diff --git a/src/TestSuite/IntegrationTestCase.php b/src/TestSuite/IntegrationTestCase.php index 70e7a1c8611..665470275fb 100644 --- a/src/TestSuite/IntegrationTestCase.php +++ b/src/TestSuite/IntegrationTestCase.php @@ -22,6 +22,7 @@ class_alias('PHPUnit_Exception', 'PHPUnit\Exception'); use Cake\Core\Configure; use Cake\Database\Exception as DatabaseException; +use Cake\Http\ServerRequest; use Cake\Http\Session; use Cake\Routing\Router; use Cake\TestSuite\Stub\TestExceptionRenderer; @@ -658,14 +659,19 @@ protected function _addTokens($url, $data) */ protected function _url($url) { - $url = Router::url($url); + // re-create URL in ServerRequest's context so + // query strings are encoded as expected + $request = new ServerRequest(['url' => Router::url($url)]); + $url = $request->getRequestTarget(); + $query = ''; + $path = parse_url($url, PHP_URL_PATH); if (strpos($url, '?') !== false) { - list($url, $query) = explode('?', $url, 2); + $query = parse_url($url, PHP_URL_QUERY); } - return [$url, $query]; + return [$path, $query]; } /** diff --git a/tests/TestCase/TestSuite/IntegrationTestCaseTest.php b/tests/TestCase/TestSuite/IntegrationTestCaseTest.php index 52b78dcce87..0f4245cdd3d 100644 --- a/tests/TestCase/TestSuite/IntegrationTestCaseTest.php +++ b/tests/TestCase/TestSuite/IntegrationTestCaseTest.php @@ -1094,4 +1094,33 @@ public function testDisableErrorHandlerMiddleware() $this->disableErrorHandlerMiddleware(); $this->get('/foo'); } + + /** + * tests getting a secure action while passing a query string + * + * @return void + * @dataProvider methodsProvider + */ + public function testSecureWithQueryString($method) + { + $this->enableSecurityToken(); + $this->{$method}('/posts/securePost/?ids[]=1&ids[]=2'); + $this->assertResponseOk(); + } + + /** + * data provider for HTTP methods + * + * @return array + */ + public function methodsProvider() + { + return [ + 'GET' => ['get'], + 'POST' => ['post'], + 'PATCH' => ['patch'], + 'PUT' => ['put'], + 'DELETE' => ['delete'], + ]; + } }