8000 [Routing] Validate "namespace" (when using `Psr4DirectoryLoader`) · symfony/symfony@3d807c1 · GitHub
[go: up one dir, main page]
Skip to content

Commit 3d807c1

Browse files
KocalKocal
committed
[Routing] Validate "namespace" (when using Psr4DirectoryLoader)
1 parent 31c4198 commit 3d807c1

File tree

2 files changed

+34
-0
lines changed

2 files changed

+34
-0
lines changed

src/Symfony/Component/Routing/Loader/Psr4DirectoryLoader.php

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@
1515
use Symfony\Component\Config\Loader\DirectoryAwareLoaderInterface;
1616
use Symfony\Component\Config\Loader\Loader;
1717
use Symfony\Component\Config\Resource\DirectoryResource;
18+
use Symfony\Component\Routing\Exception\InvalidArgumentException;
1819
use Symfony\Component\Routing\RouteCollection;
1920

2021
/**
@@ -43,6 +44,10 @@ public function load(mixed $resource, ?string $type = null): ?RouteCollection
4344
return new RouteCollection();
4445
}
4546

47+
if (!preg_match('/^(?:[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*+\\\)++$/', trim($resource['namespace'], '\\').'\\')) {
48+
throw new InvalidArgumentException(\sprintf('Namespace "%s" is not a valid PSR-4 prefix.', $resource['namespace']));
49+
}
50+
4651
return $this->loadFromDirectory($path, trim($resource['namespace'], '\\'));
4752
}
4853

src/Symfony/Component/Routing/Tests/Loader/Psr4DirectoryLoaderTest.php

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@
1515
use Symfony\Component\Config\FileLocator;
1616
use Symfony\Component\Config\Loader\DelegatingLoader;
1717
use Symfony\Component\Config\Loader\LoaderResolver;
18+
use Symfony\Component\Routing\Exception\InvalidArgumentException;
1819
use Symfony\Component\Routing\Loader\AttributeClassLoader;
1920
use Symfony\Component\Routing\Loader\Psr4DirectoryLoader;
2021
use Symfony\Component\Routing\Route;
@@ -90,6 +91,34 @@ public static function provideNamespacesThatNeedTrimming(): array
9091
];
9192
}
9293

94+
/**
95+
* @dataProvider provideInvalidPsr4Namespaces
96+
*/
97+
public function testInvalidPsr4Namespace(string $namespace, string $expectedExceptionMessage)
98+
{
99+
$this->expectException(InvalidArgumentException::class);
100+
$this->expectExceptionMessage($expectedExceptionMessage);
101+
102+
$this->getLoader()->load(
103+
['path' => 'Psr4Controllers', 'namespace' => $namespace],
104+
'attribute'
105+
);
106+
}
107+
108+
public static function provideInvalidPsr4Namespaces(): array
109+
{
110+
return [
111+
'slash instead of back-slash' => [
112+
'namespace' => 'App\Application/Controllers',
113+
'exceptionMessage' => 'Namespace "App\Application/Controllers" is not a valid PSR-4 prefix.',
114+
],
115+
'invalid namespace' => [
116+
'namespace' => 'App\Contro llers',
117+
'exceptionMessage' => 'Namespace "App\Contro llers" is not a valid PSR-4 prefix.',
118+
],
119+
];
120+
}
121+
93122
private function loadPsr4Controllers(): RouteCollection
94123
{
95124
return $this->getLoader()->load(

0 commit comments

Comments
 (0)
0