Fix internal sub-request creation
Fixes the creation of internal sub-request in case of disabled trusted client-ip header
This commit is contained in:
Dmitrii Chekaliuk
Fabien Potencier
parent
7eaaec1468
commit
96aec0f49c
@ -111,10 +111,11 @@ class InlineFragmentRenderer extends RoutableFragmentRenderer
|
||||
// Sub-request object will point to localhost as client ip and real client ip
|
||||
// will be included into trusted header for client ip
|
||||
try {
|
||||
$trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP);
|
||||
$currentXForwardedFor = $request->headers->get($trustedHeaderName, '');
|
||||
if ($trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP)) {
|
||||
$currentXForwardedFor = $request->headers->get($trustedHeaderName, '');
|
||||
|
||||
$server['HTTP_'.$trustedHeaderName] = ($currentXForwardedFor ? $currentXForwardedFor.', ' : '').$request->getClientIp();
|
||||
$server['HTTP_'.$trustedHeaderName] = ($currentXForwardedFor ? $currentXForwardedFor.', ' : '').$request->getClientIp();
|
||||
}
|
||||
} catch (\InvalidArgumentException $e) {
|
||||
// Do nothing
|
||||
}
|
||||
|
||||
@ -67,6 +67,26 @@ class InlineFragmentRendererTest extends \PHPUnit_Framework_TestCase
|
||||
$strategy->render(new ControllerReference('main_controller', array('object' => $object), array()), Request::create('/'));
|
||||
}
|
||||
|
||||
public function testRenderWithTrustedHeaderDisabled()
|
||||
{
|
||||
$trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP);
|
||||
|
||||
Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, '');
|
||||
|
||||
$kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface');
|
||||
$kernel
|
||||
->expects($this->any())
|
||||
->method('handle')
|
||||
->with(Request::create('/'))
|
||||
;
|
||||
|
||||
$strategy = new InlineFragmentRenderer($kernel);
|
||||
|
||||
$strategy->render('/', Request::create('/'));
|
||||
|
||||
Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, $trustedHeaderName);
|
||||
}
|
||||
|
||||
/**
|
||||
* @expectedException \RuntimeException
|
||||
*/
|
||||
@ -147,8 +167,11 @@ class InlineFragmentRendererTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
$expectedSubRequest = Request::create('/');
|
||||
$expectedSubRequest->headers->set('Surrogate-Capability', 'abc="ESI/1.0"');
|
||||
$expectedSubRequest->headers->set('x-forwarded-for', array('127.0.0.1'));
|
||||
$expectedSubRequest->server->set('HTTP_X_FORWARDED_FOR', '127.0.0.1');
|
||||
|
||||
if (Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP)) {
|
||||
$expectedSubRequest->headers->set('x-forwarded-for', array('127.0.0.1'));
|
||||
$expectedSubRequest->server->set('HTTP_X_FORWARDED_FOR', '127.0.0.1');
|
||||
}
|
||||
|
||||
$kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface');
|
||||
$kernel
|
||||
@ -163,4 +186,14 @@ class InlineFragmentRendererTest extends \PHPUnit_Framework_TestCase
|
||||
$request->headers->set('Surrogate-Capability', 'abc="ESI/1.0"');
|
||||
$strategy->render('/', $request);
|
||||
}
|
||||
|
||||
public function testESIHeaderIsKeptInSubrequestWithTrustedHeaderDisabled()
|
||||
{
|
||||
$trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP);
|
||||
Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, '');
|
||||
|
||||
$this->testESIHeaderIsKeptInSubrequest();
|
||||
|
||||
Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, $trustedHeaderName);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user