Skip to content

Commit

Permalink
merged branch lazyhammer/fix-inline-fragment (PR #7893)
Browse files Browse the repository at this point in the history 
This PR was submitted for the master branch but it was merged into the 2.3 branch instead (closes #7893).

Discussion
----------

[HttpKernel] Fix internal sub-request creation

| Q             | A
| ------------- | ---
| Bug fix?      | yes
| New feature?  | no
| BC breaks?    | no
| Deprecations? | no
| Tests pass?   | yes
| Fixed tickets | n/a
| License       | MIT
| Doc PR        | n/a

Fixes the creation of internal sub-request in case of disabled trusted
client-ip header.

Commits
-------

85d5413 [HttpKernel] Fix internal sub-request creation
  • Loading branch information
@fabpot
fabpot committed Aug 11, 2013
2 parents 7eaaec1 + 96aec0f commit 615bd0b
Show file tree
Hide file tree
Showing 2 changed files with 39 additions and 5 deletions.
7 changes: 4 additions & 3 deletions src/Symfony/Component/HttpKernel/Fragment/InlineFragmentRenderer.php
View file
Expand Up @@ -111,10 +111,11 @@ protected function createSubRequest($uri, Request $request)
// Sub-request object will point to localhost as client ip and real client ip
// will be included into trusted header for client ip
try {
$trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP);
$currentXForwardedFor = $request->headers->get($trustedHeaderName, '');
if ($trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP)) {
$currentXForwardedFor = $request->headers->get($trustedHeaderName, '');

$server['HTTP_'.$trustedHeaderName] = ($currentXForwardedFor ? $currentXForwardedFor.', ' : '').$request->getClientIp();
$server['HTTP_'.$trustedHeaderName] = ($currentXForwardedFor ? $currentXForwardedFor.', ' : '').$request->getClientIp();
}
} catch (\InvalidArgumentException $e) {
// Do nothing
}
Expand Down
37 changes: 35 additions & 2 deletions src/Symfony/Component/HttpKernel/Tests/Fragment/InlineFragmentRendererTest.php
View file
Expand Up @@ -67,6 +67,26 @@ public function testRenderWithObjectsAsAttributes()
$strategy->render(new ControllerReference('main_controller', array('object' => $object), array()), Request::create('/'));
}

public function testRenderWithTrustedHeaderDisabled()
{
$trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP);

Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, '');

$kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface');
$kernel
->expects($this->any())
->method('handle')
->with(Request::create('/'))
;

$strategy = new InlineFragmentRenderer($kernel);

$strategy->render('/', Request::create('/'));

Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, $trustedHeaderName);
}

/**
* @expectedException \RuntimeException
*/
Expand Down Expand Up @@ -147,8 +167,11 @@ public function testESIHeaderIsKeptInSubrequest()
{
$expectedSubRequest = Request::create('/');
$expectedSubRequest->headers->set('Surrogate-Capability', 'abc="ESI/1.0"');
$expectedSubRequest->headers->set('x-forwarded-for', array('127.0.0.1'));
$expectedSubRequest->server->set('HTTP_X_FORWARDED_FOR', '127.0.0.1');

if (Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP)) {
$expectedSubRequest->headers->set('x-forwarded-for', array('127.0.0.1'));
$expectedSubRequest->server->set('HTTP_X_FORWARDED_FOR', '127.0.0.1');
}

$kernel = $this->getMock('Symfony\Component\HttpKernel\HttpKernelInterface');
$kernel
Expand All @@ -163,4 +186,14 @@ public function testESIHeaderIsKeptInSubrequest()
$request->headers->set('Surrogate-Capability', 'abc="ESI/1.0"');
$strategy->render('/', $request);
}

public function testESIHeaderIsKeptInSubrequestWithTrustedHeaderDisabled()
{
$trustedHeaderName = Request::getTrustedHeaderName(Request::HEADER_CLIENT_IP);
Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, '');

$this->testESIHeaderIsKeptInSubrequest();

Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, $trustedHeaderName);
}
}

0 comments on commit 615bd0b

Please sign in to comment.