORWARDED_FOR', '127.0.0.1');
if (Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP)) {
$expectedSubRequest->headers->set('x-forwarded-for', array('127.0.0.1'));
$expectedSubRequest->server->set('HTTP_X_FORWARDED_FOR', '127.0.0.1');
}
$kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface');
$kernel
@ -163,4 +186,14 @@ class InlineFragmentRendererTest extends \PHPUnit_Framework_TestCase
$request->headers->set('Surrogate-Capability', 'abc="ESI/1.0"');
$strategy->render('/', $request);
}
public function testESIHeaderIsKeptInSubrequestWithTrustedHeaderDisabled()
{
$trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP);
Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, '');
$this->testESIHeaderIsKeptInSubrequest();
Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, $trustedHeaderName);
}
}