Skip to content

[5.4] Don't call method cleanParameterBag() twice for json request#18840

Merged
taylorotwell merged 1 commit into
laravel:5.4from
dmasior:fix-transforms-request-middleware
Apr 19, 2017
Merged

[5.4] Don't call method cleanParameterBag() twice for json request#18840
taylorotwell merged 1 commit into
laravel:5.4from
dmasior:fix-transforms-request-middleware

Conversation

@dmasior
Copy link
Copy Markdown

@dmasior dmasior commented Apr 18, 2017
edited
Loading

Fix for bug I found in TransformsRequest middleware. Currently for json request it is calling method cleanParameterBag 2x so method transform() is executed 2x. The result is malformed data (transformed twice).

@taylorotwell
Copy link
Copy Markdown
Member

taylorotwell commented Apr 18, 2017

How do I recreate the bug on a fresh Laravel installation?

@dmasior
Copy link
Copy Markdown
Author

dmasior commented Apr 18, 2017
edited
Loading

To reproduce error I created test:

<?php

namespace Tests\Feature;

use Tests\TestCase;

class ExampleTest extends TestCase
{
    /**
     * @return void
     */
    public function testBasicTest()
    {
        $response = $this->postJson('/', ['test' => 2]);

        $response->assertJson(['test' => 8,]); // Expected to be 2+2=4 not 8 (2+2+4) as IncrementVarTwice->transform() method should be executed once
    }
}

then defined example route:

\Route::post('/', function (Request $request) {
    return \Response::json($request->all());
});

and a middleware:

<?php

namespace App\Http\Middleware;

use Illuminate\Foundation\Http\Middleware\TransformsRequest;

class IncrementVarTwice extends TransformsRequest
{
    protected function transform($key, $value)
    {
        if ($key === 'test') {
            $value = $value + $value;
        }

        return $value;
    }
}

and registered it in App\Http\Kernel:

protected $middleware = [
        \App\Http\Middleware\IncrementVarTwice::class,
    ];

After that all i got:

PHPUnit 5.7.19 by Sebastian Bergmann and contributors.

..                                                                  2 / 2 (100%)

Time: 96 ms, Memory: 6.00MB

OK (2 tests, 2 assertions)

Which is NOK

@dmasior
Copy link
Copy Markdown
Author

dmasior commented Apr 18, 2017

The problem occurs only when sending data in json request. Not as query param, because $request->query is transformed only once:

    /**
     * Clean the request's data.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return void
     */
    protected function clean($request)
    {
        $this->cleanParameterBag($request->query);

        $this->cleanParameterBag($request->request);

        if ($request->isJson()) {
            $this->cleanParameterBag($request->json());
        }
    }

@taylorotwell taylorotwell merged commit ac03097 into laravel:5.4 Apr 19, 2017
@dmasior dmasior mentioned this pull request Apr 26, 2017
Merged
@derekmd derekmd mentioned this pull request Nov 3, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@dmasior @taylorotwell