Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit28ae62d

Browse files
bobvandevijverfabpot
authored andcommitted
[Security] Fix str_contains type mismatch in ChannelListener
1 parent11e76c9 commit28ae62d

File tree

2 files changed

+28
-1
lines changed

2 files changed

+28
-1
lines changed

‎src/Symfony/Component/Security/Http/Firewall/ChannelListener.php‎

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -51,7 +51,7 @@ public function supports(Request $request): ?bool
5151
if (null !==$this->logger) {
5252
if ('https' ===$request->headers->get('X-Forwarded-Proto')) {
5353
$this->logger->info('Redirecting to HTTPS. ("X-Forwarded-Proto" header is set to "https" - did you set "trusted_proxies" correctly?)');
54-
}elseif (str_contains($request->headers->get('Forwarded'),'proto=https')) {
54+
}elseif (str_contains($request->headers->get('Forwarded',''),'proto=https')) {
5555
$this->logger->info('Redirecting to HTTPS. ("Forwarded" header is set to "proto=https" - did you set "trusted_proxies" correctly?)');
5656
}else {
5757
$this->logger->info('Redirecting to HTTPS.');

‎src/Symfony/Component/Security/Http/Tests/Firewall/ChannelListenerTest.php‎

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,8 @@
1212
namespaceSymfony\Component\Security\Http\Tests\Firewall;
1313

1414
usePHPUnit\Framework\TestCase;
15+
usePsr\Log\NullLogger;
16+
useSymfony\Component\HttpFoundation\HeaderBag;
1517
useSymfony\Component\HttpFoundation\Request;
1618
useSymfony\Component\HttpFoundation\Response;
1719
useSymfony\Component\HttpKernel\Event\RequestEvent;
@@ -153,4 +155,29 @@ public function testHandleWithSecuredRequestAndHttpChannel()
153155

154156
$this->assertSame($response,$event->getResponse());
155157
}
158+
159+
publicfunctiontestSupportsWithoutHeaders()
160+
{
161+
$request =$this->createMock(Request::class);
162+
$request
163+
->expects($this->any())
164+
->method('isSecure')
165+
->willReturn(false)
166+
;
167+
$request->headers =newHeaderBag();
168+
169+
$accessMap =$this->createMock(AccessMapInterface::class);
170+
$accessMap
171+
->expects($this->any())
172+
->method('getPatterns')
173+
->with($this->equalTo($request))
174+
->willReturn([[],'https'])
175+
;
176+
177+
$entryPoint =$this->createMock(AuthenticationEntryPointInterface::class);
178+
179+
$listener =newChannelListener($accessMap,$entryPoint,newNullLogger());
180+
181+
$this->assertTrue($listener->supports($request));
182+
}
156183
}

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp