Removing GET param, and making CakeRequest use PATH_INFO and SCRIPT_N…

…AME to determine base paths and request urls. Updated tests. Removed test for base path injection, as PHP_SELF is no longer used to compute the base path, and users cannot influence SCRIPT_NAME.
cakephp · Feb 20, 2011 · 24369cf · 24369cf
1 parent db00915
commit 24369cf
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 42 deletions.
diff --git a/cake/libs/cake_request.php b/cake/libs/cake_request.php
@@ -226,11 +226,7 @@ protected function _uri() {
  * @return string URL
  */
 	protected function _url() {
-		if (empty($_GET[self::$urlKey])) {
-			$url = $this->_uri();
-		} else {
-			$url = $_GET[self::$urlKey];
-		}
+		$url = $this->_uri();
 		return $url;
 	}
 
@@ -252,8 +248,7 @@ protected function _base() {
 			return $this->base = $base;
 		}
 		if (!$baseUrl) {
-			$replace = array('<', '>', '*', '\'', '"');
-			$base = str_replace($replace, '', dirname(env('PHP_SELF')));
+			$base = dirname(env('SCRIPT_NAME'));
 
 			if ($webroot === 'webroot' && $webroot === basename($base)) {
 				$base = dirname($base);

diff --git a/cake/tests/cases/libs/cake_request.test.php b/cake/tests/cases/libs/cake_request.test.php
@@ -794,9 +794,8 @@ public function testBaseUrlAndWebrootWithModRewrite() {
 		Configure::write('App.baseUrl', false);
 
 		$_SERVER['DOCUMENT_ROOT'] = '/cake/repo/branches';
-		$_SERVER['SCRIPT_FILENAME'] = '/cake/repo/branches/1.2.x.x/app/webroot/index.php';
-		$_SERVER['PHP_SELF'] = '/1.2.x.x/app/webroot/index.php';
-		$_GET['url'] = 'posts/view/1';
+		$_SERVER['SCRIPT_NAME'] = '/1.2.x.x/app/webroot/index.php';
+		$_SERVER['PATH_INFO'] = '/posts/view/1';
 
 		$request = new CakeRequest();
 		$this->assertEqual($request->base, '/1.2.x.x');
@@ -805,37 +804,33 @@ public function testBaseUrlAndWebrootWithModRewrite() {
 
 
 		$_SERVER['DOCUMENT_ROOT'] = '/cake/repo/branches/1.2.x.x/app/webroot';
-		$_SERVER['SCRIPT_FILENAME'] = '/cake/repo/branches/1.2.x.x/app/webroot/index.php';
-		$_SERVER['PHP_SELF'] = '/index.php';
-		$_GET['url'] = 'posts/add';
+		$_SERVER['SCRIPT_NAME'] = '/index.php';
+		$_SERVER['PATH_INFO'] = '/posts/add';
 		$request = new CakeRequest();
 
 		$this->assertEqual($request->base, '');
 		$this->assertEqual($request->webroot, '/');
 		$this->assertEqual($request->url, 'posts/add');
 
 		$_SERVER['DOCUMENT_ROOT'] = '/cake/repo/branches/1.2.x.x/test/';
-		$_SERVER['SCRIPT_FILENAME'] = '/cake/repo/branches/1.2.x.x/test/webroot/index.php';
-		$_SERVER['PHP_SELF'] = '/webroot/index.php';
+		$_SERVER['SCRIPT_NAME'] = '/webroot/index.php';
 		$request = new CakeRequest();
 
 		$this->assertEqual('', $request->base);
 		$this->assertEqual('/', $request->webroot);
 
 
 		$_SERVER['DOCUMENT_ROOT'] = '/some/apps/where';
-		$_SERVER['SCRIPT_FILENAME'] = '/some/apps/where/app/webroot/index.php';
-		$_SERVER['PHP_SELF'] = '/some/apps/where/app/webroot/index.php';
+		$_SERVER['SCRIPT_NAME'] = '/app/webroot/index.php';
 		$request = new CakeRequest();
 
-		$this->assertEqual($request->base, '/some/apps/where');
-		$this->assertEqual($request->webroot, '/some/apps/where/');
+		$this->assertEqual($request->base, '');
+		$this->assertEqual($request->webroot, '/');
 
 		Configure::write('App.dir', 'auth');
 
 		$_SERVER['DOCUMENT_ROOT'] = '/cake/repo/branches';
-		$_SERVER['SCRIPT_FILENAME'] = '/cake/repo/branches/demos/auth/webroot/index.php';
-		$_SERVER['PHP_SELF'] = '/demos/auth/webroot/index.php';
+		$_SERVER['SCRIPT_NAME'] = '/demos/auth/webroot/index.php';
 
 		$request = new CakeRequest();
 
@@ -845,8 +840,7 @@ public function testBaseUrlAndWebrootWithModRewrite() {
 		Configure::write('App.dir', 'code');
 
 		$_SERVER['DOCUMENT_ROOT'] = '/Library/WebServer/Documents';
-		$_SERVER['SCRIPT_FILENAME'] = '/Library/WebServer/Documents/clients/PewterReport/code/webroot/index.php';
-		$_SERVER['PHP_SELF'] = '/clients/PewterReport/code/webroot/index.php';
+		$_SERVER['SCRIPT_NAME'] = '/clients/PewterReport/code/webroot/index.php';
 		$request = new CakeRequest();
 
 		$this->assertEqual($request->base, '/clients/PewterReport/code');
@@ -860,8 +854,7 @@ public function testBaseUrlAndWebrootWithModRewrite() {
  */
 	public function testBaseUrlwithModRewriteAlias() {
 		$_SERVER['DOCUMENT_ROOT'] = '/home/aplusnur/public_html';
-		$_SERVER['SCRIPT_FILENAME'] = '/home/aplusnur/cake2/app/webroot/index.php';
-		$_SERVER['PHP_SELF'] = '/control/index.php';
+		$_SERVER['SCRIPT_NAME'] = '/control/index.php';
 
 		Configure::write('App.base', '/control');
 
@@ -875,8 +868,7 @@ public function testBaseUrlwithModRewriteAlias() {
 		Configure::write('App.webroot', 'newaffiliate');
 
 		$_SERVER['DOCUMENT_ROOT'] = '/var/www/abtravaff/html';
-		$_SERVER['SCRIPT_FILENAME'] = '/var/www/abtravaff/html/newaffiliate/index.php';
-		$_SERVER['PHP_SELF'] = '/newaffiliate/index.php';
+		$_SERVER['SCRIPT_NAME'] = '/newaffiliate/index.php';
 		$request = new CakeRequest();
 
 		$this->assertEqual($request->base, '/newaffiliate');
@@ -1252,21 +1244,6 @@ public function testEnvironmentDetection($name, $env, $expected) {
 		}
 	}
 
-/**
- * test that XSS can't be performed against the base path.
- *
- * @return void
- */
-	function testBasePathInjection() {
-		$_SERVER['PHP_SELF'] = urldecode(
-			"/index.php/%22%3E%3Ch1%20onclick=%22alert('xss');%22%3Eheya%3C/h1%3E"
-		);
-
-		$request = new CakeRequest();
-		$expected = '/index.php/h1 onclick=alert(xss);heya';
-		$this->assertEqual($request->base, $expected);
-	}
-
 /**
  * test the data() method reading
  *