Merge branch '3.1.x' into 3.2.x

* 3.1.x: [ticket/14481] Add tests for x_forwarded_proto header [ticket/14481] Use port 443 if https is specified in x-forwarded-proto [ticket/14481] Respect HTTP_X_FORWARDED headers for implying https
2025-07-31 22:10:45 +02:00 · 2016-03-27 12:56:03 +02:00
parent 7d5a853b21 5442a25967
commit 386d31ec63
5 changed files with 126 additions and 6 deletions
--- a/tests/request/request_test.php
+++ b/tests/request/request_test.php
@@ -13,7 +13,10 @@

 class phpbb_request_test extends phpbb_test_case
 {
+	/** @var \phpbb\request\type_cast_helper_interface */
 	private $type_cast_helper;
+
+	/** @var \phpbb\request\request */
 	private $request;

 	protected function setUp()
@@ -143,15 +146,112 @@ class phpbb_request_test extends phpbb_test_case
 		$this->assertTrue($this->request->is_ajax());
 	}

-	public function test_is_secure()
+	public function data_is_secure()
+	{
+		return array(
+			array(
+				array(
+					'HTTPS' => 'on',
+				),
+				true,
+			),
+			array(
+				array(
+					'HTTPS' => '1',
+				),
+				true,
+			),
+			array(
+				array(
+					'HTTPS' => 'yes',
+				),
+				true,
+			),
+			array(
+				array(
+					'HTTPS' => 1,
+				),
+				true,
+			),
+			array(
+				array(
+					'HTTPS' => 'off',
+				),
+				false,
+			),
+			array(
+				array(
+					'HTTPS' => '0',
+				),
+				false,
+			),
+			array(
+				array(
+					'HTTPS' => 0,
+				),
+				false,
+			),
+			array(
+				array(
+					'HTTPS' => '',
+				),
+				false,
+			),
+			array(
+				array(
+					'HTTPS' => 'off',
+					'HTTP_X_FORWARDED_PROTO' => 'https',
+				),
+				true,
+			),
+			array(
+				array(
+					'HTTPS' => 'on',
+					'HTTP_X_FORWARDED_PROTO' => 'http',
+				),
+				true,
+			),
+			array(
+				array(
+					'HTTPS' => 'off',
+					'HTTP_X_FORWARDED_PROTO' => 'http',
+				),
+				false,
+			),
+			array(
+				array(
+					'HTTP_X_FORWARDED_PROTO' => 'http',
+				),
+				false,
+			),
+			array(
+				array(
+					'HTTP_X_FORWARDED_PROTO' => 'https',
+				),
+				true,
+			),
+			array(
+				array(
+					'HTTPS' => 'on',
+					'HTTP_X_FORWARDED_PROTO' => 'http',
+				),
+				true,
+			),
+		);
+	}
+
+	/**
+	 * @dataProvider data_is_secure
+	 */
+	public function test_is_secure($server_data, $expected)
 	{
 		$this->assertFalse($this->request->is_secure());

 		$this->request->enable_super_globals();
-		$_SERVER['HTTPS'] = 'on';
+		$_SERVER = $server_data;
 		$this->request = new \phpbb\request\request($this->type_cast_helper);

-		$this->assertTrue($this->request->is_secure());
+		$this->assertSame($expected, $this->request->is_secure());
 	}

 	public function test_variable_names()