public function RequestTest::testTrustedProxies in Zircon Profile 8
Same name and namespace in other branches
- 8.0 vendor/symfony/http-foundation/Tests/RequestTest.php \Symfony\Component\HttpFoundation\Tests\RequestTest::testTrustedProxies()
File
- vendor/
symfony/ http-foundation/ Tests/ RequestTest.php, line 1585
Class
Namespace
Symfony\Component\HttpFoundation\TestsCode
public function testTrustedProxies() {
$request = Request::create('http://example.com/');
$request->server
->set('REMOTE_ADDR', '3.3.3.3');
$request->headers
->set('X_FORWARDED_FOR', '1.1.1.1, 2.2.2.2');
$request->headers
->set('X_FORWARDED_HOST', 'foo.example.com, real.example.com:8080');
$request->headers
->set('X_FORWARDED_PROTO', 'https');
$request->headers
->set('X_FORWARDED_PORT', 443);
$request->headers
->set('X_MY_FOR', '3.3.3.3, 4.4.4.4');
$request->headers
->set('X_MY_HOST', 'my.example.com');
$request->headers
->set('X_MY_PROTO', 'http');
$request->headers
->set('X_MY_PORT', 81);
// no trusted proxies
$this
->assertEquals('3.3.3.3', $request
->getClientIp());
$this
->assertEquals('example.com', $request
->getHost());
$this
->assertEquals(80, $request
->getPort());
$this
->assertFalse($request
->isSecure());
// disabling proxy trusting
Request::setTrustedProxies(array());
$this
->assertEquals('3.3.3.3', $request
->getClientIp());
$this
->assertEquals('example.com', $request
->getHost());
$this
->assertEquals(80, $request
->getPort());
$this
->assertFalse($request
->isSecure());
// trusted proxy via setTrustedProxies()
Request::setTrustedProxies(array(
'3.3.3.3',
'2.2.2.2',
));
$this
->assertEquals('1.1.1.1', $request
->getClientIp());
$this
->assertEquals('real.example.com', $request
->getHost());
$this
->assertEquals(443, $request
->getPort());
$this
->assertTrue($request
->isSecure());
// trusted proxy via setTrustedProxies()
Request::setTrustedProxies(array(
'3.3.3.4',
'2.2.2.2',
));
$this
->assertEquals('3.3.3.3', $request
->getClientIp());
$this
->assertEquals('example.com', $request
->getHost());
$this
->assertEquals(80, $request
->getPort());
$this
->assertFalse($request
->isSecure());
// check various X_FORWARDED_PROTO header values
Request::setTrustedProxies(array(
'3.3.3.3',
'2.2.2.2',
));
$request->headers
->set('X_FORWARDED_PROTO', 'ssl');
$this
->assertTrue($request
->isSecure());
$request->headers
->set('X_FORWARDED_PROTO', 'https, http');
$this
->assertTrue($request
->isSecure());
// custom header names
Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, 'X_MY_FOR');
Request::setTrustedHeaderName(Request::HEADER_CLIENT_HOST, 'X_MY_HOST');
Request::setTrustedHeaderName(Request::HEADER_CLIENT_PORT, 'X_MY_PORT');
Request::setTrustedHeaderName(Request::HEADER_CLIENT_PROTO, 'X_MY_PROTO');
$this
->assertEquals('4.4.4.4', $request
->getClientIp());
$this
->assertEquals('my.example.com', $request
->getHost());
$this
->assertEquals(81, $request
->getPort());
$this
->assertFalse($request
->isSecure());
// disabling via empty header names
Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, null);
Request::setTrustedHeaderName(Request::HEADER_CLIENT_HOST, null);
Request::setTrustedHeaderName(Request::HEADER_CLIENT_PORT, null);
Request::setTrustedHeaderName(Request::HEADER_CLIENT_PROTO, null);
$this
->assertEquals('3.3.3.3', $request
->getClientIp());
$this
->assertEquals('example.com', $request
->getHost());
$this
->assertEquals(80, $request
->getPort());
$this
->assertFalse($request
->isSecure());
// reset
Request::setTrustedProxies(array());
Request::setTrustedHeaderName(Request::HEADER_CLIENT_IP, 'X_FORWARDED_FOR');
Request::setTrustedHeaderName(Request::HEADER_CLIENT_HOST, 'X_FORWARDED_HOST');
Request::setTrustedHeaderName(Request::HEADER_CLIENT_PORT, 'X_FORWARDED_PORT');
Request::setTrustedHeaderName(Request::HEADER_CLIENT_PROTO, 'X_FORWARDED_PROTO');
}