diff --git a/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php b/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php index bfc0c8b5b7..8e2c0f2cfb 100644 --- a/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php +++ b/src/Symfony/Component/Security/Http/Authentication/DefaultAuthenticationSuccessHandler.php @@ -119,8 +119,14 @@ class DefaultAuthenticationSuccessHandler implements AuthenticationSuccessHandle return $targetUrl; } - if ($this->options['use_referer'] && ($targetUrl = $request->headers->get('Referer')) && $targetUrl !== $this->httpUtils->generateUri($request, $this->options['login_path'])) { - return $targetUrl; + if ($this->options['use_referer']) { + $targetUrl = $request->headers->get('Referer'); + if (false !== $pos = strpos($targetUrl, '?')) { + $targetUrl = substr($targetUrl, 0, $pos); + } + if ($targetUrl !== $this->httpUtils->generateUri($request, $this->options['login_path'])) { + return $targetUrl; + } } return $this->options['default_target_path']; diff --git a/src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php b/src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php index 52cd00432d..b42f840358 100644 --- a/src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php +++ b/src/Symfony/Component/Security/Http/Tests/Authentication/DefaultAuthenticationSuccessHandlerTest.php @@ -12,173 +12,92 @@ namespace Symfony\Component\Security\Http\Tests\Authentication; use PHPUnit\Framework\TestCase; -use Symfony\Component\HttpFoundation\Response; +use Symfony\Component\HttpFoundation\Request; use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler; +use Symfony\Component\Security\Http\HttpUtils; class DefaultAuthenticationSuccessHandlerTest extends TestCase { - private $httpUtils = null; - - private $request = null; - - private $token = null; - - protected function setUp() + /** + * @dataProvider getRequestRedirections + */ + public function testRequestRedirections(Request $request, $options, $redirectedUrl) { - $this->httpUtils = $this->getMockBuilder('Symfony\Component\Security\Http\HttpUtils')->getMock(); - $this->request = $this->getMockBuilder('Symfony\Component\HttpFoundation\Request')->getMock(); - $this->request->headers = $this->getMockBuilder('Symfony\Component\HttpFoundation\HeaderBag')->getMock(); - $this->token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock(); + $urlGenerator = $this->getMockBuilder('Symfony\Component\Routing\Generator\UrlGeneratorInterface')->getMock(); + $urlGenerator->expects($this->any())->method('generate')->will($this->returnValue('http://localhost/login')); + $httpUtils = new HttpUtils($urlGenerator); + $token = $this->getMockBuilder('Symfony\Component\Security\Core\Authentication\Token\TokenInterface')->getMock(); + $handler = new DefaultAuthenticationSuccessHandler($httpUtils, $options); + if ($request->hasSession()) { + $handler->setProviderKey('admin'); + } + $this->assertSame('http://localhost'.$redirectedUrl, $handler->onAuthenticationSuccess($request, $token)->getTargetUrl()); } - public function testRequestIsRedirected() - { - $response = $this->expectRedirectResponse('/'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testDefaultTargetPathCanBeForced() - { - $options = array( - 'always_use_default_target_path' => true, - 'default_target_path' => '/dashboard', - ); - - $response = $this->expectRedirectResponse('/dashboard'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testTargetPathIsPassedWithRequest() - { - $this->request->expects($this->once()) - ->method('get')->with('_target_path') - ->will($this->returnValue('/dashboard')); - - $response = $this->expectRedirectResponse('/dashboard'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testTargetPathIsPassedAsNestedParameterWithRequest() - { - $this->request->expects($this->once()) - ->method('get')->with('_target_path') - ->will($this->returnValue(array('value' => '/dashboard'))); - - $response = $this->expectRedirectResponse('/dashboard'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array('target_path_parameter' => '_target_path[value]')); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testTargetPathParameterIsCustomised() - { - $options = array('target_path_parameter' => '_my_target_path'); - - $this->request->expects($this->once()) - ->method('get')->with('_my_target_path') - ->will($this->returnValue('/dashboard')); - - $response = $this->expectRedirectResponse('/dashboard'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testTargetPathIsTakenFromTheSession() + public function getRequestRedirections() { $session = $this->getMockBuilder('Symfony\Component\HttpFoundation\Session\SessionInterface')->getMock(); - $session->expects($this->once()) - ->method('get')->with('_security.admin.target_path') - ->will($this->returnValue('/admin/dashboard')); - $session->expects($this->once()) - ->method('remove')->with('_security.admin.target_path'); + $session->expects($this->once())->method('get')->with('_security.admin.target_path')->will($this->returnValue('/admin/dashboard')); + $session->expects($this->once())->method('remove')->with('_security.admin.target_path'); + $requestWithSession = Request::create('/'); + $requestWithSession->setSession($session); - $this->request->expects($this->any()) - ->method('getSession') - ->will($this->returnValue($session)); - - $response = $this->expectRedirectResponse('/admin/dashboard'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); - $handler->setProviderKey('admin'); - - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testTargetPathIsPassedAsReferer() - { - $options = array('use_referer' => true); - - $this->request->headers->expects($this->once()) - ->method('get')->with('Referer') - ->will($this->returnValue('/dashboard')); - - $response = $this->expectRedirectResponse('/dashboard'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testRefererHasToBeDifferentThatLoginUrl() - { - $options = array('use_referer' => true); - - $this->request->headers->expects($this->any()) - ->method('get')->with('Referer') - ->will($this->returnValue('/login')); - - $this->httpUtils->expects($this->once()) - ->method('generateUri')->with($this->request, '/login') - ->will($this->returnValue('/login')); - - $response = $this->expectRedirectResponse('/'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, $options); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - public function testRefererTargetPathIsIgnoredByDefault() - { - $this->request->headers->expects($this->never())->method('get'); - - $response = $this->expectRedirectResponse('/'); - - $handler = new DefaultAuthenticationSuccessHandler($this->httpUtils, array()); - $result = $handler->onAuthenticationSuccess($this->request, $this->token); - - $this->assertSame($response, $result); - } - - private function expectRedirectResponse($path) - { - $response = new Response(); - $this->httpUtils->expects($this->once()) - ->method('createRedirectResponse') - ->with($this->request, $path) - ->will($this->returnValue($response)); - - return $response; + return array( + 'default' => array( + Request::create('/'), + array(), + '/', + ), + 'forced target path' => array( + Request::create('/'), + array('always_use_default_target_path' => true, 'default_target_path' => '/dashboard'), + '/dashboard', + ), + 'target path as query string' => array( + Request::create('/?_target_path=/dashboard'), + array(), + '/dashboard', + ), + 'target path name as query string is customized' => array( + Request::create('/?_my_target_path=/dashboard'), + array('target_path_parameter' => '_my_target_path'), + '/dashboard', + ), + 'target path name as query string is customized and nested' => array( + Request::create('/?_target_path[value]=/dashboard'), + array('target_path_parameter' => '_target_path[value]'), + '/dashboard', + ), + 'target path in session' => array( + $requestWithSession, + array(), + '/admin/dashboard', + ), + 'target path as referer' => array( + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/dashboard')), + array('use_referer' => true), + '/dashboard', + ), + 'target path as referer is ignored if not configured' => array( + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/dashboard')), + array(), + '/', + ), + 'target path should be different than login URL' => array( + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/login')), + array('use_referer' => true, 'login_path' => '/login'), + '/', + ), + 'target path should be different than login URL (query string does not matter)' => array( + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/login?t=1&p=2')), + array('use_referer' => true, 'login_path' => '/login'), + '/', + ), + 'target path should be different than login URL (login_path as a route)' => array( + Request::create('/', 'GET', array(), array(), array(), array('HTTP_REFERER' => 'http://localhost/login?t=1&p=2')), + array('use_referer' => true, 'login_path' => 'login_route'), + '/', + ), + ); } } diff --git a/src/Symfony/Component/VarDumper/Dumper/AbstractDumper.php b/src/Symfony/Component/VarDumper/Dumper/AbstractDumper.php index 4e72c1887f..d5a9c2c9eb 100644 --- a/src/Symfony/Component/VarDumper/Dumper/AbstractDumper.php +++ b/src/Symfony/Component/VarDumper/Dumper/AbstractDumper.php @@ -38,8 +38,8 @@ abstract class AbstractDumper implements DataDumperInterface, DumperInterface public function __construct($output = null, $charset = null) { $this->setCharset($charset ?: ini_get('php.output_encoding') ?: ini_get('default_charset') ?: 'UTF-8'); - $this->decimalPoint = (string) 0.5; - $this->decimalPoint = $this->decimalPoint[1]; + $this->decimalPoint = localeconv(); + $this->decimalPoint = $this->decimalPoint['decimal_point']; $this->setOutput($output ?: static::$defaultOutput); if (!$output && is_string(static::$defaultOutput)) { static::$defaultOutput = $this->outputStream; @@ -113,6 +113,9 @@ abstract class AbstractDumper implements DataDumperInterface, DumperInterface */ public function dump(Data $data, $output = null) { + $this->decimalPoint = localeconv(); + $this->decimalPoint = $this->decimalPoint['decimal_point']; + $exception = null; if ($output) { $prevOutput = $this->setOutput($output);