aboutsummaryrefslogtreecommitdiffstats
path: root/tests/security
diff options
context:
space:
mode:
authorMarc Alexander <admin@m-a-styles.de>2014-11-03 16:07:32 +0100
committerMarc Alexander <admin@m-a-styles.de>2014-11-03 16:07:32 +0100
commit6cc7da0c9c0fc8515aad780fba5de5b3860e5d56 (patch)
tree23729d86735c62843888cdb26c29e06fa6d6683e /tests/security
parent0e772afb9db640e54e84cfccaddcf74f3edbb3fb (diff)
downloadforums-6cc7da0c9c0fc8515aad780fba5de5b3860e5d56.tar
forums-6cc7da0c9c0fc8515aad780fba5de5b3860e5d56.tar.gz
forums-6cc7da0c9c0fc8515aad780fba5de5b3860e5d56.tar.bz2
forums-6cc7da0c9c0fc8515aad780fba5de5b3860e5d56.tar.xz
forums-6cc7da0c9c0fc8515aad780fba5de5b3860e5d56.zip
[ticket/13280] Properly format the current page and add sanitizer to tests
PHPBB3-13280
Diffstat (limited to 'tests/security')
-rw-r--r--tests/security/extract_current_page_test.php23
1 files changed, 15 insertions, 8 deletions
diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php
index 58dea68dc8..8e536ee461 100644
--- a/tests/security/extract_current_page_test.php
+++ b/tests/security/extract_current_page_test.php
@@ -37,16 +37,16 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
));
$symfony_request->expects($this->any())
->method('getScriptName')
- ->will($this->returnValue($url));
+ ->will($this->returnValue($this->sanitizer($url)));
$symfony_request->expects($this->any())
->method('getQueryString')
- ->will($this->returnValue($query_string));
+ ->will($this->returnValue($this->sanitizer($query_string)));
$symfony_request->expects($this->any())
->method('getBasePath')
->will($this->returnValue($server['REQUEST_URI']));
- $symfony_request->expects($this->any())
+ $symfony_request->expects($this->sanitizer($this->any()))
->method('getPathInfo')
- ->will($this->returnValue('/'));
+ ->will($this->returnValue($this->sanitizer('/')));
$result = \phpbb\session::extract_current_page('./');
$label = 'Running extract_current_page on ' . $query_string . ' with PHP_SELF filled.';
@@ -65,20 +65,27 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
));
$symfony_request->expects($this->any())
->method('getScriptName')
- ->will($this->returnValue($url));
+ ->will($this->returnValue($this->sanitizer($url)));
$symfony_request->expects($this->any())
->method('getQueryString')
- ->will($this->returnValue($query_string));
+ ->will($this->returnValue($this->sanitizer($query_string)));
$symfony_request->expects($this->any())
->method('getBasePath')
- ->will($this->returnValue($server['REQUEST_URI']));
+ ->will($this->returnValue($this->sanitizer($server['REQUEST_URI'])));
$symfony_request->expects($this->any())
->method('getPathInfo')
- ->will($this->returnValue('/'));
+ ->will($this->returnValue($this->sanitizer('/')));
$result = \phpbb\session::extract_current_page('./');
$label = 'Running extract_current_page on ' . $query_string . ' with REQUEST_URI filled.';
$this->assertEquals($expected, $result['query_string'], $label);
}
+
+ protected function sanitizer($value)
+ {
+ $type_cast_helper = new \phpbb\request\type_cast_helper();
+ $type_cast_helper->set_var($value, $value, gettype($value), true);
+ return $value;
+ }
}