Skip to content

Commit

Permalink
Merge branch 'QA_5_0'
Browse files Browse the repository at this point in the history 
Signed-off-by: William Desportes <williamdes@wdes.fr>
  • Loading branch information
@williamdes
williamdes committed Jan 24, 2020
2 parents b736f0a + 97e5b82 commit d042b6e
Show file tree
Hide file tree
Showing 6 changed files with 164 additions and 8 deletions.
1 change: 1 addition & 0 deletions ChangeLog
View file
Expand Up @@ -37,6 +37,7 @@ phpMyAdmin - ChangeLog
- issue #15833 Fix php TypeError when submitting unchanged data
- issue Fix php notice "Trying to access array offset on value of type bool" on Designer
- issue #13326 Added integer validations on search page
- issue #15200 Fixed server-side HTTPS detection misses support for Forwarded HTTP Extension (RFC 7239)

5.0.1 (2020-01-07)
- issue #15719 Fixed error 500 when browsing a table when $cfg['LimitChars'] used a string and not an int value
Expand Down
3 changes: 3 additions & 0 deletions libraries/classes/Config.php
View file
Expand Up @@ -1337,6 +1337,9 @@ public function isHttps(): bool
} elseif (strtolower(Core::getenv('HTTP_CLOUDFRONT_FORWARDED_PROTO')) === 'https') {
// Amazon CloudFront, issue #15621
$is_https = true;
} elseif (Util::getProtoFromForwardedHeader(Core::getenv('HTTP_FORWARDED')) === 'https') {
// RFC 7239 Forwarded header
$is_https = true;
} elseif (Core::getenv('SERVER_PORT') == 443) {
$is_https = true;
}
Expand Down
23 changes: 23 additions & 0 deletions libraries/classes/Util.php
View file
Expand Up @@ -3144,4 +3144,27 @@ public static function buildActionTitles(): array

return $titles;
}

/**
* Get the protocol from the RFC 7239 Forwarded header
* @param string $headerContents The Forwarded header contents
* @return string the protocol http/https
*/
public static function getProtoFromForwardedHeader(string $headerContents): string
{
if (strpos($headerContents, '=') !== false) {// does not contain any equal sign
$hops = explode(',', $headerContents);
$parts = explode(';', $hops[0]);
foreach ($parts as $part) {
[
$keyName,
$value,
] = explode('=', $part);
if (strtolower(trim($keyName)) === 'proto') {
return empty($value) ? '' : $value;
}
}
}
return '';
}
}
32 changes: 31 additions & 1 deletion test/classes/ConfigTest.php
View file
Expand Up @@ -497,6 +497,7 @@ public function testGetSetSource()
*
* @param string $scheme http scheme
* @param string $https https
* @param string $forwarded forwarded header
* @param string $uri request uri
* @param string $lb http https from lb
* @param string $front http front end https
Expand All @@ -508,10 +509,11 @@ public function testGetSetSource()
*
* @dataProvider httpsParams
*/
public function testIsHttps($scheme, $https, $uri, $lb, $front, $proto, $protoCloudFront, $pmaAbsoluteUri, $port, $expected): void
public function testIsHttps($scheme, $https, string $forwarded, $uri, $lb, $front, $proto, $protoCloudFront, $pmaAbsoluteUri, $port, $expected): void
{
$_SERVER['HTTP_SCHEME'] = $scheme;
$_SERVER['HTTPS'] = $https;
$_SERVER['HTTP_FORWARDED'] = $forwarded;
$_SERVER['REQUEST_URI'] = $uri;
$_SERVER['HTTP_HTTPS_FROM_LB'] = $lb;
$_SERVER['HTTP_FRONT_END_HTTPS'] = $front;
Expand All @@ -538,6 +540,7 @@ public function httpsParams()
'',
'',
'',
'',
'http',
'',
'',
Expand All @@ -547,6 +550,7 @@ public function httpsParams()
[
'http',
'',
'',
'http://',
'',
'',
Expand All @@ -562,6 +566,7 @@ public function httpsParams()
'',
'',
'',
'',
'http',
'',
'',
Expand All @@ -574,6 +579,7 @@ public function httpsParams()
'',
'',
'',
'',
'https',
'',
'',
Expand All @@ -585,6 +591,7 @@ public function httpsParams()
'',
'',
'',
'',
'on',
'http',
'',
Expand All @@ -596,6 +603,7 @@ public function httpsParams()
'http',
'',
'',
'',
'on',
'',
'http',
Expand All @@ -607,6 +615,7 @@ public function httpsParams()
[
'http',
'',
'',
'https://',
'',
'',
Expand All @@ -622,6 +631,7 @@ public function httpsParams()
'',
'',
'',
'',
'http',
'',
'',
Expand All @@ -634,6 +644,7 @@ public function httpsParams()
'',
'',
'',
'',
'http',
'',
'',
Expand All @@ -647,6 +658,7 @@ public function httpsParams()
'',
'',
'',
'',
'https',
'',
80,
Expand All @@ -658,6 +670,7 @@ public function httpsParams()
'',
'',
'',
'',
'https',
'http',
'',
Expand All @@ -673,6 +686,7 @@ public function httpsParams()
'',
'',
'',
'',
80,
true,
],
Expand All @@ -685,6 +699,7 @@ public function httpsParams()
'',
'',
'',
'',
8080,
false,
],
Expand All @@ -696,6 +711,7 @@ public function httpsParams()
'',
'',
'',
'',
'https://127.0.0.1',
80,
true,
Expand All @@ -708,10 +724,24 @@ public function httpsParams()
'',
'',
'',
'',
'http://127.0.0.1',
80,
false,
],
[
'',
'',
'for=12.34.56.78;host=example.com;proto=https, for=23.45.67.89',
'',
'',
'',
'',
'',
'http://127.0.0.1',
80,
true,
],
];
}

Expand Down
93 changes: 93 additions & 0 deletions test/classes/UtilTest.php
View file
Expand Up @@ -1713,4 +1713,97 @@ public function providerIsInteger(): array
],
];
}

/**
* Test for Util::getProtoFromForwardedHeader
*
* @param string $header The http Forwarded header
* @param string $proto The protocol http/https
*
* @return void
*
* @dataProvider providerForwardedHeaders
*/
public function testGetProtoFromForwardedHeader(string $header, string $proto): void
{
$protocolDetected = Util::getProtoFromForwardedHeader($header);
$this->assertEquals($proto, $protocolDetected);
}

/**
* Data provider for Util::getProtoFromForwardedHeader test
* @source https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Forwarded MDN docs
* @source https://www.nginx.com/resources/wiki/start/topics/examples/forwarded/ Nginx docs
*
* @return array
*/
public function providerForwardedHeaders(): array
{
return [
[
'',
'',
],
[
'=',
'',
],
[
'https',
'',
],
[
'https',
'',
],
[
'=https',
'',
],
[
'=http',
'',
],
[
'For="[2001:db8:cafe::17]:4711"',
'',
],
[
'for=192.0.2.60;proto=http;by=203.0.113.43',
'http',
],
[
'for=192.0.2.43, for=198.51.100.17',
'',
],
[
'for=123.34.567.89',
'',
],
[
'for=192.0.2.43, for="[2001:db8:cafe::17]"',
'',
],
[
'for=12.34.56.78;host=example.com;proto=https, for=23.45.67.89',
'https',
],
[
'for=12.34.56.78, for=23.45.67.89;secret=egah2CGj55fSJFs, for=10.1.2.3',
'',
],
[
'for=injected;by="',
'',
],
[
'for=injected;by=", for=real',
'',
],
[
'for=192.0.2.60;proto=http;by=203.0.113.43',
'http',
],
];
}
}
20 changes: 13 additions & 7 deletions test/selenium/TestBase.php
View file
Expand Up @@ -104,13 +104,19 @@ protected function setUp(): void
return;
}

$this->_mysqli = new mysqli(
$GLOBALS['TESTSUITE_SERVER'],
$GLOBALS['TESTSUITE_USER'],
$GLOBALS['TESTSUITE_PASSWORD'],
'mysql',
(int) $GLOBALS['TESTSUITE_PORT']
);
try {
$this->_mysqli = new mysqli(
$GLOBALS['TESTSUITE_SERVER'],
$GLOBALS['TESTSUITE_USER'],
$GLOBALS['TESTSUITE_PASSWORD'],
'mysql',
(int) $GLOBALS['TESTSUITE_PORT']
);
} catch (Exception $e) {
// when localhost is used, it tries to connect to a socket and throws and error
$this->markTestSkipped('Failed to connect to MySQL (' . $e->getMessage() . ')');
return;
}

if ($this->_mysqli->connect_errno) {
$this->markTestSkipped('Failed to connect to MySQL (' . $this->_mysqli->error . ')');
Expand Down

0 comments on commit d042b6e

Please sign in to comment.