diff --git a/src/Ratchet/Wamp/ServerProtocol.php b/src/Ratchet/Wamp/ServerProtocol.php index 7900659..7842c82 100644 --- a/src/Ratchet/Wamp/ServerProtocol.php +++ b/src/Ratchet/Wamp/ServerProtocol.php @@ -6,7 +6,7 @@ use Ratchet\ConnectionInterface; /** * WebSocket Application Messaging Protocol - * + * * @link http://wamp.ws/spec * @link https://github.com/oberstet/AutobahnJS * @@ -89,6 +89,10 @@ class ServerProtocol implements MessageComponentInterface, WsServerInterface { throw new JsonException; } + if (!is_array($json) || $json !== array_values($json)) { + throw new \UnexpectedValueException("Invalid WAMP message format"); + } + switch ($json[0]) { case static::MSG_PREFIX: $from->WAMP->prefixes[$json[1]] = $json[2]; diff --git a/src/Ratchet/Wamp/WampConnection.php b/src/Ratchet/Wamp/WampConnection.php index b5eb04a..de13844 100644 --- a/src/Ratchet/Wamp/WampConnection.php +++ b/src/Ratchet/Wamp/WampConnection.php @@ -6,7 +6,7 @@ use Ratchet\Wamp\ServerProtocol as WAMP; /** * A ConnectionInterface object wrapper that is passed to your WAMP application - * representing a client. Methods on this Connection are therefore different. + * representing a client. Methods on this Connection are therefore different. * @property \stdClass $WAMP */ class WampConnection extends AbstractConnectionDecorator { @@ -96,7 +96,7 @@ class WampConnection extends AbstractConnectionDecorator { /** * {@inheritdoc} */ - public function close() { - $this->getConnection()->close(); + public function close($opt = null) { + $this->getConnection()->close($opt); } } \ No newline at end of file diff --git a/src/Ratchet/Wamp/WampServer.php b/src/Ratchet/Wamp/WampServer.php index d2bfdcf..9e7951f 100644 --- a/src/Ratchet/Wamp/WampServer.php +++ b/src/Ratchet/Wamp/WampServer.php @@ -37,7 +37,13 @@ class WampServer implements MessageComponentInterface, WsServerInterface { * {@inheritdoc} */ public function onMessage(ConnectionInterface $conn, $msg) { - $this->wampProtocol->onMessage($conn, $msg); + try { + $this->wampProtocol->onMessage($conn, $msg); + } catch (JsonException $je) { + $conn->close(1007); + } catch (\UnexpectedValueException $uve) { + $conn->close(1007); + } } /** diff --git a/tests/unit/Wamp/ServerProtocolTest.php b/tests/unit/Wamp/ServerProtocolTest.php index 9ecd89d..b4f57a4 100644 --- a/tests/unit/Wamp/ServerProtocolTest.php +++ b/tests/unit/Wamp/ServerProtocolTest.php @@ -247,4 +247,23 @@ class ServerProtocolTest extends \PHPUnit_Framework_TestCase { $this->assertContains('wamp', $wamp->getSubProtocols()); } + + public function badFormatProvider() { + return array( + array(json_encode(true)) + , array('{"valid":"json", "invalid": "message"}') + , array('{"0": "fail", "hello": "world"}') + ); + } + + /** + * @dataProvider badFormatProvider + */ + public function testValidJsonButInvalidProtocol($message) { + $this->setExpectedException('\UnexpectedValueException'); + + $conn = $this->newConn(); + $this->_comp->onOpen($conn); + $this->_comp->onMessage($conn, $message); + } } \ No newline at end of file diff --git a/tests/unit/Wamp/WampServerTest.php b/tests/unit/Wamp/WampServerTest.php index b1ee6f1..e76d693 100644 --- a/tests/unit/Wamp/WampServerTest.php +++ b/tests/unit/Wamp/WampServerTest.php @@ -7,10 +7,6 @@ use Ratchet\AbstractMessageComponentTestCase; * @covers Ratchet\Wamp\WampServer */ class WampServerTest extends AbstractMessageComponentTestCase { - private $serv; - private $mock; - private $conn; - public function getConnectionClassString() { return '\Ratchet\Wamp\WampConnection'; } @@ -41,4 +37,14 @@ class WampServerTest extends AbstractMessageComponentTestCase { // todo: could expand on this $this->assertInternalType('array', $this->_serv->getSubProtocols()); } + + public function testConnectionClosesOnInvalidJson() { + $this->_conn->expects($this->once())->method('close'); + $this->_serv->onMessage($this->_conn, 'invalid json'); + } + + public function testConnectionClosesOnProtocolError() { + $this->_conn->expects($this->once())->method('close'); + $this->_serv->onMessage($this->_conn, json_encode(array('valid' => 'json', 'invalid' => 'protocol'))); + } } \ No newline at end of file