Removing a method that isn't available in sockets and fixing validation and tests
This commit is contained in:
Mike Almond
parent
532323c497
commit
6374bb3dac
@ -18,7 +18,6 @@ class FlashPolicyComponent implements MessageComponentInterface {
|
|||||||
|
|
||||||
protected $_policy = '<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy></cross-domain-policy>';
|
protected $_policy = '<?xml version="1.0"?><!DOCTYPE cross-domain-policy SYSTEM "http://www.adobe.com/xml/dtds/cross-domain-policy.dtd"><cross-domain-policy></cross-domain-policy>';
|
||||||
protected $_access = array();
|
protected $_access = array();
|
||||||
protected $_headers = array();
|
|
||||||
protected $_siteControl = '';
|
protected $_siteControl = '';
|
||||||
|
|
||||||
protected $_cache = '';
|
protected $_cache = '';
|
||||||
@ -37,7 +36,7 @@ class FlashPolicyComponent implements MessageComponentInterface {
|
|||||||
public function onMessage(ConnectionInterface $from, $msg) {
|
public function onMessage(ConnectionInterface $from, $msg) {
|
||||||
|
|
||||||
if (!$this->_cacheValid) {
|
if (!$this->_cacheValid) {
|
||||||
$this->_cache = $this->renderPolicy()->asXML();
|
$this->_cache = $this->renderPolicy()->asXML();
|
||||||
$this->_cacheValid = true;
|
$this->_cacheValid = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -66,26 +65,27 @@ class FlashPolicyComponent implements MessageComponentInterface {
|
|||||||
return new CloseConnection($conn);
|
return new CloseConnection($conn);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* setSiteControl function.
|
* setSiteControl function.
|
||||||
*
|
*
|
||||||
* @access public
|
* @access public
|
||||||
* @param string $permittedCrossDomainPolicies (default: 'all')
|
* @param string $permittedCrossDomainPolicies (default: 'all')
|
||||||
* @return void
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function setSiteControl($permittedCrossDomainPolicies = 'all') {
|
public function setSiteControl($permittedCrossDomainPolicies = 'all') {
|
||||||
if (!$this->validateSiteControl($permittedCrossDomainPolicies)) {
|
if (!$this->validateSiteControl($permittedCrossDomainPolicies)) {
|
||||||
throw new \UnexpectedValueException('Invalid site control set');
|
throw new \UnexpectedValueException('Invalid site control set');
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
$this->_siteControl = $permittedCrossDomainPolicies;
|
$this->_siteControl = $permittedCrossDomainPolicies;
|
||||||
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* renderPolicy function.
|
* renderPolicy function.
|
||||||
*
|
*
|
||||||
* @access public
|
* @access public
|
||||||
* @return void
|
* @return SimpleXMLElement
|
||||||
*/
|
*/
|
||||||
public function renderPolicy() {
|
public function renderPolicy() {
|
||||||
|
|
||||||
@ -111,14 +111,6 @@ class FlashPolicyComponent implements MessageComponentInterface {
|
|||||||
$tmp->addAttribute('secure', ($access[2] == true) ? 'true' : 'false');
|
$tmp->addAttribute('secure', ($access[2] == true) ? 'true' : 'false');
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach ($this->_headers as $header) {
|
|
||||||
|
|
||||||
$tmp = $policy->addChild('allow-http-request-headers-from');
|
|
||||||
$tmp->addAttribute('domain', $access[0]);
|
|
||||||
$tmp->addAttribute('headers', $access[1]);
|
|
||||||
$tmp->addAttribute('secure', ($access[2] == true) ? 'true' : 'false');
|
|
||||||
}
|
|
||||||
|
|
||||||
return $policy;
|
return $policy;
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -127,44 +119,27 @@ class FlashPolicyComponent implements MessageComponentInterface {
|
|||||||
* addAllowedAccess function.
|
* addAllowedAccess function.
|
||||||
*
|
*
|
||||||
* @access public
|
* @access public
|
||||||
* @param mixed $domain
|
* @param string $domain
|
||||||
* @param string $ports (default: '*')
|
* @param string $ports (default: '*')
|
||||||
* @param bool $secure (default: false)
|
* @param bool $secure (default: false)
|
||||||
* @return void
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function addAllowedAccess($domain, $ports = '*', $secure = false) {
|
public function addAllowedAccess($domain, $ports = '*', $secure = false) {
|
||||||
|
|
||||||
if (!$this->validateDomain($domain)) {
|
if (!$this->validateDomain($domain)) {
|
||||||
throw new \UnexpectedValueException('Invalid domain');
|
throw new \UnexpectedValueException('Invalid domain');
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
if (!$this->validatePorts($ports)) {
|
if (!$this->validatePorts($ports)) {
|
||||||
throw new \UnexpectedValueException('Invalid Port');
|
throw new \UnexpectedValueException('Invalid Port');
|
||||||
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
$this->_access[] = array($domain, $ports, $secure);
|
$this->_access[] = array($domain, $ports, $secure);
|
||||||
$this->_cacheValid = false;
|
$this->_cacheValid = false;
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
return true;
|
||||||
* addAllowedHTTPRequestHeaders function.
|
|
||||||
*
|
|
||||||
* @access public
|
|
||||||
* @param mixed $domain
|
|
||||||
* @param mixed $headers
|
|
||||||
* @param bool $secure (default: true)
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
public function addAllowedHTTPRequestHeaders($domain, $headers, $secure = true) {
|
|
||||||
|
|
||||||
if (!$this->validateDomain($domain)) {
|
|
||||||
throw new \UnexpectedValueException('Invalid domain');
|
|
||||||
}
|
|
||||||
if (!$this->validateHeaders($headers)) {
|
|
||||||
throw new \UnexpectedValueException('Invalid Header');
|
|
||||||
}
|
|
||||||
$this->_headers[] = array($domain, $headers, (string)$secure);
|
|
||||||
$this->_cacheValid = false;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -176,119 +151,40 @@ class FlashPolicyComponent implements MessageComponentInterface {
|
|||||||
*/
|
*/
|
||||||
public function validateSiteControl($permittedCrossDomainPolicies) {
|
public function validateSiteControl($permittedCrossDomainPolicies) {
|
||||||
|
|
||||||
return (bool)in_array($permittedCrossDomainPolicies, array('none', 'master-only', 'by-content-type', 'all'));
|
//'by-content-type' and 'by-ftp-filename' not available for sockets
|
||||||
|
return (bool)in_array($permittedCrossDomainPolicies, array('none', 'master-only', 'all'));
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* validateDomain function.
|
* validateDomain function.
|
||||||
*
|
*
|
||||||
* @access public
|
* @access public
|
||||||
* @param mixed $domain
|
* @param string $domain
|
||||||
* @return void
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function validateDomain($domain) {
|
public function validateDomain($domain) {
|
||||||
|
|
||||||
if ($domain == '*') {
|
return (bool)preg_match("/^((http(s)?:\/\/)?([a-z0-9-_]+\.|\*\.)*([a-z0-9-_\.]+)|\*)$/i", $domain);
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (filter_var($domain, FILTER_VALIDATE_IP)) {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
$d = parse_url($domain);
|
|
||||||
if (!isset($d['scheme']) || empty($d['scheme'])) {
|
|
||||||
$domain = 'http://' . $domain;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (substr($domain, -1) == '*') {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
$d = parse_url($domain);
|
|
||||||
|
|
||||||
$parts = explode('.', $d['host']);
|
|
||||||
$tld = array_pop($parts);
|
|
||||||
|
|
||||||
if (($pos = strpos($tld, '*')) !== false) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
return (bool)filter_var(str_replace(array('*.', '.*'), '123', $domain), FILTER_VALIDATE_URL);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* validatePorts function.
|
* validatePorts function.
|
||||||
*
|
*
|
||||||
* @access public
|
* @access public
|
||||||
* @param mixed $port
|
* @param string $port
|
||||||
* @return void
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function validatePorts($port) {
|
public function validatePorts($port) {
|
||||||
|
|
||||||
if ($port == '*') {
|
return (bool)preg_match('/^(\*|(\d+[,-]?)*\d+)$/', $port);
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
$ports = explode(',', $port);
|
|
||||||
|
|
||||||
foreach ($ports as $port) {
|
|
||||||
$range = substr_count($port, '-');
|
|
||||||
|
|
||||||
if ($range > 1) {
|
|
||||||
return false;
|
|
||||||
} else if ($range == 1) {
|
|
||||||
$ranges = explode('-', $port);
|
|
||||||
|
|
||||||
if (!is_numeric($ranges[0]) || !is_numeric($ranges[1]) || $ranges[0] > $ranges[1]) {
|
|
||||||
return false;
|
|
||||||
} else {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!is_numeric($port) || $port == '') {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* validateHeaders function.
|
|
||||||
*
|
|
||||||
* @access public
|
|
||||||
* @param mixed $headers
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
public function validateHeaders($headers) {
|
|
||||||
|
|
||||||
if ($headers == '*') {
|
|
||||||
return true;
|
|
||||||
}
|
|
||||||
$headers = explode(',', $headers);
|
|
||||||
|
|
||||||
foreach ($headers as $header) {
|
|
||||||
|
|
||||||
if ((bool)preg_match('/.*\*+.+/is', $header)) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
|
|
||||||
if(!ctype_alnum(str_replace(array('-', '_', '*' ), '', $header))) {
|
|
||||||
return false;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
return true;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* validateSecure function.
|
* validateSecure function.
|
||||||
*
|
*
|
||||||
* @access public
|
* @access public
|
||||||
* @param mixed $secure
|
* @param bool $secure
|
||||||
* @return void
|
* @return bool
|
||||||
*/
|
*/
|
||||||
public function validateSecure($secure) {
|
public function validateSecure($secure) {
|
||||||
|
|
||||||
|
|||||||
@ -18,19 +18,16 @@ class FlashPolicyComponentTest extends \PHPUnit_Framework_TestCase {
|
|||||||
$this->_policy->setSiteControl('all');
|
$this->_policy->setSiteControl('all');
|
||||||
$this->_policy->addAllowedAccess('example.com', '*');
|
$this->_policy->addAllowedAccess('example.com', '*');
|
||||||
$this->_policy->addAllowedAccess('dev.example.com', '*');
|
$this->_policy->addAllowedAccess('dev.example.com', '*');
|
||||||
$this->_policy->addAllowedHTTPRequestHeaders('*', '*');
|
|
||||||
$this->assertInstanceOf('SimpleXMLElement', $this->_policy->renderPolicy());
|
$this->assertInstanceOf('SimpleXMLElement', $this->_policy->renderPolicy());
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testInvalidPolicyReader() {
|
public function testInvalidPolicyReader() {
|
||||||
$this->setExpectedException('UnexpectedValueException');
|
$this->setExpectedException('UnexpectedValueException');
|
||||||
$this->_policy->addAllowedHTTPRequestHeaders('*', '*');
|
|
||||||
$this->_policy->renderPolicy();
|
$this->_policy->renderPolicy();
|
||||||
}
|
}
|
||||||
|
|
||||||
public function testAnotherInvalidPolicyReader() {
|
public function testAnotherInvalidPolicyReader() {
|
||||||
$this->setExpectedException('UnexpectedValueException');
|
$this->setExpectedException('UnexpectedValueException');
|
||||||
$this->_policy->addAllowedHTTPRequestHeaders('*', '*');
|
|
||||||
$this->_policy->addAllowedAccess('dev.example.com', '*');
|
$this->_policy->addAllowedAccess('dev.example.com', '*');
|
||||||
$this->_policy->renderPolicy();
|
$this->_policy->renderPolicy();
|
||||||
}
|
}
|
||||||
@ -38,7 +35,6 @@ class FlashPolicyComponentTest extends \PHPUnit_Framework_TestCase {
|
|||||||
public function testInvalidDomainPolicyReader() {
|
public function testInvalidDomainPolicyReader() {
|
||||||
$this->setExpectedException('UnexpectedValueException');
|
$this->setExpectedException('UnexpectedValueException');
|
||||||
$this->_policy->setSiteControl('all');
|
$this->_policy->setSiteControl('all');
|
||||||
$this->_policy->addAllowedHTTPRequestHeaders('*', '*');
|
|
||||||
$this->_policy->addAllowedAccess('dev.example.*', '*');
|
$this->_policy->addAllowedAccess('dev.example.*', '*');
|
||||||
$this->_policy->renderPolicy();
|
$this->_policy->renderPolicy();
|
||||||
}
|
}
|
||||||
@ -56,7 +52,7 @@ class FlashPolicyComponentTest extends \PHPUnit_Framework_TestCase {
|
|||||||
array(true, 'all')
|
array(true, 'all')
|
||||||
, array(true, 'none')
|
, array(true, 'none')
|
||||||
, array(true, 'master-only')
|
, array(true, 'master-only')
|
||||||
, array(true, 'by-content-type')
|
, array(false, 'by-content-type')
|
||||||
, array(false, 'by-ftp-filename')
|
, array(false, 'by-ftp-filename')
|
||||||
, array(false, '')
|
, array(false, '')
|
||||||
, array(false, 'all ')
|
, array(false, 'all ')
|
||||||
@ -79,18 +75,20 @@ class FlashPolicyComponentTest extends \PHPUnit_Framework_TestCase {
|
|||||||
array(true, '*')
|
array(true, '*')
|
||||||
, array(true, 'example.com')
|
, array(true, 'example.com')
|
||||||
, array(true, 'exam-ple.com')
|
, array(true, 'exam-ple.com')
|
||||||
|
, array(true, '*.exmple.com')
|
||||||
, array(true, 'www.example.com')
|
, array(true, 'www.example.com')
|
||||||
|
, array(true, 'dev.dev.example.com')
|
||||||
, array(true, 'http://example.com')
|
, array(true, 'http://example.com')
|
||||||
|
, array(true, 'https://example.com')
|
||||||
, array(true, 'http://*.example.com')
|
, array(true, 'http://*.example.com')
|
||||||
, array(false, 'exam*ple.com')
|
, array(false, 'exam*ple.com')
|
||||||
, array(true, '127.0.0.1')
|
, array(true, '127.0.255.1')
|
||||||
, array(true, 'localhost')
|
, array(true, 'localhost')
|
||||||
, array(false, 'www.example.*')
|
, array(false, 'www.example.*')
|
||||||
, array(false, 'www.exa*le.com')
|
, array(false, 'www.exa*le.com')
|
||||||
, array(false, 'www.example.*com')
|
, array(false, 'www.example.*com')
|
||||||
, array(false, '*.example.*')
|
, array(false, '*.example.*')
|
||||||
, array(false, 'gasldf*$#a0sdf0a8sdf')
|
, array(false, 'gasldf*$#a0sdf0a8sdf')
|
||||||
, array(false, 'http://example.*')
|
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -108,11 +106,11 @@ class FlashPolicyComponentTest extends \PHPUnit_Framework_TestCase {
|
|||||||
, array(true, '80')
|
, array(true, '80')
|
||||||
, array(true, '80,443')
|
, array(true, '80,443')
|
||||||
, array(true, '507,516-523')
|
, array(true, '507,516-523')
|
||||||
, array(false, '233-11')
|
|
||||||
, array(true, '507,516-523,333')
|
, array(true, '507,516-523,333')
|
||||||
, array(true, '507,516-523,507,516-523')
|
, array(true, '507,516-523,507,516-523')
|
||||||
, array(true, '516-523')
|
, array(false, '516-')
|
||||||
, array(true, '516-523,11')
|
, array(true, '516-523,11')
|
||||||
|
, array(false, '516,-523,11')
|
||||||
, array(false, 'example')
|
, array(false, 'example')
|
||||||
, array(false, 'asdf,123')
|
, array(false, 'asdf,123')
|
||||||
, array(false, '--')
|
, array(false, '--')
|
||||||
@ -121,28 +119,6 @@ class FlashPolicyComponentTest extends \PHPUnit_Framework_TestCase {
|
|||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* @dataProvider headers
|
|
||||||
*/
|
|
||||||
public function testHeaderValidation($accept, $headers) {
|
|
||||||
$this->assertEquals($accept, $this->_policy->validateHeaders($headers));
|
|
||||||
}
|
|
||||||
|
|
||||||
public static function headers() {
|
|
||||||
return array(
|
|
||||||
array(true, '*')
|
|
||||||
, array(true, 'X-Foo')
|
|
||||||
, array(true, 'X-Foo*,hello')
|
|
||||||
, array(false, 'X-Fo*o,hello')
|
|
||||||
, array(false, '*ooo,hello')
|
|
||||||
, array(false, 'X Foo')
|
|
||||||
, array(false, false)
|
|
||||||
, array(true, 'X-001')
|
|
||||||
, array(false, '--')
|
|
||||||
, array(false, '-')
|
|
||||||
);
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @dataProvider bools
|
* @dataProvider bools
|
||||||
*/
|
*/
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user