--- /dev/null
+<?php
+
+/**
+ * @group WebRequest
+ */
+class WebRequestTest extends MediaWikiTestCase {
+ protected $oldServer;
+
+ protected function setUp() {
+ parent::setUp();
+
+ $this->oldServer = $_SERVER;
+ }
+
+ protected function tearDown() {
+ $_SERVER = $this->oldServer;
+
+ parent::tearDown();
+ }
+
+ /**
+ * @dataProvider provideDetectServer
+ * @covers WebRequest::detectServer
+ * @covers WebRequest::detectProtocol
+ */
+ public function testDetectServer( $expected, $input, $description ) {
+ $this->setMwGlobals( 'wgAssumeProxiesUseDefaultProtocolPorts', true );
+
+ $_SERVER = $input;
+ $result = WebRequest::detectServer();
+ $this->assertEquals( $expected, $result, $description );
+ }
+
+ public static function provideDetectServer() {
+ return [
+ [
+ 'http://x',
+ [
+ 'HTTP_HOST' => 'x'
+ ],
+ 'Host header'
+ ],
+ [
+ 'https://x',
+ [
+ 'HTTP_HOST' => 'x',
+ 'HTTPS' => 'on',
+ ],
+ 'Host header with secure'
+ ],
+ [
+ 'http://x',
+ [
+ 'HTTP_HOST' => 'x',
+ 'SERVER_PORT' => 80,
+ ],
+ 'Default SERVER_PORT',
+ ],
+ [
+ 'http://x',
+ [
+ 'HTTP_HOST' => 'x',
+ 'HTTPS' => 'off',
+ ],
+ 'Secure off'
+ ],
+ [
+ 'https://x',
+ [
+ 'HTTP_HOST' => 'x',
+ 'HTTP_X_FORWARDED_PROTO' => 'https',
+ ],
+ 'Forwarded HTTPS'
+ ],
+ [
+ 'https://x',
+ [
+ 'HTTP_HOST' => 'x',
+ 'HTTPS' => 'off',
+ 'SERVER_PORT' => '81',
+ 'HTTP_X_FORWARDED_PROTO' => 'https',
+ ],
+ 'Forwarded HTTPS'
+ ],
+ [
+ 'http://y',
+ [
+ 'SERVER_NAME' => 'y',
+ ],
+ 'Server name'
+ ],
+ [
+ 'http://x',
+ [
+ 'HTTP_HOST' => 'x',
+ 'SERVER_NAME' => 'y',
+ ],
+ 'Host server name precedence'
+ ],
+ [
+ 'http://[::1]:81',
+ [
+ 'HTTP_HOST' => '[::1]',
+ 'SERVER_NAME' => '::1',
+ 'SERVER_PORT' => '81',
+ ],
+ 'Apache bug 26005'
+ ],
+ [
+ 'http://localhost',
+ [
+ 'SERVER_NAME' => '[2001'
+ ],
+ 'Kind of like lighttpd per commit message in MW r83847',
+ ],
+ [
+ 'http://[2a01:e35:2eb4:1::2]:777',
+ [
+ 'SERVER_NAME' => '[2a01:e35:2eb4:1::2]:777'
+ ],
+ 'Possible lighttpd environment per bug 14977 comment 13',
+ ],
+ ];
+ }
+
+ protected function mockWebRequest( $data = [] ) {
+ // Cannot use PHPUnit getMockBuilder() as it does not support
+ // overriding protected properties afterwards
+ $reflection = new ReflectionClass( 'WebRequest' );
+ $req = $reflection->newInstanceWithoutConstructor();
+
+ $prop = $reflection->getProperty( 'data' );
+ $prop->setAccessible( true );
+ $prop->setValue( $req, $data );
+
+ $prop = $reflection->getProperty( 'requestTime' );
+ $prop->setAccessible( true );
+ $prop->setValue( $req, microtime( true ) );
+
+ return $req;
+ }
+
+ /**
+ * @covers WebRequest::getElapsedTime
+ */
+ public function testGetElapsedTime() {
+ $req = $this->mockWebRequest();
+ $this->assertGreaterThanOrEqual( 0.0, $req->getElapsedTime() );
+ $this->assertEquals( 0.0, $req->getElapsedTime(), '', /*delta*/ 0.2 );
+ }
+
+ /**
+ * @covers WebRequest::getVal
+ * @covers WebRequest::getGPCVal
+ * @covers WebRequest::normalizeUnicode
+ */
+ public function testGetValNormal() {
+ // Assert that WebRequest normalises GPC data using UtfNormal\Validator
+ $input = "a \x00 null";
+ $normal = "a \xef\xbf\xbd null";
+ $req = $this->mockWebRequest( [ 'x' => $input, 'y' => [ $input, $input ] ] );
+ $this->assertSame( $normal, $req->getVal( 'x' ) );
+ $this->assertNotSame( $input, $req->getVal( 'x' ) );
+ $this->assertSame( [ $normal, $normal ], $req->getArray( 'y' ) );
+ }
+
+ /**
+ * @covers WebRequest::getVal
+ * @covers WebRequest::getGPCVal
+ */
+ public function testGetVal() {
+ $req = $this->mockWebRequest( [ 'x' => 'Value', 'y' => [ 'a' ], 'crlf' => "A\r\nb" ] );
+ $this->assertSame( 'Value', $req->getVal( 'x' ), 'Simple value' );
+ $this->assertSame( null, $req->getVal( 'z' ), 'Not found' );
+ $this->assertSame( null, $req->getVal( 'y' ), 'Array is ignored' );
+ $this->assertSame( "A\r\nb", $req->getVal( 'crlf' ), 'CRLF' );
+ }
+
+ /**
+ * @covers WebRequest::getRawVal
+ */
+ public function testGetRawVal() {
+ $req = $this->mockWebRequest( [
+ 'x' => 'Value',
+ 'y' => [ 'a' ],
+ 'crlf' => "A\r\nb"
+ ] );
+ $this->assertSame( 'Value', $req->getRawVal( 'x' ) );
+ $this->assertSame( null, $req->getRawVal( 'z' ), 'Not found' );
+ $this->assertSame( null, $req->getRawVal( 'y' ), 'Array is ignored' );
+ $this->assertSame( "A\r\nb", $req->getRawVal( 'crlf' ), 'CRLF' );
+ }
+
+ /**
+ * @covers WebRequest::getArray
+ */
+ public function testGetArray() {
+ $req = $this->mockWebRequest( [ 'x' => 'Value', 'y' => [ 'a', 'b' ] ] );
+ $this->assertSame( [ 'Value' ], $req->getArray( 'x' ), 'Value becomes array' );
+ $this->assertSame( null, $req->getArray( 'z' ), 'Not found' );
+ $this->assertSame( [ 'a', 'b' ], $req->getArray( 'y' ) );
+ }
+
+ /**
+ * @covers WebRequest::getIntArray
+ */
+ public function testGetIntArray() {
+ $req = $this->mockWebRequest( [ 'x' => [ 'Value' ], 'y' => [ '0', '4.2', '-2' ] ] );
+ $this->assertSame( [ 0 ], $req->getIntArray( 'x' ), 'Text becomes 0' );
+ $this->assertSame( null, $req->getIntArray( 'z' ), 'Not found' );
+ $this->assertSame( [ 0, 4, -2 ], $req->getIntArray( 'y' ) );
+ }
+
+ /**
+ * @covers WebRequest::getInt
+ */
+ public function testGetInt() {
+ $req = $this->mockWebRequest( [
+ 'x' => 'Value',
+ 'y' => [ 'a' ],
+ 'zero' => '0',
+ 'answer' => '4.2',
+ 'neg' => '-2',
+ ] );
+ $this->assertSame( 0, $req->getInt( 'x' ), 'Text' );
+ $this->assertSame( 0, $req->getInt( 'y' ), 'Array' );
+ $this->assertSame( 0, $req->getInt( 'z' ), 'Not found' );
+ $this->assertSame( 0, $req->getInt( 'zero' ) );
+ $this->assertSame( 4, $req->getInt( 'answer' ) );
+ $this->assertSame( -2, $req->getInt( 'neg' ) );
+ }
+
+ /**
+ * @covers WebRequest::getIntOrNull
+ */
+ public function testGetIntOrNull() {
+ $req = $this->mockWebRequest( [
+ 'x' => 'Value',
+ 'y' => [ 'a' ],
+ 'zero' => '0',
+ 'answer' => '4.2',
+ 'neg' => '-2',
+ ] );
+ $this->assertSame( null, $req->getIntOrNull( 'x' ), 'Text' );
+ $this->assertSame( null, $req->getIntOrNull( 'y' ), 'Array' );
+ $this->assertSame( null, $req->getIntOrNull( 'z' ), 'Not found' );
+ $this->assertSame( 0, $req->getIntOrNull( 'zero' ) );
+ $this->assertSame( 4, $req->getIntOrNull( 'answer' ) );
+ $this->assertSame( -2, $req->getIntOrNull( 'neg' ) );
+ }
+
+ /**
+ * @covers WebRequest::getFloat
+ */
+ public function testGetFloat() {
+ $req = $this->mockWebRequest( [
+ 'x' => 'Value',
+ 'y' => [ 'a' ],
+ 'zero' => '0',
+ 'answer' => '4.2',
+ 'neg' => '-2',
+ ] );
+ $this->assertSame( 0.0, $req->getFloat( 'x' ), 'Text' );
+ $this->assertSame( 0.0, $req->getFloat( 'y' ), 'Array' );
+ $this->assertSame( 0.0, $req->getFloat( 'z' ), 'Not found' );
+ $this->assertSame( 0.0, $req->getFloat( 'zero' ) );
+ $this->assertSame( 4.2, $req->getFloat( 'answer' ) );
+ $this->assertSame( -2.0, $req->getFloat( 'neg' ) );
+ }
+
+ /**
+ * @covers WebRequest::getBool
+ */
+ public function testGetBool() {
+ $req = $this->mockWebRequest( [
+ 'x' => 'Value',
+ 'y' => [ 'a' ],
+ 'zero' => '0',
+ 'f' => 'false',
+ 't' => 'true',
+ ] );
+ $this->assertSame( true, $req->getBool( 'x' ), 'Text' );
+ $this->assertSame( false, $req->getBool( 'y' ), 'Array' );
+ $this->assertSame( false, $req->getBool( 'z' ), 'Not found' );
+ $this->assertSame( false, $req->getBool( 'zero' ) );
+ $this->assertSame( true, $req->getBool( 'f' ) );
+ $this->assertSame( true, $req->getBool( 't' ) );
+ }
+
+ public static function provideFuzzyBool() {
+ return [
+ [ 'Text', true ],
+ [ '', false, '(empty string)' ],
+ [ '0', false ],
+ [ '1', true ],
+ [ 'false', false ],
+ [ 'true', true ],
+ [ 'False', false ],
+ [ 'True', true ],
+ [ 'FALSE', false ],
+ [ 'TRUE', true ],
+ ];
+ }
+
+ /**
+ * @dataProvider provideFuzzyBool
+ * @covers WebRequest::getFuzzyBool
+ */
+ public function testGetFuzzyBool( $value, $expected, $message = null ) {
+ $req = $this->mockWebRequest( [ 'x' => $value ] );
+ $this->assertSame( $expected, $req->getFuzzyBool( 'x' ), $message ?: "Value: '$value'" );
+ }
+
+ /**
+ * @covers WebRequest::getFuzzyBool
+ */
+ public function testGetFuzzyBoolDefault() {
+ $req = $this->mockWebRequest();
+ $this->assertSame( false, $req->getFuzzyBool( 'z' ), 'Not found' );
+ }
+
+ /**
+ * @covers WebRequest::getCheck
+ */
+ public function testGetCheck() {
+ $req = $this->mockWebRequest( [ 'x' => 'Value', 'zero' => '0' ] );
+ $this->assertSame( false, $req->getCheck( 'z' ), 'Not found' );
+ $this->assertSame( true, $req->getCheck( 'x' ), 'Text' );
+ $this->assertSame( true, $req->getCheck( 'zero' ) );
+ }
+
+ /**
+ * @covers WebRequest::getText
+ */
+ public function testGetText() {
+ // Avoid FauxRequest (overrides getText)
+ $req = $this->mockWebRequest( [ 'crlf' => "Va\r\nlue" ] );
+ $this->assertSame( "Va\nlue", $req->getText( 'crlf' ), 'CR stripped' );
+ }
+
+ /**
+ * @covers WebRequest::getValues
+ */
+ public function testGetValues() {
+ $values = [ 'x' => 'Value', 'y' => '' ];
+ // Avoid FauxRequest (overrides getValues)
+ $req = $this->mockWebRequest( $values );
+ $this->assertSame( $values, $req->getValues() );
+ $this->assertSame( [ 'x' => 'Value' ], $req->getValues( 'x' ), 'Specific keys' );
+ }
+
+ /**
+ * @covers WebRequest::getValueNames
+ */
+ public function testGetValueNames() {
+ $req = $this->mockWebRequest( [ 'x' => 'Value', 'y' => '' ] );
+ $this->assertSame( [ 'x', 'y' ], $req->getValueNames() );
+ $this->assertSame( [ 'x' ], $req->getValueNames( [ 'y' ] ), 'Exclude keys' );
+ }
+
+ /**
+ * @dataProvider provideGetIP
+ * @covers WebRequest::getIP
+ */
+ public function testGetIP( $expected, $input, $squid, $xffList, $private, $description ) {
+ $_SERVER = $input;
+ $this->setMwGlobals( [
+ 'wgUsePrivateIPs' => $private,
+ 'wgHooks' => [
+ 'IsTrustedProxy' => [
+ function ( &$ip, &$trusted ) use ( $xffList ) {
+ $trusted = $trusted || in_array( $ip, $xffList );
+ return true;
+ }
+ ]
+ ]
+ ] );
+
+ $this->setService( 'ProxyLookup', new ProxyLookup( [], $squid ) );
+
+ $request = new WebRequest();
+ $result = $request->getIP();
+ $this->assertEquals( $expected, $result, $description );
+ }
+
+ public static function provideGetIP() {
+ return [
+ [
+ '127.0.0.1',
+ [
+ 'REMOTE_ADDR' => '127.0.0.1'
+ ],
+ [],
+ [],
+ false,
+ 'Simple IPv4'
+ ],
+ [
+ '::1',
+ [
+ 'REMOTE_ADDR' => '::1'
+ ],
+ [],
+ [],
+ false,
+ 'Simple IPv6'
+ ],
+ [
+ '12.0.0.1',
+ [
+ 'REMOTE_ADDR' => 'abcd:0001:002:03:4:555:6666:7777',
+ 'HTTP_X_FORWARDED_FOR' => '12.0.0.1, abcd:0001:002:03:4:555:6666:7777',
+ ],
+ [ 'ABCD:1:2:3:4:555:6666:7777' ],
+ [],
+ false,
+ 'IPv6 normalisation'
+ ],
+ [
+ '12.0.0.3',
+ [
+ 'REMOTE_ADDR' => '12.0.0.1',
+ 'HTTP_X_FORWARDED_FOR' => '12.0.0.3, 12.0.0.2'
+ ],
+ [ '12.0.0.1', '12.0.0.2' ],
+ [],
+ false,
+ 'With X-Forwaded-For'
+ ],
+ [
+ '12.0.0.1',
+ [
+ 'REMOTE_ADDR' => '12.0.0.1',
+ 'HTTP_X_FORWARDED_FOR' => '12.0.0.3, 12.0.0.2'
+ ],
+ [],
+ [],
+ false,
+ 'With X-Forwaded-For and disallowed server'
+ ],
+ [
+ '12.0.0.2',
+ [
+ 'REMOTE_ADDR' => '12.0.0.1',
+ 'HTTP_X_FORWARDED_FOR' => '12.0.0.3, 12.0.0.2'
+ ],
+ [ '12.0.0.1' ],
+ [],
+ false,
+ 'With multiple X-Forwaded-For and only one allowed server'
+ ],
+ [
+ '10.0.0.3',
+ [
+ 'REMOTE_ADDR' => '12.0.0.2',
+ 'HTTP_X_FORWARDED_FOR' => '10.0.0.4, 10.0.0.3, 12.0.0.2'
+ ],
+ [ '12.0.0.1', '12.0.0.2' ],
+ [],
+ false,
+ 'With X-Forwaded-For and private IP (from cache proxy)'
+ ],
+ [
+ '10.0.0.4',
+ [
+ 'REMOTE_ADDR' => '12.0.0.2',
+ 'HTTP_X_FORWARDED_FOR' => '10.0.0.4, 10.0.0.3, 12.0.0.2'
+ ],
+ [ '12.0.0.1', '12.0.0.2', '10.0.0.3' ],
+ [],
+ true,
+ 'With X-Forwaded-For and private IP (allowed)'
+ ],
+ [
+ '10.0.0.4',
+ [
+ 'REMOTE_ADDR' => '12.0.0.2',
+ 'HTTP_X_FORWARDED_FOR' => '10.0.0.4, 10.0.0.3, 12.0.0.2'
+ ],
+ [ '12.0.0.1', '12.0.0.2' ],
+ [ '10.0.0.3' ],
+ true,
+ 'With X-Forwaded-For and private IP (allowed)'
+ ],
+ [
+ '10.0.0.3',
+ [
+ 'REMOTE_ADDR' => '12.0.0.2',
+ 'HTTP_X_FORWARDED_FOR' => '10.0.0.4, 10.0.0.3, 12.0.0.2'
+ ],
+ [ '12.0.0.1', '12.0.0.2' ],
+ [ '10.0.0.3' ],
+ false,
+ 'With X-Forwaded-For and private IP (disallowed)'
+ ],
+ [
+ '12.0.0.3',
+ [
+ 'REMOTE_ADDR' => '12.0.0.1',
+ 'HTTP_X_FORWARDED_FOR' => '12.0.0.3, 12.0.0.2'
+ ],
+ [],
+ [ '12.0.0.1', '12.0.0.2' ],
+ false,
+ 'With X-Forwaded-For'
+ ],
+ [
+ '12.0.0.2',
+ [
+ 'REMOTE_ADDR' => '12.0.0.1',
+ 'HTTP_X_FORWARDED_FOR' => '12.0.0.3, 12.0.0.2'
+ ],
+ [],
+ [ '12.0.0.1' ],
+ false,
+ 'With multiple X-Forwaded-For and only one allowed server'
+ ],
+ [
+ '12.0.0.2',
+ [
+ 'REMOTE_ADDR' => '12.0.0.2',
+ 'HTTP_X_FORWARDED_FOR' => '10.0.0.3, 12.0.0.2'
+ ],
+ [],
+ [ '12.0.0.2' ],
+ false,
+ 'With X-Forwaded-For and private IP and hook (disallowed)'
+ ],
+ [
+ '12.0.0.1',
+ [
+ 'REMOTE_ADDR' => 'abcd:0001:002:03:4:555:6666:7777',
+ 'HTTP_X_FORWARDED_FOR' => '12.0.0.1, abcd:0001:002:03:4:555:6666:7777',
+ ],
+ [ 'ABCD:1:2:3::/64' ],
+ [],
+ false,
+ 'IPv6 CIDR'
+ ],
+ [
+ '12.0.0.3',
+ [
+ 'REMOTE_ADDR' => '12.0.0.1',
+ 'HTTP_X_FORWARDED_FOR' => '12.0.0.3, 12.0.0.2'
+ ],
+ [ '12.0.0.0/24' ],
+ [],
+ false,
+ 'IPv4 CIDR'
+ ],
+ ];
+ }
+
+ /**
+ * @expectedException MWException
+ * @covers WebRequest::getIP
+ */
+ public function testGetIpLackOfRemoteAddrThrowAnException() {
+ // ensure that local install state doesn't interfere with test
+ $this->setMwGlobals( [
+ 'wgSquidServersNoPurge' => [],
+ 'wgSquidServers' => [],
+ 'wgUsePrivateIPs' => false,
+ 'wgHooks' => [],
+ ] );
+ $this->setService( 'ProxyLookup', new ProxyLookup( [], [] ) );
+
+ $request = new WebRequest();
+ # Next call throw an exception about lacking an IP
+ $request->getIP();
+ }
+
+ public static function provideLanguageData() {
+ return [
+ [ '', [], 'Empty Accept-Language header' ],
+ [ 'en', [ 'en' => 1 ], 'One language' ],
+ [ 'en, ar', [ 'en' => 1, 'ar' => 1 ], 'Two languages listed in appearance order.' ],
+ [
+ 'zh-cn,zh-tw',
+ [ 'zh-cn' => 1, 'zh-tw' => 1 ],
+ 'Two equally prefered languages, listed in appearance order per rfc3282. Checks c9119'
+ ],
+ [
+ 'es, en; q=0.5',
+ [ 'es' => 1, 'en' => '0.5' ],
+ 'Spanish as first language and English and second'
+ ],
+ [ 'en; q=0.5, es', [ 'es' => 1, 'en' => '0.5' ], 'Less prefered language first' ],
+ [ 'fr, en; q=0.5, es', [ 'fr' => 1, 'es' => 1, 'en' => '0.5' ], 'Three languages' ],
+ [ 'en; q=0.5, es', [ 'es' => 1, 'en' => '0.5' ], 'Two languages' ],
+ [ 'en, zh;q=0', [ 'en' => 1 ], "It's Chinese to me" ],
+ [
+ 'es; q=1, pt;q=0.7, it; q=0.6, de; q=0.1, ru;q=0',
+ [ 'es' => '1', 'pt' => '0.7', 'it' => '0.6', 'de' => '0.1' ],
+ 'Preference for Romance languages'
+ ],
+ [
+ 'en-gb, en-us; q=1',
+ [ 'en-gb' => 1, 'en-us' => '1' ],
+ 'Two equally prefered English variants'
+ ],
+ [ '_', [], 'Invalid input' ],
+ ];
+ }
+
+ /**
+ * @dataProvider provideLanguageData
+ * @covers WebRequest::getAcceptLang
+ */
+ public function testAcceptLang( $acceptLanguageHeader, $expectedLanguages, $description ) {
+ $_SERVER = [ 'HTTP_ACCEPT_LANGUAGE' => $acceptLanguageHeader ];
+ $request = new WebRequest();
+ $this->assertSame( $request->getAcceptLang(), $expectedLanguages, $description );
+ }
+}
scripts.mit.edu / autoinstalls / mediawiki.git / blobdiff