From 6d533d2f8630d5bed2bfdbfd09cc9c689fbad1b5 Mon Sep 17 00:00:00 2001
From: Tristan Darricau <github@nicofuma.fr>
Date: Wed, 12 Nov 2014 10:30:27 +0100
Subject: [ticket/13280] Revert "Merge pull request #3107 from
 marc1706/ticket/13280"

This reverts commit a1b58d05d158ff7afd789c1b27821e17198f8d58, reversing
changes made to 0e772afb9db640e54e84cfccaddcf74f3edbb3fb.

PHPBB3-13280
---
 tests/security/extract_current_page_test.php | 28 ++++++++--------------------
 1 file changed, 8 insertions(+), 20 deletions(-)

(limited to 'tests/security')

diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php
index c127b69b2b..58dea68dc8 100644
--- a/tests/security/extract_current_page_test.php
+++ b/tests/security/extract_current_page_test.php
@@ -37,16 +37,16 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 		));
 		$symfony_request->expects($this->any())
 			->method('getScriptName')
-			->will($this->returnValue($this->sanitizer($url)));
+			->will($this->returnValue($url));
 		$symfony_request->expects($this->any())
 			->method('getQueryString')
-			->will($this->returnValue($this->sanitizer($query_string)));
+			->will($this->returnValue($query_string));
 		$symfony_request->expects($this->any())
 			->method('getBasePath')
 			->will($this->returnValue($server['REQUEST_URI']));
-		$symfony_request->expects($this->sanitizer($this->any()))
+		$symfony_request->expects($this->any())
 			->method('getPathInfo')
-			->will($this->returnValue($this->sanitizer('/')));
+			->will($this->returnValue('/'));
 		$result = \phpbb\session::extract_current_page('./');
 
 		$label = 'Running extract_current_page on ' . $query_string . ' with PHP_SELF filled.';
@@ -65,32 +65,20 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 		));
 		$symfony_request->expects($this->any())
 			->method('getScriptName')
-			->will($this->returnValue($this->sanitizer($url)));
+			->will($this->returnValue($url));
 		$symfony_request->expects($this->any())
 			->method('getQueryString')
-			->will($this->returnValue($this->sanitizer($query_string)));
+			->will($this->returnValue($query_string));
 		$symfony_request->expects($this->any())
 			->method('getBasePath')
-			->will($this->returnValue($this->sanitizer($server['REQUEST_URI'])));
+			->will($this->returnValue($server['REQUEST_URI']));
 		$symfony_request->expects($this->any())
 			->method('getPathInfo')
-			->will($this->returnValue($this->sanitizer('/')));
+			->will($this->returnValue('/'));
 
 		$result = \phpbb\session::extract_current_page('./');
 
 		$label = 'Running extract_current_page on ' . $query_string . ' with REQUEST_URI filled.';
 		$this->assertEquals($expected, $result['query_string'], $label);
 	}
-
-	protected function sanitizer($value)
-	{
-		// Fix for objects passed in phpunit
-		if (is_object($value))
-		{
-			return $value;
-		}
-		$type_cast_helper = new \phpbb\request\type_cast_helper();
-		$type_cast_helper->set_var($value, $value, gettype($value), true);
-		return str_replace('&amp;', '&', $value);
-	}
 }
-- 
cgit v1.2.1


From f142ed28e4be52278dec6ee587fc24d65f33c96a Mon Sep 17 00:00:00 2001
From: Tristan Darricau <github@nicofuma.fr>
Date: Wed, 12 Nov 2014 12:16:36 +0100
Subject: [ticket/13280] Make the tests failing

PHPBB3-13280
---
 tests/security/base.php                      | 50 ++++++++----------
 tests/security/extract_current_page_test.php | 77 +++++++++++-----------------
 tests/security/redirect_test.php             |  4 ++
 3 files changed, 53 insertions(+), 78 deletions(-)

(limited to 'tests/security')

diff --git a/tests/security/base.php b/tests/security/base.php
index 5519cac441..330408b448 100644
--- a/tests/security/base.php
+++ b/tests/security/base.php
@@ -13,6 +13,8 @@
 
 abstract class phpbb_security_test_base extends phpbb_test_case
 {
+	protected $server = array();
+
 	/**
 	* Set up the required user object and server variables for the suites
 	*/
@@ -21,17 +23,18 @@ abstract class phpbb_security_test_base extends phpbb_test_case
 		global $user, $phpbb_root_path, $phpEx, $request, $symfony_request, $phpbb_filesystem;
 
 		// Put this into a global function being run by every test to init a proper user session
-		$server['HTTP_HOST']		= 'localhost';
-		$server['SERVER_NAME']		= 'localhost';
-		$server['SERVER_ADDR']		= '127.0.0.1';
-		$server['SERVER_PORT']		= 80;
-		$server['REMOTE_ADDR']		= '127.0.0.1';
-		$server['QUERY_STRING']	= '';
-		$server['REQUEST_URI']		= '/tests/';
-		$server['SCRIPT_NAME']		= '/tests/index.php';
-		$server['PHP_SELF']		= '/tests/index.php';
-		$server['HTTP_USER_AGENT']	= 'Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14';
-		$server['HTTP_ACCEPT_LANGUAGE']	= 'de-de,de;q=0.8,en-us;q=0.5,en;q=0.3';
+		$this->server['HTTP_HOST']				= 'localhost';
+		$this->server['SERVER_NAME']			= 'localhost';
+		$this->server['SERVER_ADDR']			= '127.0.0.1';
+		$this->server['SERVER_PORT']			= 80;
+		$this->server['REMOTE_ADDR']			= '127.0.0.1';
+		$this->server['QUERY_STRING']			= '';
+		$this->server['REQUEST_URI']			= '/tests/';
+		$this->server['SCRIPT_NAME']			= '/tests/index.php';
+		$this->server['SCRIPT_FILENAME']		= '/var/www/tests/index.php';
+		$this->server['PHP_SELF']				= '/tests/index.php';
+		$this->server['HTTP_USER_AGENT']		= 'Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.8.1.14) Gecko/20080404 Firefox/2.0.0.14';
+		$this->server['HTTP_ACCEPT_LANGUAGE']	= 'de-de,de;q=0.8,en-us;q=0.5,en;q=0.3';
 
 /*
 		[HTTP_ACCEPT_ENCODING] => gzip,deflate
@@ -40,31 +43,18 @@ abstract class phpbb_security_test_base extends phpbb_test_case
 		[SCRIPT_FILENAME] => /var/www/tests/index.php
 */
 
-		$request = new phpbb_mock_request(array(), array(), array(), $server);
-		$symfony_request = $this->getMock("\phpbb\symfony_request", array(), array(
-			$request,
-		));
-		$symfony_request->expects($this->any())
-			->method('getScriptName')
-			->will($this->returnValue($server['SCRIPT_NAME']));
-		$symfony_request->expects($this->any())
-			->method('getQueryString')
-			->will($this->returnValue($server['QUERY_STRING']));
-		$symfony_request->expects($this->any())
-			->method('getBasePath')
-			->will($this->returnValue($server['REQUEST_URI']));
-		$symfony_request->expects($this->any())
-			->method('getPathInfo')
-			->will($this->returnValue('/'));
-		$phpbb_filesystem = new \phpbb\filesystem($symfony_request, $phpbb_root_path, $phpEx);
+		$request = new phpbb_mock_request(array(), array(), array(), $this->server);
+		$symfony_request = new \phpbb\symfony_request($request);
+
+		$phpbb_filesystem = new \phpbb\filesystem();
 
 		// Set no user and trick a bit to circumvent errors
 		$user = new \phpbb\user('\phpbb\datetime');
 		$user->lang = true;
-		$user->browser				= $server['HTTP_USER_AGENT'];
+		$user->browser				= $this->server['HTTP_USER_AGENT'];
 		$user->referer				= '';
 		$user->forwarded_for		= '';
-		$user->host					= $server['HTTP_HOST'];
+		$user->host					= $this->server['HTTP_HOST'];
 		$user->page = \phpbb\session::extract_current_page($phpbb_root_path);
 	}
 
diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php
index 58dea68dc8..5c0369f270 100644
--- a/tests/security/extract_current_page_test.php
+++ b/tests/security/extract_current_page_test.php
@@ -1,15 +1,15 @@
 <?php
 /**
-*
-* This file is part of the phpBB Forum Software package.
-*
-* @copyright (c) phpBB Limited <https://www.phpbb.com>
-* @license GNU General Public License, version 2 (GPL-2.0)
-*
-* For full copyright and license information, please see
-* the docs/CREDITS.txt file.
-*
-*/
+ *
+ * This file is part of the phpBB Forum Software package.
+ *
+ * @copyright (c) phpBB Limited <https://www.phpbb.com>
+ * @license GNU General Public License, version 2 (GPL-2.0)
+ *
+ * For full copyright and license information, please see
+ * the docs/CREDITS.txt file.
+ *
+ */
 
 require_once dirname(__FILE__) . '/base.php';
 
@@ -20,33 +20,25 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 	public function security_variables()
 	{
 		return array(
-			array('http://localhost/phpBB/index.php', 'mark=forums&x="><script>alert(/XSS/);</script>', 'mark=forums&x=%22%3E%3Cscript%3Ealert(/XSS/);%3C/script%3E'),
-			array('http://localhost/phpBB/index.php', 'mark=forums&x=%22%3E%3Cscript%3Ealert(/XSS/);%3C/script%3E', 'mark=forums&x=%22%3E%3Cscript%3Ealert(/XSS/);%3C/script%3E'),
+			array('mark=forums&x="><script>alert(/XSS/);</script>', 'mark=forums&x=%22%3E%3Cscript%3Ealert%28%2FXSS%2F%29%3B%3C%2Fscript%3E'),
+			array('mark=forums&x=%22%3E%3Cscript%3Ealert(/XSS/);%3C/script%3E', 'mark=forums&x=%22%3E%3Cscript%3Ealert%28%2FXSS%2F%29%3B%3C%2Fscript%3E'),
+			array('mark=forums&x=%22%3E%3Cscript%3Ealert%28%2FXSS%2F%29%3B%3C%2Fscript%3E', 'mark=forums&x=%22%3E%3Cscript%3Ealert%28%2FXSS%2F%29%3B%3C%2Fscript%3E'),
 		);
 	}
 
 	/**
-	* @dataProvider security_variables
-	*/
-	public function test_query_string_php_self($url, $query_string, $expected)
+	 * @dataProvider security_variables
+	 */
+	public function test_query_string_php_self($query_string, $expected)
 	{
 		global $symfony_request, $request;
 
-		$symfony_request = $this->getMock("\phpbb\symfony_request", array(), array(
-			$request,
-		));
-		$symfony_request->expects($this->any())
-			->method('getScriptName')
-			->will($this->returnValue($url));
-		$symfony_request->expects($this->any())
-			->method('getQueryString')
-			->will($this->returnValue($query_string));
-		$symfony_request->expects($this->any())
-			->method('getBasePath')
-			->will($this->returnValue($server['REQUEST_URI']));
-		$symfony_request->expects($this->any())
-			->method('getPathInfo')
-			->will($this->returnValue('/'));
+		$this->server['REQUEST_URI'] = '';
+		$this->server['QUERY_STRING'] = $query_string;
+
+		$request = new phpbb_mock_request(array(), array(), array(), $this->server);
+		$symfony_request = new \phpbb\symfony_request($request);
+
 		$result = \phpbb\session::extract_current_page('./');
 
 		$label = 'Running extract_current_page on ' . $query_string . ' with PHP_SELF filled.';
@@ -54,27 +46,16 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 	}
 
 	/**
-	* @dataProvider security_variables
-	*/
-	public function test_query_string_request_uri($url, $query_string, $expected)
+	 * @dataProvider security_variables
+	 */
+	public function test_query_string_request_uri($query_string, $expected)
 	{
 		global $symfony_request, $request;
 
-		$symfony_request = $this->getMock("\phpbb\symfony_request", array(), array(
-			$request,
-		));
-		$symfony_request->expects($this->any())
-			->method('getScriptName')
-			->will($this->returnValue($url));
-		$symfony_request->expects($this->any())
-			->method('getQueryString')
-			->will($this->returnValue($query_string));
-		$symfony_request->expects($this->any())
-			->method('getBasePath')
-			->will($this->returnValue($server['REQUEST_URI']));
-		$symfony_request->expects($this->any())
-			->method('getPathInfo')
-			->will($this->returnValue('/'));
+		$this->server['QUERY_STRING'] = $query_string;
+
+		$request = new phpbb_mock_request(array(), array(), array(), $this->server);
+		$symfony_request = new \phpbb\symfony_request($request);
 
 		$result = \phpbb\session::extract_current_page('./');
 
diff --git a/tests/security/redirect_test.php b/tests/security/redirect_test.php
index 3961c2781e..21fb103ed1 100644
--- a/tests/security/redirect_test.php
+++ b/tests/security/redirect_test.php
@@ -73,6 +73,8 @@ class phpbb_security_redirect_test extends phpbb_security_test_base
 
 	protected function setUp()
 	{
+		global $phpbb_dispatcher;
+
 		parent::setUp();
 
 		$GLOBALS['config'] = array(
@@ -80,6 +82,8 @@ class phpbb_security_redirect_test extends phpbb_security_test_base
 		);
 
 		$this->path_helper = $this->get_path_helper();
+
+		$phpbb_dispatcher = new phpbb_mock_event_dispatcher();
 	}
 
 	/**
-- 
cgit v1.2.1


From 0dfe1d0d8b007ec7b7cae0715cfb2e5f4e33bad4 Mon Sep 17 00:00:00 2001
From: Tristan Darricau <github@nicofuma.fr>
Date: Wed, 12 Nov 2014 11:44:56 +0100
Subject: [ticket/13280] Output escaping for the symfony request object

PHPBB3-13280
---
 tests/security/extract_current_page_test.php | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

(limited to 'tests/security')

diff --git a/tests/security/extract_current_page_test.php b/tests/security/extract_current_page_test.php
index 5c0369f270..767b901a43 100644
--- a/tests/security/extract_current_page_test.php
+++ b/tests/security/extract_current_page_test.php
@@ -1,15 +1,15 @@
 <?php
 /**
- *
- * This file is part of the phpBB Forum Software package.
- *
- * @copyright (c) phpBB Limited <https://www.phpbb.com>
- * @license GNU General Public License, version 2 (GPL-2.0)
- *
- * For full copyright and license information, please see
- * the docs/CREDITS.txt file.
- *
- */
+*
+* This file is part of the phpBB Forum Software package.
+*
+* @copyright (c) phpBB Limited <https://www.phpbb.com>
+* @license GNU General Public License, version 2 (GPL-2.0)
+*
+* For full copyright and license information, please see
+* the docs/CREDITS.txt file.
+*
+*/
 
 require_once dirname(__FILE__) . '/base.php';
 
@@ -27,8 +27,8 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 	}
 
 	/**
-	 * @dataProvider security_variables
-	 */
+	* @dataProvider security_variables
+	*/
 	public function test_query_string_php_self($query_string, $expected)
 	{
 		global $symfony_request, $request;
@@ -46,8 +46,8 @@ class phpbb_security_extract_current_page_test extends phpbb_security_test_base
 	}
 
 	/**
-	 * @dataProvider security_variables
-	 */
+	* @dataProvider security_variables
+	*/
 	public function test_query_string_request_uri($query_string, $expected)
 	{
 		global $symfony_request, $request;
-- 
cgit v1.2.1