[HttpKernel] Correctly Render Signed URIs Containing Fragments
Rebuild the URL with the computed hash instead of appending it onto the end of the URI, preventing incorrect formatting when dealing with URIs containing fragments.
This commit is contained in:
parent
44e9a91f30
commit
b9ece6bde7
@ -72,7 +72,7 @@ class EsiFragmentRendererTest extends TestCase
|
|||||||
$altReference = new ControllerReference('alt_controller', array(), array());
|
$altReference = new ControllerReference('alt_controller', array(), array());
|
||||||
|
|
||||||
$this->assertEquals(
|
$this->assertEquals(
|
||||||
'<esi:include src="/_fragment?_path=_format%3Dhtml%26_locale%3Dfr%26_controller%3Dmain_controller&_hash=Jz1P8NErmhKTeI6onI1EdAXTB85359MY3RIk5mSJ60w%3D" alt="/_fragment?_path=_format%3Dhtml%26_locale%3Dfr%26_controller%3Dalt_controller&_hash=iPJEdRoUpGrM1ztqByiorpfMPtiW%2FOWwdH1DBUXHhEc%3D" />',
|
'<esi:include src="/_fragment?_hash=Jz1P8NErmhKTeI6onI1EdAXTB85359MY3RIk5mSJ60w%3D&_path=_format%3Dhtml%26_locale%3Dfr%26_controller%3Dmain_controller" alt="/_fragment?_hash=iPJEdRoUpGrM1ztqByiorpfMPtiW%2FOWwdH1DBUXHhEc%3D&_path=_format%3Dhtml%26_locale%3Dfr%26_controller%3Dalt_controller" />',
|
||||||
$strategy->render($reference, $request, array('alt' => $altReference))->getContent()
|
$strategy->render($reference, $request, array('alt' => $altReference))->getContent()
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
@ -32,7 +32,7 @@ class HIncludeFragmentRendererTest extends TestCase
|
|||||||
{
|
{
|
||||||
$strategy = new HIncludeFragmentRenderer(null, new UriSigner('foo'));
|
$strategy = new HIncludeFragmentRenderer(null, new UriSigner('foo'));
|
||||||
|
|
||||||
$this->assertEquals('<hx:include src="/_fragment?_path=_format%3Dhtml%26_locale%3Den%26_controller%3Dmain_controller&_hash=BP%2BOzCD5MRUI%2BHJpgPDOmoju00FnzLhP3TGcSHbbBLs%3D"></hx:include>', $strategy->render(new ControllerReference('main_controller', array(), array()), Request::create('/'))->getContent());
|
$this->assertEquals('<hx:include src="/_fragment?_hash=BP%2BOzCD5MRUI%2BHJpgPDOmoju00FnzLhP3TGcSHbbBLs%3D&_path=_format%3Dhtml%26_locale%3Den%26_controller%3Dmain_controller"></hx:include>', $strategy->render(new ControllerReference('main_controller', array(), array()), Request::create('/'))->getContent());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testRenderWithUri()
|
public function testRenderWithUri()
|
||||||
|
@ -51,7 +51,7 @@ class SsiFragmentRendererTest extends TestCase
|
|||||||
$altReference = new ControllerReference('alt_controller', array(), array());
|
$altReference = new ControllerReference('alt_controller', array(), array());
|
||||||
|
|
||||||
$this->assertEquals(
|
$this->assertEquals(
|
||||||
'<!--#include virtual="/_fragment?_path=_format%3Dhtml%26_locale%3Dfr%26_controller%3Dmain_controller&_hash=Jz1P8NErmhKTeI6onI1EdAXTB85359MY3RIk5mSJ60w%3D" -->',
|
'<!--#include virtual="/_fragment?_hash=Jz1P8NErmhKTeI6onI1EdAXTB85359MY3RIk5mSJ60w%3D&_path=_format%3Dhtml%26_locale%3Dfr%26_controller%3Dmain_controller" -->',
|
||||||
$strategy->render($reference, $request, array('alt' => $altReference))->getContent()
|
$strategy->render($reference, $request, array('alt' => $altReference))->getContent()
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
@ -21,7 +21,8 @@ class UriSignerTest extends TestCase
|
|||||||
$signer = new UriSigner('foobar');
|
$signer = new UriSigner('foobar');
|
||||||
|
|
||||||
$this->assertContains('?_hash=', $signer->sign('http://example.com/foo'));
|
$this->assertContains('?_hash=', $signer->sign('http://example.com/foo'));
|
||||||
$this->assertContains('&_hash=', $signer->sign('http://example.com/foo?foo=bar'));
|
$this->assertContains('?_hash=', $signer->sign('http://example.com/foo?foo=bar'));
|
||||||
|
$this->assertContains('&foo=', $signer->sign('http://example.com/foo?foo=bar'));
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testCheck()
|
public function testCheck()
|
||||||
@ -45,7 +46,7 @@ class UriSignerTest extends TestCase
|
|||||||
$signer = new UriSigner('foobar');
|
$signer = new UriSigner('foobar');
|
||||||
|
|
||||||
$this->assertSame(
|
$this->assertSame(
|
||||||
'http://example.com/foo?baz=bay&foo=bar&_hash=rIOcC%2FF3DoEGo%2FvnESjSp7uU9zA9S%2F%2BOLhxgMexoPUM%3D',
|
'http://example.com/foo?_hash=rIOcC%2FF3DoEGo%2FvnESjSp7uU9zA9S%2F%2BOLhxgMexoPUM%3D&baz=bay&foo=bar',
|
||||||
$signer->sign('http://example.com/foo?foo=bar&baz=bay')
|
$signer->sign('http://example.com/foo?foo=bar&baz=bay')
|
||||||
);
|
);
|
||||||
$this->assertTrue($signer->check($signer->sign('http://example.com/foo?foo=bar&baz=bay')));
|
$this->assertTrue($signer->check($signer->sign('http://example.com/foo?foo=bar&baz=bay')));
|
||||||
@ -61,4 +62,15 @@ class UriSignerTest extends TestCase
|
|||||||
);
|
);
|
||||||
$this->assertTrue($signer->check($signer->sign('http://example.com/foo?foo=bar&baz=bay')));
|
$this->assertTrue($signer->check($signer->sign('http://example.com/foo?foo=bar&baz=bay')));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function testSignerWorksWithFragments()
|
||||||
|
{
|
||||||
|
$signer = new UriSigner('foobar');
|
||||||
|
|
||||||
|
$this->assertSame(
|
||||||
|
'http://example.com/foo?_hash=EhpAUyEobiM3QTrKxoLOtQq5IsWyWedoXDPqIjzNj5o%3D&bar=foo&foo=bar#foobar',
|
||||||
|
$signer->sign('http://example.com/foo?bar=foo&foo=bar#foobar')
|
||||||
|
);
|
||||||
|
$this->assertTrue($signer->check($signer->sign('http://example.com/foo?bar=foo&foo=bar#foobar')));
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
@ -51,8 +51,9 @@ class UriSigner
|
|||||||
}
|
}
|
||||||
|
|
||||||
$uri = $this->buildUrl($url, $params);
|
$uri = $this->buildUrl($url, $params);
|
||||||
|
$params[$this->parameter] = $this->computeHash($uri);
|
||||||
|
|
||||||
return $uri.(false === strpos($uri, '?') ? '?' : '&').$this->parameter.'='.$this->computeHash($uri);
|
return $this->buildUrl($url, $params);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -75,7 +76,7 @@ class UriSigner
|
|||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$hash = urlencode($params[$this->parameter]);
|
$hash = $params[$this->parameter];
|
||||||
unset($params[$this->parameter]);
|
unset($params[$this->parameter]);
|
||||||
|
|
||||||
return $this->computeHash($this->buildUrl($url, $params)) === $hash;
|
return $this->computeHash($this->buildUrl($url, $params)) === $hash;
|
||||||
@ -83,7 +84,7 @@ class UriSigner
|
|||||||
|
|
||||||
private function computeHash($uri)
|
private function computeHash($uri)
|
||||||
{
|
{
|
||||||
return urlencode(base64_encode(hash_hmac('sha256', $uri, $this->secret, true)));
|
return base64_encode(hash_hmac('sha256', $uri, $this->secret, true));
|
||||||
}
|
}
|
||||||
|
|
||||||
private function buildUrl(array $url, array $params = array())
|
private function buildUrl(array $url, array $params = array())
|
||||||
|
Reference in New Issue
Block a user