summaryrefslogtreecommitdiffstats
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/lib/appframework/controller/ApiControllerTest.php3
-rw-r--r--tests/lib/appframework/controller/ControllerTest.php3
-rw-r--r--tests/lib/appframework/controller/OCSControllerTest.php19
-rw-r--r--tests/lib/appframework/dependencyinjection/DIContainerTest.php3
-rw-r--r--tests/lib/appframework/http/DispatcherTest.php30
-rw-r--r--tests/lib/appframework/http/RequestTest.php804
-rw-r--r--tests/lib/appframework/middleware/MiddlewareDispatcherTest.php3
-rw-r--r--tests/lib/appframework/middleware/MiddlewareTest.php10
-rw-r--r--tests/lib/appframework/middleware/security/CORSMiddlewareTest.php17
-rw-r--r--tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php3
-rw-r--r--tests/lib/appframework/middleware/sessionmiddlewaretest.php3
-rw-r--r--tests/lib/request.php333
-rw-r--r--tests/lib/security/trusteddomainhelper.php70
-rw-r--r--tests/lib/templatelayout.php2
14 files changed, 924 insertions, 379 deletions
diff --git a/tests/lib/appframework/controller/ApiControllerTest.php b/tests/lib/appframework/controller/ApiControllerTest.php
index b2e52cc0b5c..137e5950f67 100644
--- a/tests/lib/appframework/controller/ApiControllerTest.php
+++ b/tests/lib/appframework/controller/ApiControllerTest.php
@@ -37,7 +37,8 @@ class ApiControllerTest extends \Test\TestCase {
public function testCors() {
$request = new Request(
['server' => ['HTTP_ORIGIN' => 'test']],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$this->controller = new ChildApiController('app', $request, 'verbs',
'headers', 100);
diff --git a/tests/lib/appframework/controller/ControllerTest.php b/tests/lib/appframework/controller/ControllerTest.php
index 58395d05914..78c0d9d15a1 100644
--- a/tests/lib/appframework/controller/ControllerTest.php
+++ b/tests/lib/appframework/controller/ControllerTest.php
@@ -75,7 +75,8 @@ class ControllerTest extends \Test\TestCase {
'session' => ['sezession' => 'kein'],
'method' => 'hi',
],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$this->app = $this->getMock('OC\AppFramework\DependencyInjection\DIContainer',
diff --git a/tests/lib/appframework/controller/OCSControllerTest.php b/tests/lib/appframework/controller/OCSControllerTest.php
index 3b4de1d7a05..11a9d45eb92 100644
--- a/tests/lib/appframework/controller/OCSControllerTest.php
+++ b/tests/lib/appframework/controller/OCSControllerTest.php
@@ -33,11 +33,17 @@ class ChildOCSController extends OCSController {}
class OCSControllerTest extends \Test\TestCase {
+ private $controller;
public function testCors() {
$request = new Request(
- array('server' => array('HTTP_ORIGIN' => 'test')),
- $this->getMock('\OCP\Security\ISecureRandom')
+ [
+ 'server' => [
+ 'HTTP_ORIGIN' => 'test',
+ ],
+ ],
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$controller = new ChildOCSController('app', $request, 'verbs',
'headers', 100);
@@ -57,7 +63,8 @@ class OCSControllerTest extends \Test\TestCase {
public function testXML() {
$controller = new ChildOCSController('app', new Request(
[],
- $this->getMock('\OCP\Security\ISecureRandom')
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
));
$expected = "<?xml version=\"1.0\"?>\n" .
"<ocs>\n" .
@@ -86,7 +93,8 @@ class OCSControllerTest extends \Test\TestCase {
public function testXMLDataResponse() {
$controller = new ChildOCSController('app', new Request(
[],
- $this->getMock('\OCP\Security\ISecureRandom')
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
));
$expected = "<?xml version=\"1.0\"?>\n" .
"<ocs>\n" .
@@ -115,7 +123,8 @@ class OCSControllerTest extends \Test\TestCase {
public function testJSON() {
$controller = new ChildOCSController('app', new Request(
[],
- $this->getMock('\OCP\Security\ISecureRandom')
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
));
$expected = '{"status":"OK","statuscode":400,"message":"OK",' .
'"totalitems":"","itemsperpage":"","data":{"test":"hi"}}';
diff --git a/tests/lib/appframework/dependencyinjection/DIContainerTest.php b/tests/lib/appframework/dependencyinjection/DIContainerTest.php
index 43309f64e63..0cbdddbb205 100644
--- a/tests/lib/appframework/dependencyinjection/DIContainerTest.php
+++ b/tests/lib/appframework/dependencyinjection/DIContainerTest.php
@@ -73,7 +73,8 @@ class DIContainerTest extends \Test\TestCase {
public function testMiddlewareDispatcherIncludesSecurityMiddleware(){
$this->container['Request'] = new Request(
['method' => 'GET'],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$security = $this->container['SecurityMiddleware'];
$dispatcher = $this->container['MiddlewareDispatcher'];
diff --git a/tests/lib/appframework/http/DispatcherTest.php b/tests/lib/appframework/http/DispatcherTest.php
index 832cd80e60a..02c86df8e72 100644
--- a/tests/lib/appframework/http/DispatcherTest.php
+++ b/tests/lib/appframework/http/DispatcherTest.php
@@ -24,7 +24,6 @@
namespace OC\AppFramework\Http;
-use OC\AppFramework\Middleware\MiddlewareDispatcher;
use OC\AppFramework\Utility\ControllerMethodReflector;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\JSONResponse;
@@ -33,6 +32,10 @@ use OCP\AppFramework\Controller;
class TestController extends Controller {
+ /**
+ * @param string $appName
+ * @param \OCP\IRequest $request
+ */
public function __construct($appName, $request) {
parent::__construct($appName, $request);
}
@@ -40,6 +43,9 @@ class TestController extends Controller {
/**
* @param int $int
* @param bool $bool
+ * @param int $test
+ * @param int $test2
+ * @return array
*/
public function exec($int, $bool, $test=4, $test2=1) {
$this->registerResponder('text', function($in) {
@@ -52,6 +58,9 @@ class TestController extends Controller {
/**
* @param int $int
* @param bool $bool
+ * @param int $test
+ * @param int $test2
+ * @return DataResponse
*/
public function execDataResponse($int, $bool, $test=4, $test2=1) {
return new DataResponse(array(
@@ -67,6 +76,7 @@ class DispatcherTest extends \Test\TestCase {
private $dispatcher;
private $controllerMethod;
private $response;
+ private $request;
private $lastModified;
private $etag;
private $http;
@@ -284,7 +294,8 @@ class DispatcherTest extends \Test\TestCase {
],
'method' => 'POST'
],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$this->dispatcher = new Dispatcher(
$this->http, $this->middlewareDispatcher, $this->reflector,
@@ -310,7 +321,8 @@ class DispatcherTest extends \Test\TestCase {
],
'method' => 'POST',
],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$this->dispatcher = new Dispatcher(
$this->http, $this->middlewareDispatcher, $this->reflector,
@@ -339,7 +351,8 @@ class DispatcherTest extends \Test\TestCase {
],
'method' => 'GET'
],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$this->dispatcher = new Dispatcher(
$this->http, $this->middlewareDispatcher, $this->reflector,
@@ -367,7 +380,8 @@ class DispatcherTest extends \Test\TestCase {
],
'method' => 'GET'
],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$this->dispatcher = new Dispatcher(
$this->http, $this->middlewareDispatcher, $this->reflector,
@@ -396,7 +410,8 @@ class DispatcherTest extends \Test\TestCase {
],
'method' => 'PUT'
],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$this->dispatcher = new Dispatcher(
$this->http, $this->middlewareDispatcher, $this->reflector,
@@ -427,7 +442,8 @@ class DispatcherTest extends \Test\TestCase {
],
'method' => 'POST'
],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$this->dispatcher = new Dispatcher(
$this->http, $this->middlewareDispatcher, $this->reflector,
diff --git a/tests/lib/appframework/http/RequestTest.php b/tests/lib/appframework/http/RequestTest.php
index eeba64b7f69..3185a0093c4 100644
--- a/tests/lib/appframework/http/RequestTest.php
+++ b/tests/lib/appframework/http/RequestTest.php
@@ -1,6 +1,8 @@
<?php
/**
- * Copyright (c) 2013 Thomas Tanghus (thomas@tanghus.net)
+ * @copyright 2013 Thomas Tanghus (thomas@tanghus.net)
+ * @copyright 2015 Lukas Reschke lukas@owncloud.com
+ *
* This file is licensed under the Affero General Public License version 3 or
* later.
* See the COPYING-README file.
@@ -9,12 +11,20 @@
namespace OC\AppFramework\Http;
use OCP\Security\ISecureRandom;
+use OCP\IConfig;
+/**
+ * Class RequestTest
+ *
+ * @package OC\AppFramework\Http
+ */
class RequestTest extends \Test\TestCase {
/** @var string */
protected $stream = 'fakeinput://data';
/** @var ISecureRandom */
protected $secureRandom;
+ /** @var IConfig */
+ protected $config;
protected function setUp() {
parent::setUp();
@@ -26,6 +36,7 @@ class RequestTest extends \Test\TestCase {
stream_wrapper_register('fakeinput', 'RequestStream');
$this->secureRandom = $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock();
+ $this->config = $this->getMockBuilder('\OCP\IConfig')->getMock();
}
protected function tearDown() {
@@ -39,7 +50,12 @@ class RequestTest extends \Test\TestCase {
'method' => 'GET',
);
- $request = new Request($vars, $this->secureRandom, $this->stream);
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
// Countable
$this->assertEquals(2, count($request));
@@ -66,7 +82,12 @@ class RequestTest extends \Test\TestCase {
'method' => 'GET'
);
- $request = new Request($vars, $this->secureRandom, $this->stream);
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
$this->assertEquals(3, count($request));
$this->assertEquals('Janey', $request->{'nickname'});
@@ -75,7 +96,7 @@ class RequestTest extends \Test\TestCase {
/**
- * @expectedException RuntimeException
+ * @expectedException \RuntimeException
*/
public function testImmutableArrayAccess() {
$vars = array(
@@ -83,12 +104,18 @@ class RequestTest extends \Test\TestCase {
'method' => 'GET'
);
- $request = new Request($vars, $this->secureRandom, $this->stream);
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
$request['nickname'] = 'Janey';
}
/**
- * @expectedException RuntimeException
+ * @expectedException \RuntimeException
*/
public function testImmutableMagicAccess() {
$vars = array(
@@ -96,12 +123,18 @@ class RequestTest extends \Test\TestCase {
'method' => 'GET'
);
- $request = new Request($vars, $this->secureRandom, $this->stream);
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
$request->{'nickname'} = 'Janey';
}
/**
- * @expectedException LogicException
+ * @expectedException \LogicException
*/
public function testGetTheMethodRight() {
$vars = array(
@@ -109,8 +142,14 @@ class RequestTest extends \Test\TestCase {
'method' => 'GET',
);
- $request = new Request($vars, $this->secureRandom, $this->stream);
- $result = $request->post;
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $request->post;
}
public function testTheMethodIsRight() {
@@ -119,7 +158,13 @@ class RequestTest extends \Test\TestCase {
'method' => 'GET',
);
- $request = new Request($vars, $this->secureRandom, $this->stream);
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
$this->assertEquals('GET', $request->method);
$result = $request->get;
$this->assertEquals('John Q. Public', $result['name']);
@@ -134,7 +179,13 @@ class RequestTest extends \Test\TestCase {
'server' => array('CONTENT_TYPE' => 'application/json; utf-8')
);
- $request = new Request($vars, $this->secureRandom, $this->stream);
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
$this->assertEquals('POST', $request->method);
$result = $request->post;
$this->assertEquals('John Q. Public', $result['name']);
@@ -152,7 +203,12 @@ class RequestTest extends \Test\TestCase {
'server' => array('CONTENT_TYPE' => 'application/x-www-form-urlencoded'),
);
- $request = new Request($vars, $this->secureRandom, $this->stream);
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
$this->assertEquals('PATCH', $request->method);
$result = $request->patch;
@@ -171,7 +227,12 @@ class RequestTest extends \Test\TestCase {
'server' => array('CONTENT_TYPE' => 'application/json; utf-8'),
);
- $request = new Request($vars, $this->secureRandom, $this->stream);
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
$this->assertEquals('PUT', $request->method);
$result = $request->put;
@@ -186,7 +247,12 @@ class RequestTest extends \Test\TestCase {
'server' => array('CONTENT_TYPE' => 'application/json; utf-8'),
);
- $request = new Request($vars, $this->secureRandom, $this->stream);
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
$this->assertEquals('PATCH', $request->method);
$result = $request->patch;
@@ -205,7 +271,13 @@ class RequestTest extends \Test\TestCase {
'server' => array('CONTENT_TYPE' => 'image/png'),
);
- $request = new Request($vars, $this->secureRandom, $this->stream);
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
$this->assertEquals('PUT', $request->method);
$resource = $request->put;
$contents = stream_get_contents($resource);
@@ -228,7 +300,12 @@ class RequestTest extends \Test\TestCase {
'urlParams' => array('id' => '2'),
);
- $request = new Request($vars, $this->secureRandom, $this->stream);
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
$newParams = array('id' => '3', 'test' => 'test2');
$request->setUrlParameters($newParams);
@@ -244,7 +321,13 @@ class RequestTest extends \Test\TestCase {
],
];
- $request = new Request($vars, $this->secureRandom, $this->stream);
+ $request = new Request(
+ $vars,
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
$this->assertSame('GeneratedUniqueIdByModUnique', $request->getId());
}
@@ -261,14 +344,695 @@ class RequestTest extends \Test\TestCase {
->method('getLowStrengthGenerator')
->will($this->returnValue($lowRandomSource));
- $request = new Request([], $this->secureRandom, $this->stream);
+ $request = new Request(
+ [],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
$this->assertSame('GeneratedByOwnCloudItself', $request->getId());
}
public function testGetIdWithoutModUniqueStable() {
- $request = new Request([], \OC::$server->getSecureRandom(), $this->stream);
+ $request = new Request(
+ [],
+ \OC::$server->getSecureRandom(),
+ $this->config,
+ $this->stream
+ );
$firstId = $request->getId();
$secondId = $request->getId();
$this->assertSame($firstId, $secondId);
}
+
+ public function testGetRemoteAddressWithoutTrustedRemote() {
+ $this->config
+ ->expects($this->once())
+ ->method('getSystemValue')
+ ->with('trusted_proxies')
+ ->will($this->returnValue([]));
+
+ $request = new Request(
+ [
+ 'server' => [
+ 'REMOTE_ADDR' => '10.0.0.2',
+ 'HTTP_X_FORWARDED' => '10.4.0.5, 10.4.0.4',
+ 'HTTP_X_FORWARDED_FOR' => '192.168.0.233'
+ ],
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertSame('10.0.0.2', $request->getRemoteAddress());
+ }
+
+ public function testGetRemoteAddressWithNoTrustedHeader() {
+ $this->config
+ ->expects($this->at(0))
+ ->method('getSystemValue')
+ ->with('trusted_proxies')
+ ->will($this->returnValue(['10.0.0.2']));
+ $this->config
+ ->expects($this->at(1))
+ ->method('getSystemValue')
+ ->with('forwarded_for_headers')
+ ->will($this->returnValue([]));
+
+ $request = new Request(
+ [
+ 'server' => [
+ 'REMOTE_ADDR' => '10.0.0.2',
+ 'HTTP_X_FORWARDED' => '10.4.0.5, 10.4.0.4',
+ 'HTTP_X_FORWARDED_FOR' => '192.168.0.233'
+ ],
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertSame('10.0.0.2', $request->getRemoteAddress());
+ }
+
+ public function testGetRemoteAddressWithSingleTrustedRemote() {
+ $this->config
+ ->expects($this->at(0))
+ ->method('getSystemValue')
+ ->with('trusted_proxies')
+ ->will($this->returnValue(['10.0.0.2']));
+ $this->config
+ ->expects($this->at(1))
+ ->method('getSystemValue')
+ ->with('forwarded_for_headers')
+ ->will($this->returnValue(['HTTP_X_FORWARDED']));
+
+ $request = new Request(
+ [
+ 'server' => [
+ 'REMOTE_ADDR' => '10.0.0.2',
+ 'HTTP_X_FORWARDED' => '10.4.0.5, 10.4.0.4',
+ 'HTTP_X_FORWARDED_FOR' => '192.168.0.233'
+ ],
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertSame('10.4.0.5', $request->getRemoteAddress());
+ }
+
+ public function testGetRemoteAddressVerifyPriorityHeader() {
+ $this->config
+ ->expects($this->at(0))
+ ->method('getSystemValue')
+ ->with('trusted_proxies')
+ ->will($this->returnValue(['10.0.0.2']));
+ $this->config
+ ->expects($this->at(1))
+ ->method('getSystemValue')
+ ->with('forwarded_for_headers')
+ ->will($this->returnValue([
+ 'HTTP_CLIENT_IP',
+ 'HTTP_X_FORWARDED_FOR',
+ 'HTTP_X_FORWARDED'
+ ]));
+
+ $request = new Request(
+ [
+ 'server' => [
+ 'REMOTE_ADDR' => '10.0.0.2',
+ 'HTTP_X_FORWARDED' => '10.4.0.5, 10.4.0.4',
+ 'HTTP_X_FORWARDED_FOR' => '192.168.0.233'
+ ],
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertSame('192.168.0.233', $request->getRemoteAddress());
+ }
+
+ public function testGetServerProtocolWithOverride() {
+ $this->config
+ ->expects($this->at(0))
+ ->method('getSystemValue')
+ ->with('overwriteprotocol')
+ ->will($this->returnValue('customProtocol'));
+ $this->config
+ ->expects($this->at(1))
+ ->method('getSystemValue')
+ ->with('overwritecondaddr')
+ ->will($this->returnValue(''));
+ $this->config
+ ->expects($this->at(2))
+ ->method('getSystemValue')
+ ->with('overwriteprotocol')
+ ->will($this->returnValue('customProtocol'));
+
+ $request = new Request(
+ [],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertSame('customProtocol', $request->getServerProtocol());
+ }
+
+ public function testGetServerProtocolWithProtoValid() {
+ $this->config
+ ->expects($this->exactly(2))
+ ->method('getSystemValue')
+ ->with('overwriteprotocol')
+ ->will($this->returnValue(''));
+
+ $requestHttps = new Request(
+ [
+ 'server' => [
+ 'HTTP_X_FORWARDED_PROTO' => 'HtTpS'
+ ],
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+ $requestHttp = new Request(
+ [
+ 'server' => [
+ 'HTTP_X_FORWARDED_PROTO' => 'HTTp'
+ ],
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+
+ $this->assertSame('https', $requestHttps->getServerProtocol());
+ $this->assertSame('http', $requestHttp->getServerProtocol());
+ }
+
+ public function testGetServerProtocolWithHttpsServerValueOn() {
+ $this->config
+ ->expects($this->once())
+ ->method('getSystemValue')
+ ->with('overwriteprotocol')
+ ->will($this->returnValue(''));
+
+ $request = new Request(
+ [
+ 'server' => [
+ 'HTTPS' => 'on'
+ ],
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+ $this->assertSame('https', $request->getServerProtocol());
+ }
+
+ public function testGetServerProtocolWithHttpsServerValueOff() {
+ $this->config
+ ->expects($this->once())
+ ->method('getSystemValue')
+ ->with('overwriteprotocol')
+ ->will($this->returnValue(''));
+
+ $request = new Request(
+ [
+ 'server' => [
+ 'HTTPS' => 'off'
+ ],
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+ $this->assertSame('http', $request->getServerProtocol());
+ }
+
+ public function testGetServerProtocolDefault() {
+ $this->config
+ ->expects($this->once())
+ ->method('getSystemValue')
+ ->with('overwriteprotocol')
+ ->will($this->returnValue(''));
+
+ $request = new Request(
+ [],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+ $this->assertSame('http', $request->getServerProtocol());
+ }
+
+ /**
+ * @dataProvider userAgentProvider
+ * @param string $testAgent
+ * @param array $userAgent
+ * @param bool $matches
+ */
+ public function testUserAgent($testAgent, $userAgent, $matches) {
+ $request = new Request(
+ [
+ 'server' => [
+ 'HTTP_USER_AGENT' => $testAgent,
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertEquals($matches, $request->isUserAgent($userAgent));
+ }
+
+ /**
+ * @return array
+ */
+ function userAgentProvider() {
+ return [
+ [
+ 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)',
+ [
+ Request::USER_AGENT_IE
+ ],
+ true,
+ ],
+ [
+ 'Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0',
+ [
+ Request::USER_AGENT_IE
+ ],
+ false,
+ ],
+ [
+ 'Mozilla/5.0 (Linux; Android 4.4; Nexus 4 Build/KRT16S) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.59 Mobile Safari/537.36',
+ [
+ Request::USER_AGENT_ANDROID_MOBILE_CHROME
+ ],
+ true,
+ ],
+ [
+ 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)',
+ [
+ Request::USER_AGENT_ANDROID_MOBILE_CHROME
+ ],
+ false,
+ ],
+ [
+ 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)',
+ [
+ Request::USER_AGENT_IE,
+ Request::USER_AGENT_ANDROID_MOBILE_CHROME,
+ ],
+ true,
+ ],
+ [
+ 'Mozilla/5.0 (Linux; Android 4.4; Nexus 4 Build/KRT16S) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.59 Mobile Safari/537.36',
+ [
+ Request::USER_AGENT_IE,
+ Request::USER_AGENT_ANDROID_MOBILE_CHROME,
+ ],
+ true,
+ ],
+ [
+ 'Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0',
+ [
+ Request::USER_AGENT_FREEBOX
+ ],
+ false,
+ ],
+ [
+ 'Mozilla/5.0',
+ [
+ Request::USER_AGENT_FREEBOX
+ ],
+ true,
+ ],
+ [
+ 'Fake Mozilla/5.0',
+ [
+ Request::USER_AGENT_FREEBOX
+ ],
+ false,
+ ],
+ ];
+ }
+
+ public function testInsecureServerHostServerNameHeader() {
+ $request = new Request(
+ [
+ 'server' => [
+ 'SERVER_NAME' => 'from.server.name:8080',
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertEquals('from.server.name:8080', $request->getInsecureServerHost());
+ }
+
+ public function testInsecureServerHostHttpHostHeader() {
+ $request = new Request(
+ [
+ 'server' => [
+ 'SERVER_NAME' => 'from.server.name:8080',
+ 'HTTP_HOST' => 'from.host.header:8080',
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertEquals('from.host.header:8080', $request->getInsecureServerHost());
+ }
+
+ public function testInsecureServerHostHttpFromForwardedHeaderSingle() {
+ $request = new Request(
+ [
+ 'server' => [
+ 'SERVER_NAME' => 'from.server.name:8080',
+ 'HTTP_HOST' => 'from.host.header:8080',
+ 'HTTP_X_FORWARDED_HOST' => 'from.forwarded.host:8080',
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertEquals('from.forwarded.host:8080', $request->getInsecureServerHost());
+ }
+
+ public function testInsecureServerHostHttpFromForwardedHeaderStacked() {
+ $request = new Request(
+ [
+ 'server' => [
+ 'SERVER_NAME' => 'from.server.name:8080',
+ 'HTTP_HOST' => 'from.host.header:8080',
+ 'HTTP_X_FORWARDED_HOST' => 'from.forwarded.host2:8080,another.one:9000',
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertEquals('from.forwarded.host2:8080', $request->getInsecureServerHost());
+ }
+
+ public function testGetServerHost() {
+ $request = new Request(
+ [],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertEquals('localhost', $request->getServerHost());
+ }
+
+ public function testGetOverwriteHostDefaultNull() {
+ $this->config
+ ->expects($this->once())
+ ->method('getSystemValue')
+ ->with('overwritehost')
+ ->will($this->returnValue(''));
+ $request = new Request(
+ [],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertNull(\Test_Helper::invokePrivate($request, 'getOverwriteHost'));
+ }
+
+ public function testGetOverwriteHostWithOverwrite() {
+ $this->config
+ ->expects($this->at(0))
+ ->method('getSystemValue')
+ ->with('overwritehost')
+ ->will($this->returnValue('www.owncloud.org'));
+ $this->config
+ ->expects($this->at(1))
+ ->method('getSystemValue')
+ ->with('overwritecondaddr')
+ ->will($this->returnValue(''));
+ $this->config
+ ->expects($this->at(2))
+ ->method('getSystemValue')
+ ->with('overwritehost')
+ ->will($this->returnValue('www.owncloud.org'));
+
+ $request = new Request(
+ [],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertSame('www.owncloud.org', \Test_Helper::invokePrivate($request, 'getOverwriteHost'));
+ }
+
+ public function testGetPathInfoWithSetEnv() {
+ $request = new Request(
+ [
+ 'server' => [
+ 'PATH_INFO' => 'apps/files/',
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertEquals('apps/files/', $request->getPathInfo());
+ }
+
+ /**
+ * @expectedException \Exception
+ * @expectedExceptionMessage The requested uri(/foo.php) cannot be processed by the script '/var/www/index.php')
+ */
+ public function testGetPathInfoNotProcessible() {
+ $request = new Request(
+ [
+ 'server' => [
+ 'REQUEST_URI' => '/foo.php',
+ 'SCRIPT_NAME' => '/var/www/index.php',
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $request->getPathInfo();
+ }
+
+ /**
+ * @expectedException \Exception
+ * @expectedExceptionMessage The requested uri(/foo.php) cannot be processed by the script '/var/www/index.php')
+ */
+ public function testGetRawPathInfoNotProcessible() {
+ $request = new Request(
+ [
+ 'server' => [
+ 'REQUEST_URI' => '/foo.php',
+ 'SCRIPT_NAME' => '/var/www/index.php',
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $request->getRawPathInfo();
+ }
+
+ /**
+ * @dataProvider genericPathInfoProvider
+ * @param string $requestUri
+ * @param string $scriptName
+ * @param string $expected
+ */
+ public function testGetPathInfoWithoutSetEnvGeneric($requestUri, $scriptName, $expected) {
+ $request = new Request(
+ [
+ 'server' => [
+ 'REQUEST_URI' => $requestUri,
+ 'SCRIPT_NAME' => $scriptName,
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertEquals($expected, $request->getPathInfo());
+ }
+
+ /**
+ * @dataProvider genericPathInfoProvider
+ * @param string $requestUri
+ * @param string $scriptName
+ * @param string $expected
+ */
+ public function testGetRawPathInfoWithoutSetEnvGeneric($requestUri, $scriptName, $expected) {
+ $request = new Request(
+ [
+ 'server' => [
+ 'REQUEST_URI' => $requestUri,
+ 'SCRIPT_NAME' => $scriptName,
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertEquals($expected, $request->getRawPathInfo());
+ }
+
+ /**
+ * @dataProvider rawPathInfoProvider
+ * @param string $requestUri
+ * @param string $scriptName
+ * @param string $expected
+ */
+ public function testGetRawPathInfoWithoutSetEnv($requestUri, $scriptName, $expected) {
+ $request = new Request(
+ [
+ 'server' => [
+ 'REQUEST_URI' => $requestUri,
+ 'SCRIPT_NAME' => $scriptName,
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertEquals($expected, $request->getRawPathInfo());
+ }
+
+ /**
+ * @dataProvider pathInfoProvider
+ * @param string $requestUri
+ * @param string $scriptName
+ * @param string $expected
+ */
+ public function testGetPathInfoWithoutSetEnv($requestUri, $scriptName, $expected) {
+ $request = new Request(
+ [
+ 'server' => [
+ 'REQUEST_URI' => $requestUri,
+ 'SCRIPT_NAME' => $scriptName,
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertEquals($expected, $request->getPathInfo());
+ }
+
+ /**
+ * @return array
+ */
+ public function genericPathInfoProvider() {
+ return [
+ ['/index.php/apps/files/', 'index.php', '/apps/files/'],
+ ['/index.php/apps/files/../&amp;/&?someQueryParameter=QueryParam', 'index.php', '/apps/files/../&amp;/&'],
+ ['/remote.php/漢字編碼方法 / 汉字编码方法', 'remote.php', '/漢字編碼方法 / 汉字编码方法'],
+ ['///removeTrailin//gSlashes///', 'remote.php', '/removeTrailin/gSlashes/'],
+ ['/', '/', ''],
+ ['', '', ''],
+ ];
+ }
+
+ /**
+ * @return array
+ */
+ public function rawPathInfoProvider() {
+ return [
+ ['/foo%2Fbar/subfolder', '', 'foo%2Fbar/subfolder'],
+ ];
+ }
+
+ /**
+ * @return array
+ */
+ public function pathInfoProvider() {
+ return [
+ ['/foo%2Fbar/subfolder', '', 'foo/bar/subfolder'],
+ ];
+ }
+
+ public function testGetRequestUriWithoutOverwrite() {
+ $this->config
+ ->expects($this->once())
+ ->method('getSystemValue')
+ ->with('overwritewebroot')
+ ->will($this->returnValue(''));
+
+ $request = new Request(
+ [
+ 'server' => [
+ 'REQUEST_URI' => '/test.php'
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ );
+
+ $this->assertSame('/test.php', $request->getRequestUri());
+ }
+
+ public function testGetRequestUriWithOverwrite() {
+ $this->config
+ ->expects($this->at(0))
+ ->method('getSystemValue')
+ ->with('overwritewebroot')
+ ->will($this->returnValue('/owncloud/'));
+ $this->config
+ ->expects($this->at(1))
+ ->method('getSystemValue')
+ ->with('overwritecondaddr')
+ ->will($this->returnValue(''));
+
+ $request = $this->getMockBuilder('\OC\AppFramework\Http\Request')
+ ->setMethods(['getScriptName'])
+ ->setConstructorArgs([
+ [
+ 'server' => [
+ 'REQUEST_URI' => '/test.php/some/PathInfo',
+ 'SCRIPT_NAME' => '/test.php',
+ ]
+ ],
+ $this->secureRandom,
+ $this->config,
+ $this->stream
+ ])
+ ->getMock();
+ $request
+ ->expects($this->once())
+ ->method('getScriptName')
+ ->will($this->returnValue('/scriptname.php'));
+
+ $this->assertSame('/scriptname.php/some/PathInfo', $request->getRequestUri());
+ }
}
diff --git a/tests/lib/appframework/middleware/MiddlewareDispatcherTest.php b/tests/lib/appframework/middleware/MiddlewareDispatcherTest.php
index 078543c7b59..a8731525798 100644
--- a/tests/lib/appframework/middleware/MiddlewareDispatcherTest.php
+++ b/tests/lib/appframework/middleware/MiddlewareDispatcherTest.php
@@ -132,7 +132,8 @@ class MiddlewareDispatcherTest extends \Test\TestCase {
['app',
new Request(
['method' => 'GET'],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
)
]
);
diff --git a/tests/lib/appframework/middleware/MiddlewareTest.php b/tests/lib/appframework/middleware/MiddlewareTest.php
index fcc0c300a8a..33f04e1383d 100644
--- a/tests/lib/appframework/middleware/MiddlewareTest.php
+++ b/tests/lib/appframework/middleware/MiddlewareTest.php
@@ -26,7 +26,7 @@ namespace OC\AppFramework;
use OC\AppFramework\Http\Request;
use OCP\AppFramework\Middleware;
-
+use OCP\AppFramework\Http\Response;
class ChildMiddleware extends Middleware {};
@@ -40,6 +40,8 @@ class MiddlewareTest extends \Test\TestCase {
private $controller;
private $exception;
private $api;
+ /** @var Response */
+ private $response;
protected function setUp(){
parent::setUp();
@@ -56,7 +58,11 @@ class MiddlewareTest extends \Test\TestCase {
[],
[
$this->api,
- new Request([], $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock())
+ new Request(
+ [],
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
+ )
]
);
$this->exception = new \Exception();
diff --git a/tests/lib/appframework/middleware/security/CORSMiddlewareTest.php b/tests/lib/appframework/middleware/security/CORSMiddlewareTest.php
index 57a7c524abe..a4f3137cb11 100644
--- a/tests/lib/appframework/middleware/security/CORSMiddlewareTest.php
+++ b/tests/lib/appframework/middleware/security/CORSMiddlewareTest.php
@@ -37,7 +37,8 @@ class CORSMiddlewareTest extends \Test\TestCase {
'HTTP_ORIGIN' => 'test'
]
],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$this->reflector->reflect($this, __FUNCTION__);
$middleware = new CORSMiddleware($request, $this->reflector);
@@ -55,7 +56,8 @@ class CORSMiddlewareTest extends \Test\TestCase {
'HTTP_ORIGIN' => 'test'
]
],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$middleware = new CORSMiddleware($request, $this->reflector);
@@ -69,7 +71,11 @@ class CORSMiddlewareTest extends \Test\TestCase {
* @CORS
*/
public function testNoOriginHeaderNoCORSHEADER() {
- $request = new Request([], $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock());
+ $request = new Request(
+ [],
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
+ );
$this->reflector->reflect($this, __FUNCTION__);
$middleware = new CORSMiddleware($request, $this->reflector);
@@ -90,14 +96,15 @@ class CORSMiddlewareTest extends \Test\TestCase {
'HTTP_ORIGIN' => 'test'
]
],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$this->reflector->reflect($this, __FUNCTION__);
$middleware = new CORSMiddleware($request, $this->reflector);
$response = new Response();
$response->addHeader('AcCess-control-Allow-Credentials ', 'TRUE');
- $response = $middleware->afterController($this, __FUNCTION__, $response);
+ $middleware->afterController($this, __FUNCTION__, $response);
}
}
diff --git a/tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php b/tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php
index 3acba7ce1d8..347a0423ea6 100644
--- a/tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php
+++ b/tests/lib/appframework/middleware/security/SecurityMiddlewareTest.php
@@ -321,7 +321,8 @@ class SecurityMiddlewareTest extends \Test\TestCase {
'REQUEST_URI' => 'owncloud/index.php/apps/specialapp'
]
],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMock('\OCP\Security\ISecureRandom'),
+ $this->getMock('\OCP\IConfig')
);
$this->middleware = $this->getMiddleware(true, true);
$response = $this->middleware->afterException($this->controller, 'test',
diff --git a/tests/lib/appframework/middleware/sessionmiddlewaretest.php b/tests/lib/appframework/middleware/sessionmiddlewaretest.php
index c417225d908..11c1600f515 100644
--- a/tests/lib/appframework/middleware/sessionmiddlewaretest.php
+++ b/tests/lib/appframework/middleware/sessionmiddlewaretest.php
@@ -35,7 +35,8 @@ class SessionMiddlewareTest extends \Test\TestCase {
$this->request = new Request(
[],
- $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock()
+ $this->getMockBuilder('\OCP\Security\ISecureRandom')->getMock(),
+ $this->getMock('\OCP\IConfig')
);
$this->reflector = new ControllerMethodReflector();
}
diff --git a/tests/lib/request.php b/tests/lib/request.php
deleted file mode 100644
index dd6d1e47cd5..00000000000
--- a/tests/lib/request.php
+++ /dev/null
@@ -1,333 +0,0 @@
-<?php
-/**
- * Copyright (c) 2013 Thomas Müller <thomas.mueller@tmit.eu>
- * This file is licensed under the Affero General Public License version 3 or
- * later.
- * See the COPYING-README file.
- */
-
-class Test_Request extends \Test\TestCase {
-
- protected function setUp() {
- parent::setUp();
-
- OC::$server->getConfig()->setSystemValue('overwritewebroot', '/domain.tld/ownCloud');
-
- OC::$server->getConfig()->setSystemValue('trusted_proxies', array());
- OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array());
- }
-
- protected function tearDown() {
- OC::$server->getConfig()->setSystemValue('overwritewebroot', '');
- OC::$server->getConfig()->setSystemValue('trusted_proxies', array());
- OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array());
-
- parent::tearDown();
- }
-
- public function testScriptNameOverWrite() {
- $_SERVER['REMOTE_ADDR'] = '10.0.0.1';
- $_SERVER['SCRIPT_FILENAME'] = __FILE__;
-
- $scriptName = OC_Request::scriptName();
- $this->assertEquals('/domain.tld/ownCloud/tests/lib/request.php', $scriptName);
- }
-
- public function testGetRemoteAddress() {
- $_SERVER['REMOTE_ADDR'] = '10.0.0.2';
- $_SERVER['HTTP_X_FORWARDED'] = '10.4.0.5, 10.4.0.4';
- $_SERVER['HTTP_X_FORWARDED_FOR'] = '192.168.0.233';
-
- // Without having specified a trusted remote address
- $this->assertEquals('10.0.0.2', OC_Request::getRemoteAddress());
-
- // With specifying a trusted remote address but no trusted header
- OC::$server->getConfig()->setSystemValue('trusted_proxies', array('10.0.0.2'));
- $this->assertEquals('10.0.0.2', OC_Request::getRemoteAddress());
-
- // With specifying a trusted remote address and trusted headers
- OC::$server->getConfig()->setSystemValue('trusted_proxies', array('10.0.0.2'));
- OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_X_FORWARDED'));
- $this->assertEquals('10.4.0.5', OC_Request::getRemoteAddress());
- OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED'));
- $this->assertEquals('192.168.0.233', OC_Request::getRemoteAddress());
-
- // With specifying multiple trusted remote addresses and trusted headers
- OC::$server->getConfig()->setSystemValue('trusted_proxies', array('10.3.4.2', '10.0.0.2', '127.0.3.3'));
- OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_X_FORWARDED'));
- $this->assertEquals('10.4.0.5', OC_Request::getRemoteAddress());
- OC::$server->getConfig()->setSystemValue('forwarded_for_headers', array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED'));
- $this->assertEquals('192.168.0.233', OC_Request::getRemoteAddress());
- }
-
- /**
- * @dataProvider rawPathInfoProvider
- * @param $expected
- * @param $requestUri
- * @param $scriptName
- */
- public function testRawPathInfo($expected, $requestUri, $scriptName) {
- $_SERVER['REQUEST_URI'] = $requestUri;
- $_SERVER['SCRIPT_NAME'] = $scriptName;
- $rawPathInfo = OC_Request::getRawPathInfo();
- $this->assertEquals($expected, $rawPathInfo);
- }
-
- function rawPathInfoProvider() {
- return array(
- array('/core/ajax/translations.php', 'index.php/core/ajax/translations.php', 'index.php'),
- array('/core/ajax/translations.php', '/index.php/core/ajax/translations.php', '/index.php'),
- array('/core/ajax/translations.php', '//index.php/core/ajax/translations.php', '/index.php'),
- array('', '/oc/core', '/oc/core/index.php'),
- array('', '/oc/core/', '/oc/core/index.php'),
- array('', '/oc/core/index.php', '/oc/core/index.php'),
- array('/core/ajax/translations.php', '/core/ajax/translations.php', 'index.php'),
- array('/core/ajax/translations.php', '//core/ajax/translations.php', '/index.php'),
- array('/core/ajax/translations.php', '/oc/core/ajax/translations.php', '/oc/index.php'),
- array('/core/ajax/translations.php', '/oc//index.php/core/ajax/translations.php', '/oc/index.php'),
- array('/1', '/oc/core/1', '/oc/core/index.php'),
- );
- }
-
- /**
- * @dataProvider rawPathInfoThrowsExceptionProvider
- * @expectedException Exception
- *
- * @param $requestUri
- * @param $scriptName
- */
- public function testRawPathInfoThrowsException($requestUri, $scriptName) {
- $_SERVER['REQUEST_URI'] = $requestUri;
- $_SERVER['SCRIPT_NAME'] = $scriptName;
- OC_Request::getRawPathInfo();
- }
-
- function rawPathInfoThrowsExceptionProvider() {
- return array(
- array('/oc/core1', '/oc/core/index.php'),
- );
- }
-
- /**
- * @dataProvider userAgentProvider
- */
- public function testUserAgent($testAgent, $userAgent, $matches) {
- $_SERVER['HTTP_USER_AGENT'] = $testAgent;
- $this->assertEquals($matches, OC_Request::isUserAgent($userAgent));
- }
-
- function userAgentProvider() {
- return array(
- array(
- 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)',
- OC_Request::USER_AGENT_IE,
- true
- ),
- array(
- 'Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0',
- OC_Request::USER_AGENT_IE,
- false
- ),
- array(
- 'Mozilla/5.0 (Linux; Android 4.4; Nexus 4 Build/KRT16S) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.59 Mobile Safari/537.36',
- OC_Request::USER_AGENT_ANDROID_MOBILE_CHROME,
- true
- ),
- array(
- 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)',
- OC_Request::USER_AGENT_ANDROID_MOBILE_CHROME,
- false
- ),
- // test two values
- array(
- 'Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)',
- array(
- OC_Request::USER_AGENT_IE,
- OC_Request::USER_AGENT_ANDROID_MOBILE_CHROME,
- ),
- true
- ),
- array(
- 'Mozilla/5.0 (Linux; Android 4.4; Nexus 4 Build/KRT16S) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.59 Mobile Safari/537.36',
- array(
- OC_Request::USER_AGENT_IE,
- OC_Request::USER_AGENT_ANDROID_MOBILE_CHROME,
- ),
- true
- ),
- array(
- 'Mozilla/5.0 (X11; Linux i686; rv:24.0) Gecko/20100101 Firefox/24.0',
- OC_Request::USER_AGENT_FREEBOX,
- false
- ),
- array(
- 'Mozilla/5.0',
- OC_Request::USER_AGENT_FREEBOX,
- true
- ),
- array(
- 'Fake Mozilla/5.0',
- OC_Request::USER_AGENT_FREEBOX,
- false
- ),
- );
- }
-
- public function testInsecureServerHost() {
- unset($_SERVER['HTTP_X_FORWARDED_HOST']);
- unset($_SERVER['HTTP_HOST']);
- unset($_SERVER['SERVER_NAME']);
- $_SERVER['SERVER_NAME'] = 'from.server.name:8080';
- $host = OC_Request::insecureServerHost();
- $this->assertEquals('from.server.name:8080', $host);
-
- $_SERVER['HTTP_HOST'] = 'from.host.header:8080';
- $host = OC_Request::insecureServerHost();
- $this->assertEquals('from.host.header:8080', $host);
-
- $_SERVER['HTTP_X_FORWARDED_HOST'] = 'from.forwarded.host:8080';
- $host = OC_Request::insecureServerHost();
- $this->assertEquals('from.forwarded.host:8080', $host);
-
- $_SERVER['HTTP_X_FORWARDED_HOST'] = 'from.forwarded.host2:8080,another.one:9000';
- $host = OC_Request::insecureServerHost();
- $this->assertEquals('from.forwarded.host2:8080', $host);
-
- // clean up
- unset($_SERVER['HTTP_X_FORWARDED_HOST']);
- unset($_SERVER['HTTP_HOST']);
- unset($_SERVER['SERVER_NAME']);
- }
-
- public function testGetOverwriteHost() {
- unset($_SERVER['REMOTE_ADDR']);
- OC_Config::deleteKey('overwritecondaddr');
- OC_Config::deleteKey('overwritehost');
- $host = OC_Request::getOverwriteHost();
- $this->assertNull($host);
-
- OC_Config::setValue('overwritehost', '');
- $host = OC_Request::getOverwriteHost();
- $this->assertNull($host);
-
- OC_Config::setValue('overwritehost', 'host.one.test:8080');
- $host = OC_Request::getOverwriteHost();
- $this->assertEquals('host.one.test:8080', $host);
-
- $_SERVER['REMOTE_ADDR'] = 'somehost.test:8080';
- OC_Config::setValue('overwritecondaddr', '^somehost\..*$');
- $host = OC_Request::getOverwriteHost();
- $this->assertEquals('host.one.test:8080', $host);
-
- OC_Config::setValue('overwritecondaddr', '^somethingelse.*$');
- $host = OC_Request::getOverwriteHost();
- $this->assertNull($host);
-
- // clean up
- unset($_SERVER['REMOTE_ADDR']);
- OC_Config::deleteKey('overwritecondaddr');
- OC_Config::deleteKey('overwritehost');
- }
-
- public function hostWithPortProvider() {
- return array(
- array('localhost:500', 'localhost'),
- array('foo.com', 'foo.com'),
- array('[1fff:0:a88:85a3::ac1f]:801', '[1fff:0:a88:85a3::ac1f]'),
- array('[1fff:0:a88:85a3::ac1f]', '[1fff:0:a88:85a3::ac1f]')
- );
- }
-
- /**
- * @dataProvider hostWithPortProvider
- */
- public function testGetDomainWithoutPort($hostWithPort, $host) {
- $this->assertEquals($host, OC_Request::getDomainWithoutPort($hostWithPort));
-
- }
-
- /**
- * @dataProvider trustedDomainDataProvider
- */
- public function testIsTrustedDomain($trustedDomains, $testDomain, $result) {
- OC_Config::deleteKey('trusted_domains');
- if ($trustedDomains !== null) {
- OC_Config::setValue('trusted_domains', $trustedDomains);
- }
-
- $this->assertEquals($result, OC_Request::isTrustedDomain($testDomain));
-
- // clean up
- OC_Config::deleteKey('trusted_domains');
- }
-
- public function trustedDomainDataProvider() {
- $trustedHostTestList = array('host.one.test', 'host.two.test', '[1fff:0:a88:85a3::ac1f]');
- return array(
- // empty defaults to true
- array(null, 'host.one.test:8080', true),
- array('', 'host.one.test:8080', true),
- array(array(), 'host.one.test:8080', true),
-
- // trust list when defined
- array($trustedHostTestList, 'host.two.test:8080', true),
- array($trustedHostTestList, 'host.two.test:9999', true),
- array($trustedHostTestList, 'host.three.test:8080', false),
- array($trustedHostTestList, 'host.two.test:8080:aa:222', false),
- array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]', true),
- array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]:801', true),
- array($trustedHostTestList, '[1fff:0:a88:85a3::ac1f]:801:34', false),
-
- // trust localhost regardless of trust list
- array($trustedHostTestList, 'localhost', true),
- array($trustedHostTestList, 'localhost:8080', true),
- array($trustedHostTestList, '127.0.0.1', true),
- array($trustedHostTestList, '127.0.0.1:8080', true),
-
- // do not trust invalid localhosts
- array($trustedHostTestList, 'localhost:1:2', false),
- array($trustedHostTestList, 'localhost: evil.host', false),
- );
- }
-
- public function testServerHost() {
- OC_Config::deleteKey('overwritecondaddr');
- OC_Config::setValue('overwritehost', 'overwritten.host:8080');
- OC_Config::setValue(
- 'trusted_domains',
- array(
- 'trusted.host:8080',
- 'second.trusted.host:8080'
- )
- );
- $_SERVER['HTTP_HOST'] = 'trusted.host:8080';
-
- // CLI always gives localhost
- $oldCLI = OC::$CLI;
- OC::$CLI = true;
- $host = OC_Request::serverHost();
- $this->assertEquals('localhost', $host);
- OC::$CLI = false;
-
- // overwritehost overrides trusted domain
- $host = OC_Request::serverHost();
- $this->assertEquals('overwritten.host:8080', $host);
-
- // trusted domain returned when used
- OC_Config::deleteKey('overwritehost');
- $host = OC_Request::serverHost();
- $this->assertEquals('trusted.host:8080', $host);
-
- // trusted domain returned when untrusted one in header
- $_SERVER['HTTP_HOST'] = 'untrusted.host:8080';
- OC_Config::deleteKey('overwritehost');
- $host = OC_Request::serverHost();
- $this->assertEquals('trusted.host:8080', $host);
-
- // clean up
- OC_Config::deleteKey('overwritecondaddr');
- OC_Config::deleteKey('overwritehost');
- unset($_SERVER['HTTP_HOST']);
- OC::$CLI = $oldCLI;
- }
-}
diff --git a/tests/lib/security/trusteddomainhelper.php b/tests/lib/security/trusteddomainhelper.php
new file mode 100644
index 00000000000..c8d5ffa587b
--- /dev/null
+++ b/tests/lib/security/trusteddomainhelper.php
@@ -0,0 +1,70 @@
+<?php
+/**
+ * Copyright (c) 2015 Lukas Reschke <lukas@owncloud.com>
+ * This file is licensed under the Affero General Public License version 3 or
+ * later.
+ * See the COPYING-README file.
+ */
+
+use \OC\Security\TrustedDomainHelper;
+use OCP\IConfig;
+
+/**
+ * Class TrustedDomainHelperTest
+ */
+class TrustedDomainHelperTest extends \Test\TestCase {
+ /** @var IConfig */
+ protected $config;
+
+ protected function setUp() {
+ parent::setUp();
+
+ $this->config = $this->getMockBuilder('\OCP\IConfig')->getMock();
+ }
+
+ /**
+ * @dataProvider trustedDomainDataProvider
+ * @param string $trustedDomains
+ * @param string $testDomain
+ * @param bool $result
+ */
+ public function testIsTrustedDomain($trustedDomains, $testDomain, $result) {
+ $this->config->expects($this->once())
+ ->method('getSystemValue')
+ ->with('trusted_domains')
+ ->will($this->returnValue($trustedDomains));
+
+ $trustedDomainHelper = new TrustedDomainHelper($this->config);
+ $this->assertEquals($result, $trustedDomainHelper->isTrustedDomain($testDomain));
+ }
+
+ /**
+ * @return array
+ */
+ public function trustedDomainDataProvider() {
+ $trustedHostTestList = ['host.one.test', 'host.two.test', '[1fff:0:a88:85a3::ac1f]'];
+ return [
+ // empty defaults to false with 8.1
+ [null, 'host.one.test:8080', false],
+ ['', 'host.one.test:8080', false],
+ [[], 'host.one.test:8080', false],
+ // trust list when defined
+ [$trustedHostTestList, 'host.two.test:8080', true],
+ [$trustedHostTestList, 'host.two.test:9999', true],
+ [$trustedHostTestList, 'host.three.test:8080', false],
+ [$trustedHostTestList, 'host.two.test:8080:aa:222', false],
+ [$trustedHostTestList, '[1fff:0:a88:85a3::ac1f]', true],
+ [$trustedHostTestList, '[1fff:0:a88:85a3::ac1f]:801', true],
+ [$trustedHostTestList, '[1fff:0:a88:85a3::ac1f]:801:34', false],
+ // trust localhost regardless of trust list
+ [$trustedHostTestList, 'localhost', true],
+ [$trustedHostTestList, 'localhost:8080', true],
+ [$trustedHostTestList, '127.0.0.1', true],
+ [$trustedHostTestList, '127.0.0.1:8080', true],
+ // do not trust invalid localhosts
+ [$trustedHostTestList, 'localhost:1:2', false],
+ [$trustedHostTestList, 'localhost: evil.host', false],
+ ];
+ }
+
+}
diff --git a/tests/lib/templatelayout.php b/tests/lib/templatelayout.php
index 1035dae122d..c23aaa9b762 100644
--- a/tests/lib/templatelayout.php
+++ b/tests/lib/templatelayout.php
@@ -52,7 +52,7 @@ class OC_TemplateLayout extends \Test\TestCase {
*/
public function testConvertToRelativePath($absolutePath, $expected) {
$_SERVER['REQUEST_URI'] = $expected;
- $_SERVER['SCRIPT_NAME'] = '/';
+ $_SERVER['SCRIPT_NAME'] = $expected;
$relativePath = \Test_Helper::invokePrivate(new \OC_TemplateLayout('user'), 'convertToRelativePath', array($absolutePath));
$this->assertEquals($expected, $relativePath);