diff options
| author | Marc Alexander <admin@m-a-styles.de> | 2014-11-03 16:07:32 +0100 |
|---|---|---|
| committer | Marc Alexander <admin@m-a-styles.de> | 2014-11-03 16:07:32 +0100 |
| commit | 6cc7da0c9c0fc8515aad780fba5de5b3860e5d56 (patch) | |
| tree | 23729d86735c62843888cdb26c29e06fa6d6683e /tests/security | |
| parent | 0e772afb9db640e54e84cfccaddcf74f3edbb3fb (diff) | |
| download | forums-6cc7da0c9c0fc8515aad780fba5de5b3860e5d56.tar forums-6cc7da0c9c0fc8515aad780fba5de5b3860e5d56.tar.gz forums-6cc7da0c9c0fc8515aad780fba5de5b3860e5d56.tar.bz2 forums-6cc7da0c9c0fc8515aad780fba5de5b3860e5d56.tar.xz forums-6cc7da0c9c0fc8515aad780fba5de5b3860e5d56.zip | |
[ticket/13280] Properly format the current page and add sanitizer to tests
PHPBB3-13280
Diffstat (limited to 'tests/security')
| -rw-r--r-- | tests/security/extract_current_page_test.php | 23 |
1 files changed, 15 insertions, 8 deletions
diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php index 58dea68dc8..8e536ee461 100644 --- a/tests/security/extract_current_page_test.php +++ b/tests/security/extract_current_page_test.php @@ -37,16 +37,16 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base )); $symfony_request->expects($this->any()) ->method('getScriptName') - ->will($this->returnValue($url)); + ->will($this->returnValue($this->sanitizer($url))); $symfony_request->expects($this->any()) ->method('getQueryString') - ->will($this->returnValue($query_string)); + ->will($this->returnValue($this->sanitizer($query_string))); $symfony_request->expects($this->any()) ->method('getBasePath') ->will($this->returnValue($server['REQUEST_URI'])); - $symfony_request->expects($this->any()) + $symfony_request->expects($this->sanitizer($this->any())) ->method('getPathInfo') - ->will($this->returnValue('/')); + ->will($this->returnValue($this->sanitizer('/'))); $result = \phpbb\session::extract_current_page('./'); $label = 'Running extract_current_page on ' . $query_string . ' with PHP_SELF filled.'; @@ -65,20 +65,27 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base )); $symfony_request->expects($this->any()) ->method('getScriptName') - ->will($this->returnValue($url)); + ->will($this->returnValue($this->sanitizer($url))); $symfony_request->expects($this->any()) ->method('getQueryString') - ->will($this->returnValue($query_string)); + ->will($this->returnValue($this->sanitizer($query_string))); $symfony_request->expects($this->any()) ->method('getBasePath') - ->will($this->returnValue($server['REQUEST_URI'])); + ->will($this->returnValue($this->sanitizer($server['REQUEST_URI']))); $symfony_request->expects($this->any()) ->method('getPathInfo') - ->will($this->returnValue('/')); + ->will($this->returnValue($this->sanitizer('/'))); $result = \phpbb\session::extract_current_page('./'); $label = 'Running extract_current_page on ' . $query_string . ' with REQUEST_URI filled.'; $this->assertEquals($expected, $result['query_string'], $label); } + + protected function sanitizer($value) + { + $type_cast_helper = new \phpbb\request\type_cast_helper(); + $type_cast_helper->set_var($value, $value, gettype($value), true); + return $value; + } } |