6 class WebRequestTest
extends MediaWikiTestCase
{
8 protected function setUp() {
11 $this->oldServer
= $_SERVER;
12 $this->oldWgRequest
= $GLOBALS['wgRequest'];
13 $this->oldWgServer
= $GLOBALS['wgServer'];
16 protected function tearDown() {
17 $_SERVER = $this->oldServer
;
18 $GLOBALS['wgRequest'] = $this->oldWgRequest
;
19 $GLOBALS['wgServer'] = $this->oldWgServer
;
25 * @dataProvider provideDetectServer
26 * @covers WebRequest::detectServer
27 * @covers WebRequest::detectProtocol
29 public function testDetectServer( $expected, $input, $description ) {
30 $this->setMwGlobals( 'wgAssumeProxiesUseDefaultProtocolPorts', true );
32 $this->setServerVars( $input );
33 $result = WebRequest
::detectServer();
34 $this->assertEquals( $expected, $result, $description );
37 public static function provideDetectServer() {
52 'Host header with secure'
60 'Default SERVER_PORT',
74 'HTTP_X_FORWARDED_PROTO' => 'https',
83 'SERVER_PORT' => '81',
84 'HTTP_X_FORWARDED_PROTO' => 'https',
101 'Host server name precedence'
106 'HTTP_HOST' => '[::1]',
107 'SERVER_NAME' => '::1',
108 'SERVER_PORT' => '81',
115 'SERVER_NAME' => '[2001'
117 'Kind of like lighttpd per commit message in MW r83847',
120 'http://[2a01:e35:2eb4:1::2]:777',
122 'SERVER_NAME' => '[2a01:e35:2eb4:1::2]:777'
124 'Possible lighttpd environment per bug 14977 comment 13',
130 * @param array $data Request data
131 * @param array $config
132 * - float 'requestTime': Mock value for `$_SERVER['REQUEST_TIME_FLOAT']`.
135 protected function mockWebRequest( array $data = [], array $config = [] ) {
136 // Cannot use PHPUnit getMockBuilder() as it does not support
137 // overriding protected properties afterwards
138 $reflection = new ReflectionClass( WebRequest
::class );
139 $req = $reflection->newInstanceWithoutConstructor();
141 $prop = $reflection->getProperty( 'data' );
142 $prop->setAccessible( true );
143 $prop->setValue( $req, $data );
145 if ( isset( $config['requestTime'] ) ) {
146 $prop = $reflection->getProperty( 'requestTime' );
147 $prop->setAccessible( true );
148 $prop->setValue( $req, $config['requestTime'] );
155 * @covers WebRequest::getElapsedTime
157 public function testGetElapsedTime() {
158 $now = microtime( true ) - 10.0;
159 $req = $this->mockWebRequest( [], [ 'requestTime' => $now ] );
160 $this->assertGreaterThanOrEqual( 10.0, $req->getElapsedTime() );
161 // Catch common errors, but don't fail on slow hardware or VMs (T199764).
162 $this->assertEquals( 10.0, $req->getElapsedTime(), '', 60.0 );
166 * @covers WebRequest::getVal
167 * @covers WebRequest::getGPCVal
168 * @covers WebRequest::normalizeUnicode
170 public function testGetValNormal() {
171 // Assert that WebRequest normalises GPC data using UtfNormal\Validator
172 $input = "a \x00 null";
173 $normal = "a \xef\xbf\xbd null";
174 $req = $this->mockWebRequest( [ 'x' => $input, 'y' => [ $input, $input ] ] );
175 $this->assertSame( $normal, $req->getVal( 'x' ) );
176 $this->assertNotSame( $input, $req->getVal( 'x' ) );
177 $this->assertSame( [ $normal, $normal ], $req->getArray( 'y' ) );
181 * @covers WebRequest::getVal
182 * @covers WebRequest::getGPCVal
184 public function testGetVal() {
185 $req = $this->mockWebRequest( [ 'x' => 'Value', 'y' => [ 'a' ], 'crlf' => "A\r\nb" ] );
186 $this->assertSame( 'Value', $req->getVal( 'x' ), 'Simple value' );
187 $this->assertSame( null, $req->getVal( 'z' ), 'Not found' );
188 $this->assertSame( null, $req->getVal( 'y' ), 'Array is ignored' );
189 $this->assertSame( "A\r\nb", $req->getVal( 'crlf' ), 'CRLF' );
193 * @covers WebRequest::getRawVal
195 public function testGetRawVal() {
196 $req = $this->mockWebRequest( [
201 $this->assertSame( 'Value', $req->getRawVal( 'x' ) );
202 $this->assertSame( null, $req->getRawVal( 'z' ), 'Not found' );
203 $this->assertSame( null, $req->getRawVal( 'y' ), 'Array is ignored' );
204 $this->assertSame( "A\r\nb", $req->getRawVal( 'crlf' ), 'CRLF' );
208 * @covers WebRequest::getArray
210 public function testGetArray() {
211 $req = $this->mockWebRequest( [ 'x' => 'Value', 'y' => [ 'a', 'b' ] ] );
212 $this->assertSame( [ 'Value' ], $req->getArray( 'x' ), 'Value becomes array' );
213 $this->assertSame( null, $req->getArray( 'z' ), 'Not found' );
214 $this->assertSame( [ 'a', 'b' ], $req->getArray( 'y' ) );
218 * @covers WebRequest::getIntArray
220 public function testGetIntArray() {
221 $req = $this->mockWebRequest( [ 'x' => [ 'Value' ], 'y' => [ '0', '4.2', '-2' ] ] );
222 $this->assertSame( [ 0 ], $req->getIntArray( 'x' ), 'Text becomes 0' );
223 $this->assertSame( null, $req->getIntArray( 'z' ), 'Not found' );
224 $this->assertSame( [ 0, 4, -2 ], $req->getIntArray( 'y' ) );
228 * @covers WebRequest::getInt
230 public function testGetInt() {
231 $req = $this->mockWebRequest( [
238 $this->assertSame( 0, $req->getInt( 'x' ), 'Text' );
239 $this->assertSame( 0, $req->getInt( 'y' ), 'Array' );
240 $this->assertSame( 0, $req->getInt( 'z' ), 'Not found' );
241 $this->assertSame( 0, $req->getInt( 'zero' ) );
242 $this->assertSame( 4, $req->getInt( 'answer' ) );
243 $this->assertSame( -2, $req->getInt( 'neg' ) );
247 * @covers WebRequest::getIntOrNull
249 public function testGetIntOrNull() {
250 $req = $this->mockWebRequest( [
257 $this->assertSame( null, $req->getIntOrNull( 'x' ), 'Text' );
258 $this->assertSame( null, $req->getIntOrNull( 'y' ), 'Array' );
259 $this->assertSame( null, $req->getIntOrNull( 'z' ), 'Not found' );
260 $this->assertSame( 0, $req->getIntOrNull( 'zero' ) );
261 $this->assertSame( 4, $req->getIntOrNull( 'answer' ) );
262 $this->assertSame( -2, $req->getIntOrNull( 'neg' ) );
266 * @covers WebRequest::getFloat
268 public function testGetFloat() {
269 $req = $this->mockWebRequest( [
276 $this->assertSame( 0.0, $req->getFloat( 'x' ), 'Text' );
277 $this->assertSame( 0.0, $req->getFloat( 'y' ), 'Array' );
278 $this->assertSame( 0.0, $req->getFloat( 'z' ), 'Not found' );
279 $this->assertSame( 0.0, $req->getFloat( 'zero' ) );
280 $this->assertSame( 4.2, $req->getFloat( 'answer' ) );
281 $this->assertSame( -2.0, $req->getFloat( 'neg' ) );
285 * @covers WebRequest::getBool
287 public function testGetBool() {
288 $req = $this->mockWebRequest( [
295 $this->assertSame( true, $req->getBool( 'x' ), 'Text' );
296 $this->assertSame( false, $req->getBool( 'y' ), 'Array' );
297 $this->assertSame( false, $req->getBool( 'z' ), 'Not found' );
298 $this->assertSame( false, $req->getBool( 'zero' ) );
299 $this->assertSame( true, $req->getBool( 'f' ) );
300 $this->assertSame( true, $req->getBool( 't' ) );
303 public static function provideFuzzyBool() {
306 [ '', false, '(empty string)' ],
319 * @dataProvider provideFuzzyBool
320 * @covers WebRequest::getFuzzyBool
322 public function testGetFuzzyBool( $value, $expected, $message = null ) {
323 $req = $this->mockWebRequest( [ 'x' => $value ] );
324 $this->assertSame( $expected, $req->getFuzzyBool( 'x' ), $message ?
: "Value: '$value'" );
328 * @covers WebRequest::getFuzzyBool
330 public function testGetFuzzyBoolDefault() {
331 $req = $this->mockWebRequest();
332 $this->assertSame( false, $req->getFuzzyBool( 'z' ), 'Not found' );
336 * @covers WebRequest::getCheck
338 public function testGetCheck() {
339 $req = $this->mockWebRequest( [ 'x' => 'Value', 'zero' => '0' ] );
340 $this->assertSame( false, $req->getCheck( 'z' ), 'Not found' );
341 $this->assertSame( true, $req->getCheck( 'x' ), 'Text' );
342 $this->assertSame( true, $req->getCheck( 'zero' ) );
346 * @covers WebRequest::getText
348 public function testGetText() {
349 // Avoid FauxRequest (overrides getText)
350 $req = $this->mockWebRequest( [ 'crlf' => "Va\r\nlue" ] );
351 $this->assertSame( "Va\nlue", $req->getText( 'crlf' ), 'CR stripped' );
355 * @covers WebRequest::getValues
357 public function testGetValues() {
358 $values = [ 'x' => 'Value', 'y' => '' ];
359 // Avoid FauxRequest (overrides getValues)
360 $req = $this->mockWebRequest( $values );
361 $this->assertSame( $values, $req->getValues() );
362 $this->assertSame( [ 'x' => 'Value' ], $req->getValues( 'x' ), 'Specific keys' );
366 * @covers WebRequest::getValueNames
368 public function testGetValueNames() {
369 $req = $this->mockWebRequest( [ 'x' => 'Value', 'y' => '' ] );
370 $this->assertSame( [ 'x', 'y' ], $req->getValueNames() );
371 $this->assertSame( [ 'x' ], $req->getValueNames( [ 'y' ] ), 'Exclude keys' );
377 public function testGetFullRequestURL() {
378 // Stub this for wfGetServerUrl()
379 $GLOBALS['wgServer'] = '//wiki.test';
380 $req = $this->getMock( WebRequest
::class, [ 'getRequestURL', 'getProtocol' ] );
381 $req->method( 'getRequestURL' )->willReturn( '/path' );
382 $req->method( 'getProtocol' )->willReturn( 'https' );
385 'https://wiki.test/path',
386 $req->getFullRequestURL()
391 * @dataProvider provideGetIP
392 * @covers WebRequest::getIP
394 public function testGetIP( $expected, $input, $cdn, $xffList, $private, $description ) {
395 $this->setServerVars( $input );
396 $this->setMwGlobals( [
397 'wgUsePrivateIPs' => $private,
399 'IsTrustedProxy' => [
400 function ( &$ip, &$trusted ) use ( $xffList ) {
401 $trusted = $trusted ||
in_array( $ip, $xffList );
408 $this->setService( 'ProxyLookup', new ProxyLookup( [], $cdn ) );
410 $request = new WebRequest();
411 $result = $request->getIP();
412 $this->assertEquals( $expected, $result, $description );
415 public static function provideGetIP() {
420 'REMOTE_ADDR' => '127.0.0.1'
430 'REMOTE_ADDR' => '::1'
440 'REMOTE_ADDR' => 'abcd:0001:002:03:4:555:6666:7777',
441 'HTTP_X_FORWARDED_FOR' => '12.0.0.1, abcd:0001:002:03:4:555:6666:7777',
443 [ 'ABCD:1:2:3:4:555:6666:7777' ],
451 'REMOTE_ADDR' => '12.0.0.1',
452 'HTTP_X_FORWARDED_FOR' => '12.0.0.3, 12.0.0.2'
454 [ '12.0.0.1', '12.0.0.2' ],
457 'With X-Forwaded-For'
462 'REMOTE_ADDR' => '12.0.0.1',
463 'HTTP_X_FORWARDED_FOR' => '12.0.0.3, 12.0.0.2'
468 'With X-Forwaded-For and disallowed server'
473 'REMOTE_ADDR' => '12.0.0.1',
474 'HTTP_X_FORWARDED_FOR' => '12.0.0.3, 12.0.0.2'
479 'With multiple X-Forwaded-For and only one allowed server'
484 'REMOTE_ADDR' => '12.0.0.2',
485 'HTTP_X_FORWARDED_FOR' => '10.0.0.4, 10.0.0.3, 12.0.0.2'
487 [ '12.0.0.1', '12.0.0.2' ],
490 'With X-Forwaded-For and private IP (from cache proxy)'
495 'REMOTE_ADDR' => '12.0.0.2',
496 'HTTP_X_FORWARDED_FOR' => '10.0.0.4, 10.0.0.3, 12.0.0.2'
498 [ '12.0.0.1', '12.0.0.2', '10.0.0.3' ],
501 'With X-Forwaded-For and private IP (allowed)'
506 'REMOTE_ADDR' => '12.0.0.2',
507 'HTTP_X_FORWARDED_FOR' => '10.0.0.4, 10.0.0.3, 12.0.0.2'
509 [ '12.0.0.1', '12.0.0.2' ],
512 'With X-Forwaded-For and private IP (allowed)'
517 'REMOTE_ADDR' => '12.0.0.2',
518 'HTTP_X_FORWARDED_FOR' => '10.0.0.4, 10.0.0.3, 12.0.0.2'
520 [ '12.0.0.1', '12.0.0.2' ],
523 'With X-Forwaded-For and private IP (disallowed)'
528 'REMOTE_ADDR' => '12.0.0.1',
529 'HTTP_X_FORWARDED_FOR' => '12.0.0.3, 12.0.0.2'
532 [ '12.0.0.1', '12.0.0.2' ],
534 'With X-Forwaded-For'
539 'REMOTE_ADDR' => '12.0.0.1',
540 'HTTP_X_FORWARDED_FOR' => '12.0.0.3, 12.0.0.2'
545 'With multiple X-Forwaded-For and only one allowed server'
550 'REMOTE_ADDR' => '12.0.0.2',
551 'HTTP_X_FORWARDED_FOR' => '10.0.0.3, 12.0.0.2'
556 'With X-Forwaded-For and private IP and hook (disallowed)'
561 'REMOTE_ADDR' => 'abcd:0001:002:03:4:555:6666:7777',
562 'HTTP_X_FORWARDED_FOR' => '12.0.0.1, abcd:0001:002:03:4:555:6666:7777',
564 [ 'ABCD:1:2:3::/64' ],
572 'REMOTE_ADDR' => '12.0.0.1',
573 'HTTP_X_FORWARDED_FOR' => '12.0.0.3, 12.0.0.2'
584 * @expectedException MWException
585 * @covers WebRequest::getIP
587 public function testGetIpLackOfRemoteAddrThrowAnException() {
588 // ensure that local install state doesn't interfere with test
589 $this->setMwGlobals( [
590 'wgCdnServers' => [],
591 'wgCdnServersNoPurge' => [],
592 'wgUsePrivateIPs' => false,
595 $this->setService( 'ProxyLookup', new ProxyLookup( [], [] ) );
597 $request = new WebRequest();
598 # Next call throw an exception about lacking an IP
602 public static function provideLanguageData() {
604 [ '', [], 'Empty Accept-Language header' ],
605 [ 'en', [ 'en' => 1 ], 'One language' ],
606 [ 'en, ar', [ 'en' => 1, 'ar' => 1 ], 'Two languages listed in appearance order.' ],
609 [ 'zh-cn' => 1, 'zh-tw' => 1 ],
610 'Two equally prefered languages, listed in appearance order per rfc3282. Checks c9119'
614 [ 'es' => 1, 'en' => '0.5' ],
615 'Spanish as first language and English and second'
617 [ 'en; q=0.5, es', [ 'es' => 1, 'en' => '0.5' ], 'Less prefered language first' ],
618 [ 'fr, en; q=0.5, es', [ 'fr' => 1, 'es' => 1, 'en' => '0.5' ], 'Three languages' ],
619 [ 'en; q=0.5, es', [ 'es' => 1, 'en' => '0.5' ], 'Two languages' ],
620 [ 'en, zh;q=0', [ 'en' => 1 ], "It's Chinese to me" ],
622 'es; q=1, pt;q=0.7, it; q=0.6, de; q=0.1, ru;q=0',
623 [ 'es' => '1', 'pt' => '0.7', 'it' => '0.6', 'de' => '0.1' ],
624 'Preference for Romance languages'
628 [ 'en-gb' => 1, 'en-us' => '1' ],
629 'Two equally prefered English variants'
631 [ '_', [], 'Invalid input' ],
636 * @dataProvider provideLanguageData
637 * @covers WebRequest::getAcceptLang
639 public function testAcceptLang( $acceptLanguageHeader, $expectedLanguages, $description ) {
640 $this->setServerVars( [ 'HTTP_ACCEPT_LANGUAGE' => $acceptLanguageHeader ] );
641 $request = new WebRequest();
642 $this->assertSame( $request->getAcceptLang(), $expectedLanguages, $description );
645 protected function setServerVars( $vars ) {
646 // Don't remove vars which should be available in all SAPI.
647 if ( !isset( $vars['REQUEST_TIME_FLOAT'] ) ) {
648 $vars['REQUEST_TIME_FLOAT'] = $_SERVER['REQUEST_TIME_FLOAT'];
650 if ( !isset( $vars['REQUEST_TIME'] ) ) {
651 $vars['REQUEST_TIME'] = $_SERVER['REQUEST_TIME'];