1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
|
<?php
/**
*
* @package testing
* @copyright (c) 2008 phpBB Group
* @license http://opensource.org/licenses/gpl-2.0.php GNU General Public License v2
*
*/
require_once dirname(__FILE__) . '/base.php';
require_once dirname(__FILE__) . '/../../phpBB/includes/functions.php';
class phpbb_security_extract_current_page_test extends phpbb_security_test_base
{
public function security_variables()
{
return array(
array('http://localhost/phpBB/index.php', 'mark=forums&x="><script>alert(/XSS/);</script>', 'mark=forums&x=%22%3E%3Cscript%3Ealert(/XSS/);%3C/script%3E'),
array('http://localhost/phpBB/index.php', 'mark=forums&x=%22%3E%3Cscript%3Ealert(/XSS/);%3C/script%3E', 'mark=forums&x=%22%3E%3Cscript%3Ealert(/XSS/);%3C/script%3E'),
);
}
/**
* @dataProvider security_variables
*/
public function test_query_string_php_self($url, $query_string, $expected)
{
global $request;
$request->merge(phpbb_request_interface::SERVER, array(
'PHP_SELF' => $url,
'QUERY_STRING' => $query_string,
));
$result = phpbb_session::extract_current_page('./');
$label = 'Running extract_current_page on ' . $query_string . ' with PHP_SELF filled.';
$this->assertEquals($expected, $result['query_string'], $label);
}
/**
* @dataProvider security_variables
*/
public function test_query_string_request_uri($url, $query_string, $expected)
{
global $request;
$request->merge(phpbb_request_interface::SERVER, array(
'PHP_SELF' => $url,
'QUERY_STRING' => $query_string,
));
$result = phpbb_session::extract_current_page('./');
$label = 'Running extract_current_page on ' . $query_string . ' with REQUEST_URI filled.';
$this->assertEquals($expected, $result['query_string'], $label);
}
}
|