|
|
|
@ -725,6 +725,38 @@ class RequestTest extends TestCase
|
|
|
|
|
$this->assertSame('default', $request->getBodyParam('unexisting', 'default')); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
public function trustedHostAndInjectedXForwardedForDataProvider() |
|
|
|
|
{ |
|
|
|
|
return [ |
|
|
|
|
'emptyIPs' => ['1.1.1.1', '', ['10.10.10.10'], '1.1.1.1'], |
|
|
|
|
'invalidIp' => ['1.1.1.1', '127.0.0.1, 8.8.8.8, 2.2.2.2, apple', ['10.10.10.10'], '1.1.1.1'], |
|
|
|
|
'invalidIp2' => ['1.1.1.1', '127.0.0.1, 8.8.8.8, 2.2.2.2, 300.300.300.300', ['10.10.10.10'], '1.1.1.1'], |
|
|
|
|
'invalidIp3' => ['1.1.1.1', '127.0.0.1, 8.8.8.8, 2.2.2.2, 10.0.0.0/26', ['10.0.0.0/24'], '1.1.1.1'], |
|
|
|
|
'invalidLatestIp' => ['1.1.1.1', '127.0.0.1, 8.8.8.8, 2.2.2.2, apple, 2.2.2.2', ['1.1.1.1', '2.2.2.2'], '2.2.2.2'], |
|
|
|
|
'notTrusted' => ['1.1.1.1', '127.0.0.1, 8.8.8.8, 2.2.2.2', ['10.10.10.10'], '1.1.1.1'], |
|
|
|
|
'trustedLevel1' => ['1.1.1.1', '127.0.0.1, 8.8.8.8, 2.2.2.2', ['1.1.1.1'], '2.2.2.2'], |
|
|
|
|
'trustedLevel2' => ['1.1.1.1', '127.0.0.1, 8.8.8.8, 2.2.2.2', ['1.1.1.1', '2.2.2.2'], '8.8.8.8'], |
|
|
|
|
'trustedLevel3' => ['1.1.1.1', '127.0.0.1, 8.8.8.8, 2.2.2.2', ['1.1.1.1', '2.2.2.2', '8.8.8.8'], '127.0.0.1'], |
|
|
|
|
'trustedLevel4' => ['1.1.1.1', '127.0.0.1, 8.8.8.8, 2.2.2.2', ['1.1.1.1', '2.2.2.2', '8.8.8.8', '127.0.0.1'], '127.0.0.1'], |
|
|
|
|
'trustedLevel4EmptyElements' => ['1.1.1.1', '127.0.0.1, 8.8.8.8,,,, , , 2.2.2.2', ['1.1.1.1', '2.2.2.2', '8.8.8.8', '127.0.0.1'], '127.0.0.1'], |
|
|
|
|
'trustedWithCidr' => ['10.0.0.2', '127.0.0.1, 8.8.8.8, 10.0.0.240, 10.0.0.32, 10.0.0.99', ['10.0.0.0/24'], '8.8.8.8'], |
|
|
|
|
'trustedAll' => ['10.0.0.2', '127.0.0.1, 8.8.8.8, 10.0.0.240, 10.0.0.32, 10.0.0.99', ['0.0.0.0/0'], '127.0.0.1'], |
|
|
|
|
]; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @dataProvider trustedHostAndInjectedXForwardedForDataProvider |
|
|
|
|
*/ |
|
|
|
|
public function testTrustedHostAndInjectedXForwardedFor($remoteAddress, $xForwardedFor, $trustedHosts, $expectedUserIp) |
|
|
|
|
{ |
|
|
|
|
$_SERVER['REMOTE_ADDR'] = $remoteAddress; |
|
|
|
|
$_SERVER['HTTP_X_FORWARDED_FOR'] = $xForwardedFor; |
|
|
|
|
$request = new Request([ |
|
|
|
|
'trustedHosts' => $trustedHosts, |
|
|
|
|
]); |
|
|
|
|
$this->assertSame($expectedUserIp, $request->getUserIP()); |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
/** |
|
|
|
|
* @testWith ["POST", "GET", "POST"] |
|
|
|
|
* ["POST", "OPTIONS", "POST"] |
|
|
|
|