8000 Merge branch '7.0' into 7.1 · symfony/symfony@9482c97 · GitHub
[go: up one dir, main page]
Skip to content

Commit 9482c97

Browse files
wouterjwouterj
committed
Merge branch '7.0' into 7.1
* 7.0: [Security][Tests] Update functional tests to better reflect end-user scenarios [Clock] Add PHPUnit 10 attributes [AssetMapper] Fix `JavaScriptImportPathCompiler` regression in regex [HttpClient] Fix deprecation on PHP 8.3 [Mailer][Brevo] Remove tags from mandatory event arguments [Validator] Simplify `NoSuspiciousCharactersValidator`
2 parents 3a02e21 + e770fba commit 9482c97

File tree

8 files changed

+56
-39
lines changed

8 files changed

+56
-39
lines changed

src/Symfony/Bundle/SecurityBundle/Tests/Functional/AuthenticatorTest.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -111,13 +111,13 @@ public function testCustomFailureHandler()
111111

112112
$client->request('POST', '/firewall1/login', [
113113
'_username' => 'jane@example.org',
114-
'_password' => '',
114+
'_password' => 'wrong',
115115
]);
116116
$this->assertResponseRedirects('http://localhost/firewall1/login');
117117

118118
$client->request('POST', '/firewall1/dummy_login', [
119119
'_username' => 'jane@example.org',
120-
'_password' => '',
120+
'_password' => 'wrong',
121121
]);
122122
$this->assertResponseRedirects('http://localhost/firewall1/dummy_login');
123123
}

src/Symfony/Bundle/SecurityBundle/Tests/Functional/CsrfFormLoginTest.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -68,6 +68,8 @@ public function testFormLoginWithInvalidCsrfToken($options)
6868
});
6969

7070
$form = $client->request('GET', '/login')->selectButton('login')->form();
71+
$form['user_login[username]'] = 'johannes';
72+
$form['user_login[password]'] = 'test';
7173
$form['user_login[_token]'] = '';
7274
$client->submit($form);
7375

src/Symfony/Component/AssetMapper/Compiler/JavaScriptImportPathCompiler.php

Lines changed: 5 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -28,16 +28,15 @@
2828
final class JavaScriptImportPathCompiler implements AssetCompilerInterface
2929
{
3030
/**
31-
* @see https://regex101.com/r/1iBAIb/1
31+
* @see https://regex101.com/r/1iBAIb/2
3232
*/
3333
private const IMPORT_PATTERN = '/
34-
^
35-
(?:\/\/.*) # Lines that start with comments
34+
^(?:\/\/.*) # Lines that start with comments
3635
|
3736
(?:
38-
\'(?:[^\'\\\\\n]|\\\\.)*\' # Strings enclosed in single quotes
37+
\'(?:[^\'\\\\\n]|\\\\.)*+\' # Strings enclosed in single quotes
3938
|
40-
"(?:[^"\\\\\n]|\\\\.)*" # Strings enclosed in double quotes
39+
"(?:[^"\\\\\n]|\\\\.)*+" # Strings enclosed in double quotes
4140
)
4241
|
4342
(?: # Import statements (script captured)
@@ -49,7 +48,7 @@ final class JavaScriptImportPathCompiler implements AssetCompilerInterface
4948
|
5049
\bimport\(
5150
)
52-
\s*[\'"`](\.\/[^\'"`\n]+|(\.\.\/)*[^\'"`\n]+)[\'"`]\s*[;\)]
51+
\s*[\'"`](\.\/[^\'"`\n]++|(\.\.\/)*+[^\'"`\n]++)[\'"`]\s*[;\)]
5352
?
5453
/mx';
5554

src/Symfony/Component/Clock/Test/ClockSensitiveTrait.php

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,9 @@
1111

1212
namespace Symfony\Component\Clock\Test;
1313

14+
use PHPUnit\Framework\Attributes\After;
15+
use PHPUnit\Framework\Attributes\Before;
16+
use PHPUnit\Framework\Attributes\BeforeClass;
1417
use Symfony\Component\Clock\ClockInterface;
1518
use Symfony\Component\Clock\Clock;
1619
use Symfony\Component\Clock\MockClock;
@@ -48,6 +51,8 @@ public static function mockTime(string|\DateTimeImmutable|bool $when = true): Cl
4851
*
4952
* @internal
5053
*/
54+
#[Before]
55+
#[BeforeClass]
5156
public static function saveClockBeforeTest(bool $save = true): ClockInterface
5257
{
5358
static $originalClock;
@@ -64,6 +69,7 @@ public static function saveClockBeforeTest(bool $save = true): ClockInterface
6469
*
6570
* @internal
6671
*/
72+
#[After]
6773
protected static function restoreClockAfterTest(): void
6874
{
6975
F438 Clock::set(self::saveClockBeforeTest(false));

src/Symfony/Component/HttpClient/NativeHttpClient.php

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -404,7 +404,11 @@ private static function createRedirectResolver(array $options, string $host, str
404404
$redirectHeaders['no_auth'] = array_filter($redirectHeaders['no_auth'], $filterContentHeaders);
405405
$redirectHeaders['with_auth'] = array_filter($redirectHeaders['with_auth'], $filterContentHeaders);
406406

407-
stream_context_set_option($context, ['http' => $options]);
407+
if (\PHP_VERSION_ID >= 80300) {
408+
stream_context_set_options($context, ['http' => $options]);
409+
} else {
410+
stream_context_set_option($context, ['http' => $options]);
411+
}
408412
}
409413
}
410414

src/Symfony/Component/Mailer/Bridge/Brevo/Webhook/BrevoRequestParser.php

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,6 @@ protected function doParse(Request $request, #[\SensitiveParameter] string $secr
4949
|| !isset($content['email'])
5050
|| !isset($content['message-id'])
5151
|| !isset($content['ts_event'])
52-
|| !isset($content['tags'])
5352
) {
5453
throw new RejectWebhookException(406, 'Payload is malformed.');
5554
}

src/Symfony/Component/Validator/Constraints/NoSuspiciousCharactersValidator.php

Lines changed: 3 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@
1818
use Symfony\Component\Validator\Exception\UnexpectedValueException;
1919

2020
/**
21-
* @author Mathieu Lechat <mathieu.lechat@les-tilleuls.coop>
21+
* @author Mathieu Lechat <math.lechat@gmail.com>
2222
*/
2323
class NoSuspiciousCharactersValidator extends ConstraintValidator
2424
{
@@ -94,18 +94,12 @@ public function validate(mixed $value, Constraint $constraint): void
9494

9595
$checker->setChecks($checks);
9696

97-
if (!$checker->isSuspicious($value)) {
97+
if (!$checker->isSuspicious($value, $errorCode)) {
9898
return;
9999
}
100100

101101
foreach (self::CHECK_ERROR as $check => $error) {
102-
if (!($checks & $check)) {
103-
continue;
104-
}
105-
106-
$checker->setChecks($check);
107-
108-
if (!$checker->isSuspicious($value)) {
102+
if (!($errorCode & $check)) {
109103
continue;
110104
}
111105

src/Symfony/Component/Validator/Tests/Constraints/NoSuspiciousCharactersValidatorTest.php

Lines changed: 33 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -56,23 +56,31 @@ public static function provideNonSuspiciousStrings(): iterable
5656
/**
5757
* @dataProvider provideSuspiciousStrings
5858
*/
59-
public function testSuspiciousStrings(string $string, array $options, string $errorCode, string $errorMessage)
59+
public function testSuspiciousStrings(string $string, array $options, array $errors)
6060
{
6161
$this->validator->validate($string, new NoSuspiciousCharacters($options));
6262

63-
$this->buildViolation($errorMessage)
64-
->setCode($errorCode)
63+
$violations = $this->buildViolation(reset($errors))
64+
->setCode(key($errors))
6565
->setParameter('{{ value }}', '"'.$string.'"')
66-
->assertRaised();
66+
;
67+
68+
while ($message = next($errors)) {
69+
$violations = $violations->buildNextViolation($message)
70+
->setCode(key($errors))
71+
->setParameter('{{ value }}', '"'.$string.'"')
72+
;
73+
}
74+
75+
$violations->assertRaised();
6776
}
6877

6978
public static function provideSuspiciousStrings(): iterable
7079
{
7180
yield 'Fails RESTRICTION_LEVEL check because of character outside ASCII range' => [
7281
'à',
7382
['restrictionLevel' => NoSuspiciousCharacters::RESTRICTION_LEVEL_ASCII],
74-
NoSuspiciousCharacters::RESTRICTION_LEVEL_ERROR,
75-
'This value contains characters that are not allowed by the current restriction-level.',
83+
[NoSuspiciousCharacters::RESTRICTION_LEVEL_ERROR => 'This value contains characters that are not allowed by the current restriction-level.'],
7684
];
7785

7886
yield 'Fails RESTRICTION_LEVEL check because of mixed-script string' => [
@@ -81,8 +89,7 @@ public static function provideSuspiciousStrings(): iterable
8189
'restrictionLevel' => NoSuspiciousCharacters::RESTRICTION_LEVEL_SINGLE_SCRIPT,
8290
'locales' => ['en', 'zh_Hant_TW'],
8391
],
84-
NoSuspiciousCharacters::RESTRICTION_LEVEL_ERROR,
85-
'This value contains characters that are not allowed by the current restriction-level.',
92+
[NoSuspiciousCharacters::RESTRICTION_LEVEL_ERROR => 'This value contains characters that are not allowed by the current restriction-level.'],
8693
];
8794

8895
yield 'Fails RESTRICTION_LEVEL check because RESTRICTION_LEVEL_HIGH disallows Armenian script' => [
@@ -91,8 +98,7 @@ public static function provideSuspiciousStrings(): iterable
9198
'restrictionLevel' => NoSuspiciousCharacters::RESTRICTION_LEVEL_HIGH,
9299
'locales' => ['en', 'hy_AM'],
93100
],
94-
NoSuspiciousCharacters::RESTRICTION_LEVEL_ERROR,
95-
'This value contains characters that are not allowed by the current restriction-level.',
101+
[NoSuspiciousCharacters::RESTRICTION_LEVEL_ERROR => 'This value contains characters that are not allowed by the current restriction-level.'],
96102
];
97103

98104
yield 'Fails RESTRICTION_LEVEL check because RESTRICTION_LEVEL_MODERATE disallows Greek script' => [
@@ -101,8 +107,7 @@ public static function provideSuspiciousStrings(): iterable
101107
'restrictionLevel' => NoSuspiciousCharacters::RESTRICTION_LEVEL_MODERATE,
102108
'locales' => ['en', 'el_GR'],
103109
],
104-
NoSuspiciousCharacters::RESTRICTION_LEVEL_ERROR,
105-
'This value contains characters that are not allowed by the current restriction-level.',
110+
[NoSuspiciousCharacters::RESTRICTION_LEVEL_ERROR => 'This value contains characters that are not allowed by the current restriction-level.'],
106111
];
107112

108113
yield 'Fails RESTRICTION_LEVEL check because of characters missing from the configured locales’ scripts' => [
@@ -111,35 +116,43 @@ public static function provideSuspiciousStrings(): iterable
111116
'restrictionLevel' => NoSuspiciousCharacters::RESTRICTION_LEVEL_MINIMAL,
112117
'locales' => ['en'],
113118
],
114-
NoSuspiciousCharacters::RESTRICTION_LEVEL_ERROR,
115-
'This value contains characters that are not allowed by the current restriction-level.',
119+
[NoSuspiciousCharacters::RESTRICTION_LEVEL_ERROR => 'This value contains characters that are not allowed by the current restriction-level.'],
116120
];
117121

118122
yield 'Fails INVISIBLE check because of duplicated non-spacing mark' => [
119123
'à̀',
120124
[
121125
'checks' => NoSuspiciousCharacters::CHECK_INVISIBLE,
122126
],
123-
NoSuspiciousCharacters::INVISIBLE_ERROR,
124-
'Using invisible characters is not allowed.',
127+
[NoSuspiciousCharacters::INVISIBLE_ERROR => 'Using invisible characters is not allowed.'],
125128
];
126129

127130
yield 'Fails MIXED_NUMBERS check because of different numbering systems' => [
128131
'8৪',
129132
[
130133
'checks' => NoSuspiciousCharacters::CHECK_MIXED_NUMBERS,
131134
],
132-
NoSuspiciousCharacters::MIXED_NUMBERS_ERROR,
133-
'Mixing numbers from different scripts is not allowed.',
135+
[NoSuspiciousCharacters::MIXED_NUMBERS_ERROR => 'Mixing numbers from different scripts is not allowed.'],
134136
];
135137

136138
yield 'Fails HIDDEN_OVERLAY check because of hidden combining character' => [
137139
'',
138140
[
139141
'checks' => NoSuspiciousCharacters::CHECK_HIDDEN_OVERLAY,
140142
],
141-
NoSuspiciousCharacters::HIDDEN_OVERLAY_ERROR,
142-
'Using hidden overlay characters is not allowed.',
143+
[NoSuspiciousCharacters::HIDDEN_OVERLAY_ERROR => 'Using hidden overlay characters is not allowed.'],
144+
];
145+
146+
yield 'Fails both HIDDEN_OVERLAY and RESTRICTION_LEVEL checks' => [
147+
'',
148+
[
149+
'checks' => NoSuspiciousCharacters::CHECK_HIDDEN_OVERLAY,
150+
'restrictionLevel' => NoSuspiciousCharacters::RESTRICTION_LEVEL_ASCII,
151+
],
152+
[
153+
NoSuspiciousCharacters::RESTRICTION_LEVEL_ERROR => 'This value contains characters that are not allowed by the current restriction-level.',
154+
NoSuspiciousCharacters::HIDDEN_OVERLAY_ERROR => 'Using hidden overlay characters is not allowed.',
155+
],
143156
];
144157
}
145158

0 commit comments

Comments
 (0)
0