1*7caad012SAndreas Gohr<?php 2*7caad012SAndreas Gohr 3*7caad012SAndreas Gohrnamespace dokuwiki\test; 4*7caad012SAndreas Gohr 5*7caad012SAndreas Gohruse dokuwiki\Input\Input; 6*7caad012SAndreas Gohruse dokuwiki\Ip; 7*7caad012SAndreas Gohr 8*7caad012SAndreas Gohrclass IpTest extends \DokuWikiTest { 9*7caad012SAndreas Gohr 10*7caad012SAndreas Gohr /** 11*7caad012SAndreas Gohr * The data provider for ipToNumber() tests. 12*7caad012SAndreas Gohr * 13*7caad012SAndreas Gohr * @return mixed[][] Returns an array of test cases. 14*7caad012SAndreas Gohr */ 15*7caad012SAndreas Gohr public function ip_to_number_provider() : array 16*7caad012SAndreas Gohr { 17*7caad012SAndreas Gohr $tests = [ 18*7caad012SAndreas Gohr ['127.0.0.1', 4, 0x00000000, 0x7f000001], 19*7caad012SAndreas Gohr ['::127.0.0.1', 6, 0x00000000, 0x7f000001], 20*7caad012SAndreas Gohr ['::1', 6, 0x00000000, 0x00000001], 21*7caad012SAndreas Gohr ['38AF:3033:AA39:CDE3:1A46:094C:44ED:5300', 6, 0x38AF3033AA39CDE3, 0x1A46094C44ED5300], 22*7caad012SAndreas Gohr ['193.53.125.7', 4, 0x00000000, 0xC1357D07], 23*7caad012SAndreas Gohr ]; 24*7caad012SAndreas Gohr 25*7caad012SAndreas Gohr return $tests; 26*7caad012SAndreas Gohr } 27*7caad012SAndreas Gohr 28*7caad012SAndreas Gohr /** 29*7caad012SAndreas Gohr * Test ipToNumber(). 30*7caad012SAndreas Gohr * 31*7caad012SAndreas Gohr * @dataProvider ip_to_number_provider 32*7caad012SAndreas Gohr * 33*7caad012SAndreas Gohr * @param string $ip The IP address to convert. 34*7caad012SAndreas Gohr * @param int $version The IP version, either 4 or 6. 35*7caad012SAndreas Gohr * @param int $upper The upper 64 bits of the IP. 36*7caad012SAndreas Gohr * @param int $lower The lower 64 bits of the IP. 37*7caad012SAndreas Gohr * 38*7caad012SAndreas Gohr * @return void 39*7caad012SAndreas Gohr */ 40*7caad012SAndreas Gohr public function test_ip_to_number(string $ip, int $version, int $upper, int $lower): void 41*7caad012SAndreas Gohr { 42*7caad012SAndreas Gohr $result = Ip::ipToNumber($ip); 43*7caad012SAndreas Gohr 44*7caad012SAndreas Gohr $this->assertSame($version, $result['version']); 45*7caad012SAndreas Gohr $this->assertSame($upper, $result['upper']); 46*7caad012SAndreas Gohr $this->assertSame($lower, $result['lower']); 47*7caad012SAndreas Gohr } 48*7caad012SAndreas Gohr 49*7caad012SAndreas Gohr /** 50*7caad012SAndreas Gohr * The data provider for test_ip_in_range(). 51*7caad012SAndreas Gohr * 52*7caad012SAndreas Gohr * @return mixed[][] Returns an array of test cases. 53*7caad012SAndreas Gohr */ 54*7caad012SAndreas Gohr public function ip_in_range_provider(): array 55*7caad012SAndreas Gohr { 56*7caad012SAndreas Gohr $tests = [ 57*7caad012SAndreas Gohr ['192.168.11.2', '192.168.0.0/16', true], 58*7caad012SAndreas Gohr ['192.168.11.2', '192.168.64.1/16', true], 59*7caad012SAndreas Gohr ['192.168.11.2', '192.168.64.1/18', false], 60*7caad012SAndreas Gohr ['192.168.11.2', '192.168.11.0/20', true], 61*7caad012SAndreas Gohr ['127.0.0.1', '127.0.0.0/7', true], 62*7caad012SAndreas Gohr ['127.0.0.1', '127.0.0.0/8', true], 63*7caad012SAndreas Gohr ['127.0.0.1', '127.200.0.0/8', true], 64*7caad012SAndreas Gohr ['127.0.0.1', '127.200.0.0/9', false], 65*7caad012SAndreas Gohr ['127.0.0.1', '127.0.0.0/31', true], 66*7caad012SAndreas Gohr ['127.0.0.1', '127.0.0.0/32', false], 67*7caad012SAndreas Gohr ['127.0.0.1', '127.0.0.1/32', true], 68*7caad012SAndreas Gohr ['1111:2222:3333:4444:5555:6666:7777:8888', '1110::/12', true], 69*7caad012SAndreas Gohr ['1110:2222:3333:4444:5555:6666:7777:8888', '1110::/12', true], 70*7caad012SAndreas Gohr ['1100:2222:3333:4444:5555:6666:7777:8888', '1110::/12', false], 71*7caad012SAndreas Gohr ['1111:2222:3333:4444:5555:6666:7777:8888', '1111:2222:3300::/40', true], 72*7caad012SAndreas Gohr ['1111:2222:3333:4444:5555:6666:7777:8888', '1111:2222:3200::/40', false], 73*7caad012SAndreas Gohr ['1111:2222:3333:4444:5555:6666:7777:8888', '1111:2222:3333:4444:5555:6666:7777:8889/127', true], 74*7caad012SAndreas Gohr ['1111:2222:3333:4444:5555:6666:7777:8888', '1111:2222:3333:4444:5555:6666:7777:8889/128', false], 75*7caad012SAndreas Gohr ['1111:2222:3333:4444:5555:6666:7777:8889', '1111:2222:3333:4444:5555:6666:7777:8889/128', true], 76*7caad012SAndreas Gohr ['abcd:ef0a:bcde:f0ab:cdef:0abc:def0:abcd', 'abcd:ef0a:bcde:f0ab:cdef:0abc:def0:abcd/128', true], 77*7caad012SAndreas Gohr ['abcd:ef0a:bcde:f0ab:cdef:0abc:def0:abce', 'abcd:ef0a:bcde:f0ab:cdef:0abc:def0:abcd/128', false], 78*7caad012SAndreas Gohr ]; 79*7caad012SAndreas Gohr 80*7caad012SAndreas Gohr return $tests; 81*7caad012SAndreas Gohr } 82*7caad012SAndreas Gohr 83*7caad012SAndreas Gohr /** 84*7caad012SAndreas Gohr * Test ipInRange(). 85*7caad012SAndreas Gohr * 86*7caad012SAndreas Gohr * @dataProvider ip_in_range_provider 87*7caad012SAndreas Gohr * 88*7caad012SAndreas Gohr * @param string $ip The IP to test. 89*7caad012SAndreas Gohr * @param string $range The IP range to test against. 90*7caad012SAndreas Gohr * @param bool $expected The expected result from ipInRange(). 91*7caad012SAndreas Gohr * 92*7caad012SAndreas Gohr * @return void 93*7caad012SAndreas Gohr */ 94*7caad012SAndreas Gohr public function test_ip_in_range(string $ip, string $range, bool $expected): void 95*7caad012SAndreas Gohr { 96*7caad012SAndreas Gohr $result = Ip::ipInRange($ip, $range); 97*7caad012SAndreas Gohr 98*7caad012SAndreas Gohr $this->assertSame($expected, $result); 99*7caad012SAndreas Gohr } 100*7caad012SAndreas Gohr 101*7caad012SAndreas Gohr /** 102*7caad012SAndreas Gohr * Data provider for test_ip_matches(). 103*7caad012SAndreas Gohr * 104*7caad012SAndreas Gohr * @return mixed[][] Returns an array of test cases. 105*7caad012SAndreas Gohr */ 106*7caad012SAndreas Gohr public function ip_matches_provider(): array 107*7caad012SAndreas Gohr { 108*7caad012SAndreas Gohr // Tests for a CIDR range. 109*7caad012SAndreas Gohr $rangeTests = $this->ip_in_range_provider(); 110*7caad012SAndreas Gohr 111*7caad012SAndreas Gohr // Tests for an exact IP match. 112*7caad012SAndreas Gohr $exactTests = [ 113*7caad012SAndreas Gohr ['127.0.0.1', '127.0.0.1', true], 114*7caad012SAndreas Gohr ['127.0.0.1', '127.0.0.0', false], 115*7caad012SAndreas Gohr ['aaaa:bbbb:cccc:dddd:eeee::', 'aaaa:bbbb:cccc:dddd:eeee:0000:0000:0000', true], 116*7caad012SAndreas Gohr ['aaaa:bbbb:cccc:dddd:eeee:0000:0000:0000', 'aaaa:bbbb:cccc:dddd:eeee::', true], 117*7caad012SAndreas Gohr ['aaaa:bbbb:0000:0000:0000:0000:0000:0001', 'aaaa:bbbb::1', true], 118*7caad012SAndreas Gohr ['aaaa:bbbb::0001', 'aaaa:bbbb::1', true], 119*7caad012SAndreas Gohr ['aaaa:bbbb::0001', 'aaaa:bbbb::', false], 120*7caad012SAndreas Gohr ['::ffff:127.0.0.1', '127.0.0.1', false], 121*7caad012SAndreas Gohr ['::ffff:127.0.0.1', '::0:ffff:127.0.0.1', true], 122*7caad012SAndreas Gohr ]; 123*7caad012SAndreas Gohr 124*7caad012SAndreas Gohr 125*7caad012SAndreas Gohr return array_merge($rangeTests, $exactTests); 126*7caad012SAndreas Gohr } 127*7caad012SAndreas Gohr 128*7caad012SAndreas Gohr /** 129*7caad012SAndreas Gohr * Test ipMatches(). 130*7caad012SAndreas Gohr * 131*7caad012SAndreas Gohr * @dataProvider ip_matches_provider 132*7caad012SAndreas Gohr * 133*7caad012SAndreas Gohr * @param string $ip The IP to test. 134*7caad012SAndreas Gohr * @param string $ipOrRange The IP or IP range to test against. 135*7caad012SAndreas Gohr * @param bool $expected The expeced result from ipMatches(). 136*7caad012SAndreas Gohr * 137*7caad012SAndreas Gohr * @return void 138*7caad012SAndreas Gohr */ 139*7caad012SAndreas Gohr public function test_ip_matches(string $ip, string $ipOrRange, bool $expected): void 140*7caad012SAndreas Gohr { 141*7caad012SAndreas Gohr $result = Ip::ipMatches($ip, $ipOrRange); 142*7caad012SAndreas Gohr 143*7caad012SAndreas Gohr $this->assertSame($expected, $result); 144*7caad012SAndreas Gohr } 145*7caad012SAndreas Gohr 146*7caad012SAndreas Gohr /** 147*7caad012SAndreas Gohr * Data provider for proxyIsTrusted(). 148*7caad012SAndreas Gohr * 149*7caad012SAndreas Gohr * @return mixed[][] Returns an array of test cases. 150*7caad012SAndreas Gohr */ 151*7caad012SAndreas Gohr public function proxy_is_trusted_provider(): array 152*7caad012SAndreas Gohr { 153*7caad012SAndreas Gohr // The new default configuration value. 154*7caad012SAndreas Gohr $default = ['::1', 'fe80::/10', '127.0.0.0/8', '10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16']; 155*7caad012SAndreas Gohr 156*7caad012SAndreas Gohr // Adding some custom trusted proxies. 157*7caad012SAndreas Gohr $custom = array_merge($default, ['1.2.3.4', '1122::', '3.0.0.1/8', '1111:2222::/32']); 158*7caad012SAndreas Gohr 159*7caad012SAndreas Gohr $tests = [ 160*7caad012SAndreas Gohr // Empty configuration. 161*7caad012SAndreas Gohr ['', '127.0.0.1', false], 162*7caad012SAndreas Gohr 163*7caad012SAndreas Gohr // Configuration with an array of IPs/CIDRs. 164*7caad012SAndreas Gohr [$default, '127.0.0.1', true], 165*7caad012SAndreas Gohr [$default, '127.1.2.3', true], 166*7caad012SAndreas Gohr [$default, '10.1.2.3', true], 167*7caad012SAndreas Gohr [$default, '11.1.2.3', false], 168*7caad012SAndreas Gohr [$default, '172.16.0.1', true], 169*7caad012SAndreas Gohr [$default, '172.160.0.1', false], 170*7caad012SAndreas Gohr [$default, '172.31.255.255', true], 171*7caad012SAndreas Gohr [$default, '172.32.0.0', false], 172*7caad012SAndreas Gohr [$default, '172.200.0.0', false], 173*7caad012SAndreas Gohr [$default, '192.168.2.3', true], 174*7caad012SAndreas Gohr [$default, '192.169.1.2', false], 175*7caad012SAndreas Gohr [$default, '::1', true], 176*7caad012SAndreas Gohr [$default, '0000:0000:0000:0000:0000:0000:0000:0001', true], 177*7caad012SAndreas Gohr 178*7caad012SAndreas Gohr // With custom proxies set. 179*7caad012SAndreas Gohr [$custom, '127.0.0.1', true], 180*7caad012SAndreas Gohr [$custom, '1.2.3.4', true], 181*7caad012SAndreas Gohr [$custom, '3.0.1.2', true], 182*7caad012SAndreas Gohr [$custom, '1122::', true], 183*7caad012SAndreas Gohr [$custom, '1122:0000:0000:0000:0000:0000:0000:0000', true], 184*7caad012SAndreas Gohr [$custom, '1111:2223::', false], 185*7caad012SAndreas Gohr [$custom, '1111:2222::', true], 186*7caad012SAndreas Gohr [$custom, '1111:2222:3333::', true], 187*7caad012SAndreas Gohr [$custom, '1111:2222:3333::1', true], 188*7caad012SAndreas Gohr ]; 189*7caad012SAndreas Gohr 190*7caad012SAndreas Gohr return $tests; 191*7caad012SAndreas Gohr } 192*7caad012SAndreas Gohr 193*7caad012SAndreas Gohr /** 194*7caad012SAndreas Gohr * Test proxyIsTrusted(). 195*7caad012SAndreas Gohr * 196*7caad012SAndreas Gohr * @dataProvider proxy_is_trusted_provider 197*7caad012SAndreas Gohr * 198*7caad012SAndreas Gohr * @param string|string[] $config The value for $conf[trustedproxies]. 199*7caad012SAndreas Gohr * @param string $ip The proxy IP to test. 200*7caad012SAndreas Gohr * @param bool $expected The expected result from proxyIsTrusted(). 201*7caad012SAndreas Gohr */ 202*7caad012SAndreas Gohr public function test_proxy_is_trusted($config, string $ip, bool $expected): void 203*7caad012SAndreas Gohr { 204*7caad012SAndreas Gohr global $conf; 205*7caad012SAndreas Gohr $conf['trustedproxies'] = $config; 206*7caad012SAndreas Gohr 207*7caad012SAndreas Gohr $result = Ip::proxyIsTrusted($ip); 208*7caad012SAndreas Gohr 209*7caad012SAndreas Gohr $this->assertSame($expected, $result); 210*7caad012SAndreas Gohr } 211*7caad012SAndreas Gohr 212*7caad012SAndreas Gohr /** 213*7caad012SAndreas Gohr * Data provider for test_forwarded_for(). 214*7caad012SAndreas Gohr * 215*7caad012SAndreas Gohr * @return mixed[][] Returns an array of test cases. 216*7caad012SAndreas Gohr */ 217*7caad012SAndreas Gohr public function forwarded_for_provider(): array 218*7caad012SAndreas Gohr { 219*7caad012SAndreas Gohr // The new default configuration value. 220*7caad012SAndreas Gohr $default = ['::1', 'fe80::/10', '127.0.0.0/8', '10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16']; 221*7caad012SAndreas Gohr 222*7caad012SAndreas Gohr // Adding some custom trusted proxies. 223*7caad012SAndreas Gohr $custom = array_merge($default, ['1.2.3.4', '1122::', '3.0.0.1/8', '1111:2222::/32']); 224*7caad012SAndreas Gohr 225*7caad012SAndreas Gohr $tests = [ 226*7caad012SAndreas Gohr // Empty config value should always return empty array. 227*7caad012SAndreas Gohr [[], '', '127.0.0.1', []], 228*7caad012SAndreas Gohr [[], '127.0.0.1', '127.0.0.1', []], 229*7caad012SAndreas Gohr 230*7caad012SAndreas Gohr // The new default configuration. 231*7caad012SAndreas Gohr [$default, '', '127.0.0.1', []], 232*7caad012SAndreas Gohr [$default, '1.2.3.4', '127.0.0.1', ['1.2.3.4', '127.0.0.1']], 233*7caad012SAndreas Gohr [$default, '1.2.3.4', '192.168.1.1', ['1.2.3.4', '192.168.1.1']], 234*7caad012SAndreas Gohr [$default, '1.2.3.4,172.16.0.1', '192.168.1.1', ['1.2.3.4', '172.16.0.1', '192.168.1.1']], 235*7caad012SAndreas Gohr [$default, '1.2.3.4,172.16.0.1', '::1', ['1.2.3.4', '172.16.0.1', '::1']], 236*7caad012SAndreas Gohr [$default, '1.2.3.4,172.16.0.1', '::0001', ['1.2.3.4', '172.16.0.1', '::0001']], 237*7caad012SAndreas Gohr 238*7caad012SAndreas Gohr // Directly from an untrusted proxy. 239*7caad012SAndreas Gohr [$default, '', '127.0.0.1', []], 240*7caad012SAndreas Gohr [$default, '1.2.3.4', '11.22.33.44', []], 241*7caad012SAndreas Gohr [$default, '::1', '11.22.33.44', []], 242*7caad012SAndreas Gohr [$default, '::1', '::2', []], 243*7caad012SAndreas Gohr 244*7caad012SAndreas Gohr // From a trusted proxy, but via an untrusted proxy. 245*7caad012SAndreas Gohr [$default, '1.2.3.4,11.22.33.44,172.16.0.1', '192.168.1.1', []], 246*7caad012SAndreas Gohr [$default, '1.2.3.4,::2,172.16.0.1', '::1', []], 247*7caad012SAndreas Gohr 248*7caad012SAndreas Gohr // A custom configuration. 249*7caad012SAndreas Gohr [$custom, '', '127.0.0.1', []], 250*7caad012SAndreas Gohr [$custom, '1.2.3.4', '127.0.0.1', ['1.2.3.4', '127.0.0.1']], 251*7caad012SAndreas Gohr [$custom, '1.2.3.4', '192.168.1.1', ['1.2.3.4', '192.168.1.1']], 252*7caad012SAndreas Gohr [$custom, '1.2.3.4,172.16.0.1', '192.168.1.1', ['1.2.3.4', '172.16.0.1', '192.168.1.1']], 253*7caad012SAndreas Gohr [$custom, '1.2.3.4,172.16.0.1', '::1', ['1.2.3.4', '172.16.0.1', '::1']], 254*7caad012SAndreas Gohr [$custom, '1.2.3.4,172.16.0.1', '::0001', ['1.2.3.4', '172.16.0.1', '::0001']], 255*7caad012SAndreas Gohr 256*7caad012SAndreas Gohr // Directly from an untrusted proxy. 257*7caad012SAndreas Gohr [$custom, '', '127.0.0.1', []], 258*7caad012SAndreas Gohr [$custom, '1.2.3.4', '11.22.33.44', []], 259*7caad012SAndreas Gohr [$custom, '::1', '11.22.33.44', []], 260*7caad012SAndreas Gohr [$custom, '::1', '::2', []], 261*7caad012SAndreas Gohr 262*7caad012SAndreas Gohr // From a trusted proxy, but via an untrusted proxy. 263*7caad012SAndreas Gohr [$custom, '1.2.3.4,11.22.33.44,172.16.0.1', '192.168.1.1', []], 264*7caad012SAndreas Gohr [$custom, '1.2.3.4,::2,172.16.0.1', '::1', []], 265*7caad012SAndreas Gohr 266*7caad012SAndreas Gohr // Via a custom proxy. 267*7caad012SAndreas Gohr [$custom, '11.2.3.4,3.1.2.3,172.16.0.1', '192.168.1.1', ['11.2.3.4', '3.1.2.3', '172.16.0.1', '192.168.1.1']], 268*7caad012SAndreas Gohr [$custom, '11.2.3.4,1122::,172.16.0.1', '3.0.0.1', ['11.2.3.4', '1122::', '172.16.0.1', '3.0.0.1']], 269*7caad012SAndreas Gohr [$custom, '11.2.3.4,1122::,172.16.0.1', '1111:2222:3333::', ['11.2.3.4', '1122::', '172.16.0.1', '1111:2222:3333::']], 270*7caad012SAndreas Gohr ]; 271*7caad012SAndreas Gohr 272*7caad012SAndreas Gohr return $tests; 273*7caad012SAndreas Gohr } 274*7caad012SAndreas Gohr 275*7caad012SAndreas Gohr /** 276*7caad012SAndreas Gohr * Test forwardedFor(). 277*7caad012SAndreas Gohr * 278*7caad012SAndreas Gohr * @dataProvider forwarded_for_provider 279*7caad012SAndreas Gohr * 280*7caad012SAndreas Gohr * @param string|string[] $config The trustedproxies config value. 281*7caad012SAndreas Gohr * @param string $header The X-Forwarded-For header value. 282*7caad012SAndreas Gohr * @param string $remoteAddr The TCP/IP peer address. 283*7caad012SAndreas Gohr * @param array $expected The expected result from forwardedFor(). 284*7caad012SAndreas Gohr * 285*7caad012SAndreas Gohr * @return void 286*7caad012SAndreas Gohr */ 287*7caad012SAndreas Gohr public function test_forwarded_for($config, string $header, string $remoteAddr, array $expected): void 288*7caad012SAndreas Gohr { 289*7caad012SAndreas Gohr /* @var Input $INPUT */ 290*7caad012SAndreas Gohr global $INPUT, $conf; 291*7caad012SAndreas Gohr 292*7caad012SAndreas Gohr $conf['trustedproxies'] = $config; 293*7caad012SAndreas Gohr $INPUT->server->set('HTTP_X_FORWARDED_FOR', $header); 294*7caad012SAndreas Gohr $INPUT->server->set('REMOTE_ADDR', $remoteAddr); 295*7caad012SAndreas Gohr 296*7caad012SAndreas Gohr $result = Ip::forwardedFor(); 297*7caad012SAndreas Gohr 298*7caad012SAndreas Gohr $this->assertSame($expected, $result); 299*7caad012SAndreas Gohr } 300*7caad012SAndreas Gohr 301*7caad012SAndreas Gohr /** 302*7caad012SAndreas Gohr * Data provider for test_is_ssl(). 303*7caad012SAndreas Gohr * 304*7caad012SAndreas Gohr * @return mixed[][] Returns an array of test cases. 305*7caad012SAndreas Gohr */ 306*7caad012SAndreas Gohr public function is_ssl_provider(): array 307*7caad012SAndreas Gohr { 308*7caad012SAndreas Gohr // The new default configuration value. 309*7caad012SAndreas Gohr $default = ['::1', 'fe80::/10', '127.0.0.0/8', '10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16']; 310*7caad012SAndreas Gohr 311*7caad012SAndreas Gohr $tests = [ 312*7caad012SAndreas Gohr // Running behind an SSL proxy, HTTP between server and proxy 313*7caad012SAndreas Gohr // Proxy (REMOTE_ADDR) is matched by trustedproxies config 314*7caad012SAndreas Gohr // HTTPS not set, HTTP_X_FORWARDED_PROTO set to https 315*7caad012SAndreas Gohr [$default, '127.0.0.1', '', 'https', true], 316*7caad012SAndreas Gohr 317*7caad012SAndreas Gohr // Running behind an SSL proxy, HTTP between server and proxy 318*7caad012SAndreas Gohr // Proxy (REMOTE_ADDR) is not matched by trustedproxies config 319*7caad012SAndreas Gohr // HTTPS not set, HTTP_X_FORWARDED_PROTO set to https 320*7caad012SAndreas Gohr [[], '8.8.8.8', '', 'https', false], 321*7caad012SAndreas Gohr 322*7caad012SAndreas Gohr // Running behind a plain HTTP proxy, HTTP between server and proxy 323*7caad012SAndreas Gohr // HTTPS not set, HTTP_X_FORWARDED_PROTO set to http 324*7caad012SAndreas Gohr [$default, '127.0.0.1', '', 'http', false], 325*7caad012SAndreas Gohr 326*7caad012SAndreas Gohr // Running behind an SSL proxy, HTTP between server and proxy 327*7caad012SAndreas Gohr // HTTPS set to off, HTTP_X_FORWARDED_PROTO set to https 328*7caad012SAndreas Gohr [$default, '127.0.0.1', 'off', 'https', true], 329*7caad012SAndreas Gohr 330*7caad012SAndreas Gohr // Not running behind a proxy, HTTPS server 331*7caad012SAndreas Gohr // HTTPS set to on, HTTP_X_FORWARDED_PROTO not set 332*7caad012SAndreas Gohr [[], '8.8.8.8', 'on', '', true], 333*7caad012SAndreas Gohr 334*7caad012SAndreas Gohr // Not running behind a proxy, plain HTTP server 335*7caad012SAndreas Gohr // HTTPS not set, HTTP_X_FORWARDED_PROTO not set 336*7caad012SAndreas Gohr [[], '8.8.8.8', '', '', false], 337*7caad012SAndreas Gohr 338*7caad012SAndreas Gohr // Not running behind a proxy, plain HTTP server 339*7caad012SAndreas Gohr // HTTPS set to off, HTTP_X_FORWARDED_PROTO not set 340*7caad012SAndreas Gohr [[], '8.8.8.8', 'off', '', false], 341*7caad012SAndreas Gohr 342*7caad012SAndreas Gohr // Running behind an SSL proxy, SSL between proxy and HTTP server 343*7caad012SAndreas Gohr // HTTPS set to on, HTTP_X_FORWARDED_PROTO set to https 344*7caad012SAndreas Gohr [$default, '127.0.0.1', 'on', 'https', true], 345*7caad012SAndreas Gohr ]; 346*7caad012SAndreas Gohr 347*7caad012SAndreas Gohr return $tests; 348*7caad012SAndreas Gohr } 349*7caad012SAndreas Gohr 350*7caad012SAndreas Gohr /** 351*7caad012SAndreas Gohr * Test isSsl(). 352*7caad012SAndreas Gohr * 353*7caad012SAndreas Gohr * @dataProvider is_ssl_provider 354*7caad012SAndreas Gohr * 355*7caad012SAndreas Gohr * @param string|string[] $config The trustedproxies config value. 356*7caad012SAndreas Gohr * @param string $remoteAddr The REMOTE_ADDR value. 357*7caad012SAndreas Gohr * @param string $https The HTTPS value. 358*7caad012SAndreas Gohr * @param string $forwardedProto The HTTP_X_FORWARDED_PROTO value. 359*7caad012SAndreas Gohr * @param bool $expected The expected result from isSsl(). 360*7caad012SAndreas Gohr * 361*7caad012SAndreas Gohr * @return void 362*7caad012SAndreas Gohr */ 363*7caad012SAndreas Gohr public function test_is_ssl($config, string $remoteAddr, string $https, string $forwardedProto, bool $expected): void 364*7caad012SAndreas Gohr { 365*7caad012SAndreas Gohr /* @var Input $INPUT */ 366*7caad012SAndreas Gohr global $INPUT, $conf; 367*7caad012SAndreas Gohr 368*7caad012SAndreas Gohr $conf['trustedproxies'] = $config; 369*7caad012SAndreas Gohr $INPUT->server->set('REMOTE_ADDR', $remoteAddr); 370*7caad012SAndreas Gohr $INPUT->server->set('HTTPS', $https); 371*7caad012SAndreas Gohr $INPUT->server->set('HTTP_X_FORWARDED_PROTO', $forwardedProto); 372*7caad012SAndreas Gohr 373*7caad012SAndreas Gohr $result = Ip::isSsl(); 374*7caad012SAndreas Gohr 375*7caad012SAndreas Gohr $this->assertSame($expected, $result); 376*7caad012SAndreas Gohr } 377*7caad012SAndreas Gohr 378*7caad012SAndreas Gohr /** 379*7caad012SAndreas Gohr * Data provider for test_host_name(). 380*7caad012SAndreas Gohr * 381*7caad012SAndreas Gohr * @return mixed[][] Returns an array of test cases. 382*7caad012SAndreas Gohr */ 383*7caad012SAndreas Gohr public function host_name_provider(): array 384*7caad012SAndreas Gohr { 385*7caad012SAndreas Gohr // The new default configuration value. 386*7caad012SAndreas Gohr $default = ['::1', 'fe80::/10', '127.0.0.0/8', '10.0.0.0/8', '172.16.0.0/12', '192.168.0.0/16']; 387*7caad012SAndreas Gohr 388*7caad012SAndreas Gohr $tests = [ 389*7caad012SAndreas Gohr // X-Forwarded-Host with trusted proxy 390*7caad012SAndreas Gohr [$default, '127.0.0.1', 'proxy.example.com', 'www.example.com', 'server.local', 'proxy.example.com'], 391*7caad012SAndreas Gohr 392*7caad012SAndreas Gohr // X-Forwarded-Host with untrusted proxy (should fall back to HTTP_HOST) 393*7caad012SAndreas Gohr [[], '8.8.8.8', 'proxy.example.com', 'www.example.com', 'server.local', 'www.example.com'], 394*7caad012SAndreas Gohr 395*7caad012SAndreas Gohr // No X-Forwarded-Host, use HTTP_HOST 396*7caad012SAndreas Gohr [$default, '127.0.0.1', '', 'www.example.com', 'server.local', 'www.example.com'], 397*7caad012SAndreas Gohr 398*7caad012SAndreas Gohr // No X-Forwarded-Host or HTTP_HOST, use SERVER_NAME 399*7caad012SAndreas Gohr [$default, '127.0.0.1', '', '', 'server.local', 'server.local'], 400*7caad012SAndreas Gohr 401*7caad012SAndreas Gohr // No headers set, should fall back to system hostname 402*7caad012SAndreas Gohr [$default, '127.0.0.1', '', '', '', php_uname('n')], 403*7caad012SAndreas Gohr ]; 404*7caad012SAndreas Gohr 405*7caad012SAndreas Gohr return $tests; 406*7caad012SAndreas Gohr } 407*7caad012SAndreas Gohr 408*7caad012SAndreas Gohr /** 409*7caad012SAndreas Gohr * Test hostName(). 410*7caad012SAndreas Gohr * 411*7caad012SAndreas Gohr * @dataProvider host_name_provider 412*7caad012SAndreas Gohr * 413*7caad012SAndreas Gohr * @param string|string[] $config The trustedproxies config value. 414*7caad012SAndreas Gohr * @param string $remoteAddr The REMOTE_ADDR value. 415*7caad012SAndreas Gohr * @param string $forwardedHost The HTTP_X_FORWARDED_HOST value. 416*7caad012SAndreas Gohr * @param string $httpHost The HTTP_HOST value. 417*7caad012SAndreas Gohr * @param string $serverName The SERVER_NAME value. 418*7caad012SAndreas Gohr * @param string $expected The expected result from hostName(). 419*7caad012SAndreas Gohr * 420*7caad012SAndreas Gohr * @return void 421*7caad012SAndreas Gohr */ 422*7caad012SAndreas Gohr public function test_host_name($config, string $remoteAddr, string $forwardedHost, string $httpHost, string $serverName, string $expected): void 423*7caad012SAndreas Gohr { 424*7caad012SAndreas Gohr /* @var Input $INPUT */ 425*7caad012SAndreas Gohr global $INPUT, $conf; 426*7caad012SAndreas Gohr 427*7caad012SAndreas Gohr $conf['trustedproxies'] = $config; 428*7caad012SAndreas Gohr $INPUT->server->set('REMOTE_ADDR', $remoteAddr); 429*7caad012SAndreas Gohr $INPUT->server->set('HTTP_X_FORWARDED_HOST', $forwardedHost); 430*7caad012SAndreas Gohr $INPUT->server->set('HTTP_HOST', $httpHost); 431*7caad012SAndreas Gohr $INPUT->server->set('SERVER_NAME', $serverName); 432*7caad012SAndreas Gohr 433*7caad012SAndreas Gohr $result = Ip::hostName(); 434*7caad012SAndreas Gohr 435*7caad012SAndreas Gohr $this->assertSame($expected, $result); 436*7caad012SAndreas Gohr } 437*7caad012SAndreas Gohr} 438