BaseURL hardening

This commit is contained in:
Philipp Holzer 2019-04-09 08:48:04 +02:00
parent e69138039a
commit 40c075cf47
No known key found for this signature in database
GPG key ID: 517BE60E2CE5C8A5
2 changed files with 29 additions and 11 deletions

View file

@ -139,21 +139,21 @@ class BaseURL
{ {
$success = true; $success = true;
if (!empty($hostname)) { if (!empty($hostname) && $hostname !== $this->hostname) {
$this->hostname = $hostname; $this->hostname = $hostname;
if (!$this->config->set('config', 'hostname', $this->hostname)) { if (!$this->config->set('config', 'hostname', $this->hostname)) {
$success = false; $success = false;
} }
} }
if (isset($sslPolicy)) { if (isset($sslPolicy) && $sslPolicy !== $this->sslPolicy) {
$this->sslPolicy = $sslPolicy; $this->sslPolicy = $sslPolicy;
if (!$this->config->set('system', 'ssl_policy', $this->sslPolicy)) { if (!$this->config->set('system', 'ssl_policy', $this->sslPolicy)) {
$success = false; $success = false;
} }
} }
if (isset($urlPath)) { if (isset($urlPath) && $urlPath !== $this->urlPath) {
$this->urlPath = $urlPath; $this->urlPath = $urlPath;
if (!$this->config->set('system', 'urlpath', $this->urlPath)) { if (!$this->config->set('system', 'urlpath', $this->urlPath)) {
$success = false; $success = false;

View file

@ -2,10 +2,10 @@
namespace Friendica\Test\src\Util; namespace Friendica\Test\src\Util;
use Friendica\Core\Config\Configuration; use Friendica\Core\Config\Configuration;
use Friendica\Test\MockedTest;
use Friendica\Util\BaseURL; use Friendica\Util\BaseURL;
use PHPUnit\Framework\TestCase;
class BaseURLTest extends TestCase class BaseURLTest extends MockedTest
{ {
public function dataDefault() public function dataDefault()
{ {
@ -296,9 +296,18 @@ class BaseURLTest extends TestCase
$baseUrl = new BaseURL($configMock, []); $baseUrl = new BaseURL($configMock, []);
if (isset($save['hostname'])) {
$configMock->shouldReceive('set')->with('config', 'hostname', $save['hostname'])->andReturn(true)->once(); $configMock->shouldReceive('set')->with('config', 'hostname', $save['hostname'])->andReturn(true)->once();
}
if (isset($save['urlPath'])) {
$configMock->shouldReceive('set')->with('system', 'urlpath', $save['urlPath'])->andReturn(true)->once(); $configMock->shouldReceive('set')->with('system', 'urlpath', $save['urlPath'])->andReturn(true)->once();
}
if (isset($save['sslPolicy'])) {
$configMock->shouldReceive('set')->with('system', 'ssl_policy', $save['sslPolicy'])->andReturn(true)->once(); $configMock->shouldReceive('set')->with('system', 'ssl_policy', $save['sslPolicy'])->andReturn(true)->once();
}
$configMock->shouldReceive('set')->with('system', 'url', $url)->andReturn(true)->once(); $configMock->shouldReceive('set')->with('system', 'url', $url)->andReturn(true)->once();
$baseUrl->save($save['hostname'], $save['sslPolicy'], $save['urlPath']); $baseUrl->save($save['hostname'], $save['sslPolicy'], $save['urlPath']);
@ -325,9 +334,18 @@ class BaseURLTest extends TestCase
$baseUrl = new BaseURL($configMock, []); $baseUrl = new BaseURL($configMock, []);
$configMock->shouldReceive('set')->with('config', 'hostname', (!empty($save['hostname']) ? $save['hostname'] : $input['hostname']))->andReturn(true)->once(); if (isset($save['hostname'])) {
$configMock->shouldReceive('set')->with('system', 'urlpath', (!empty($save['urlPath']) ? $save['urlPath'] : $input['urlPath']))->andReturn(true)->once(); $configMock->shouldReceive('set')->with('config', 'hostname', $save['hostname'])->andReturn(true)->once();
$configMock->shouldReceive('set')->with('system', 'ssl_policy', (!empty($save['sslPolicy']) ? $save['sslPolicy'] : $input['sslPolicy']))->andReturn(true)->once(); }
if (isset($save['urlPath'])) {
$configMock->shouldReceive('set')->with('system', 'urlpath', $save['urlPath'])->andReturn(true)->once();
}
if (isset($save['sslPolicy'])) {
$configMock->shouldReceive('set')->with('system', 'ssl_policy', $save['sslPolicy'])->andReturn(true)->once();
}
$configMock->shouldReceive('set')->with('system', 'url', $url)->andReturn(true)->once(); $configMock->shouldReceive('set')->with('system', 'url', $url)->andReturn(true)->once();
$baseUrl->saveByURL($url); $baseUrl->saveByURL($url);