8000 minor #42316 [Security] Fix str_contains type mismatch in ChannelList… · symfony/symfony@af897a1 · GitHub
[go: up one dir, main page]
Skip to content

Commit af897a1

Browse files
fabpotfabpot
committed
minor #42316 [Security] Fix str_contains type mismatch in ChannelListener (bobvandevijver)
This PR was squashed before being merged into the 4.4 branch. Discussion ---------- [Security] Fix str_contains type mismatch in ChannelListener | Q | A | ------------- | --- | Branch? | 4.4 | Bug fix? | yes | New feature? | no | Deprecations? | no | Tickets | Fix #42300, Part of #41552 | License | MIT | Doc PR | - Also use a default empty string in the `ChannelListener` before using `str_contains`. Commits ------- 28ae62d [Security] Fix str_contains type mismatch in ChannelListener
2 parents f930c63 + 28ae62d commit af897a1

File tree

2 files changed

+28
-1
lines changed

2 files changed

+28
-1
lines changed

src/Symfony/Component/Security/Http/Firewall/ChannelListener.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,7 @@ public function supports(Request $request): ?bool
5151
if (null !== $this->logger) {
5252
if ('https' === $request->headers->get('X-Forwarded-Proto')) {
5353
$this->logger->info('Redirecting to HTTPS. ("X-Forwarded-Proto" header is set to "https" - did you set "trusted_proxies" correctly?)');
54-
} elseif (str_contains($request->headers->get('Forwarded'), 'proto=https')) {
54+
} elseif (str_contains($request->headers->get('Forwarded', ''), 'proto=https')) {
5555
$this->logger->info('Redirecting to HTTPS. ("Forwarded" header is set to "proto=https" - did you set "trusted_proxies" correctly?)');
5656
} else {
5757
$this->logger->info('Redirecting to HTTPS.');

src/Symfony/Component/Security/Http/Tests/Firewall/ChannelListenerTest.php

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,8 @@
1212
namespace Symfony\Component\Security\Http\Tests\Firewall;
1313

1414
use PHPUnit\Framework\TestCase;
15+
use Psr\Log\NullLogger;
16+
use Symfony\Component\HttpFoundation\HeaderBag;
1517
use Symfony\Component\HttpFoundation\Request;
1618
use Symfony\Component\HttpFoundation\Response;
1719
use Symfony\Component\HttpKernel\Event\RequestEvent;
@@ -153,4 +155,29 @@ public function testHandleWithSecuredRequestAndHttpChannel()
153155

154156
$this->assertSame($response, $event->getResponse());
155157
}
158+
159+
public function testSupportsWithoutHeaders()
160+
{
161+
$request = $this->createMock(Request::class);
162+
$request
163+
->expects($this->any())
164+
->method('isSecure')
165+
->willReturn(false)
166+
;
167+
$request->headers = new HeaderBag();
168+
169+
$accessMap = $this->createMock(AccessMapInterface::class);
170+
$accessMap
171+
->expects($this->any())
172+
->method('getPatterns')
173+
->with($this->equalTo($request))
174+
->willReturn([[], 'https'])
175+
;
176+
177+
$entryPoint = $this->createMock(AuthenticationEntryPointInterface::class);
178+
179+
$listener = new ChannelListener($accessMap, $entryPoint, new NullLogger());
180+
181+
$this->assertTrue($listener->supports($request));
182+
}
156183
}

0 commit comments

Comments
 (0)
0