From b33f0247634458903135e38f8e469a4bc0de043b Mon Sep 17 00:00:00 2001 From: George Wilson Date: Sun, 21 Aug 2022 02:36:09 +0100 Subject: [PATCH 1/5] Update AbstractWebApplication.php --- src/AbstractWebApplication.php | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/src/AbstractWebApplication.php b/src/AbstractWebApplication.php index a1637bc3..1f28196b 100644 --- a/src/AbstractWebApplication.php +++ b/src/AbstractWebApplication.php @@ -793,9 +793,21 @@ protected function checkHeadersSent() * @return string The requested URI * * @since 1.0.0 + * @throws \InvalidArgumentException */ protected function detectRequestUri() { + /** + * If we've arrived here via a CLI application (which shouldn't happen in our web app) then we can use this as + * an opportunity to bail out + */ + $httpHost = $this->input->server->getString('HTTP_HOST'); + + if ($httpHost === null) + { + throw new \InvalidArgumentException('Unable to parse the hostname from the request'); + } + // First we need to detect the URI scheme. $scheme = $this->isSslConnection() ? 'https://' : 'http://'; @@ -808,7 +820,7 @@ protected function detectRequestUri() $phpSelf = $this->input->server->getString('PHP_SELF', ''); $requestUri = $this->input->server->getString('REQUEST_URI', ''); - $uri = $scheme . $this->input->server->getString('HTTP_HOST'); + $uri = $scheme . $httpHost; if (!empty($phpSelf) && !empty($requestUri)) { // If PHP_SELF and REQUEST_URI are both populated then we will assume "Apache Mode". From 4b98121dcda96695cb5bc353bb432b829b20959a Mon Sep 17 00:00:00 2001 From: George Wilson Date: Sun, 21 Aug 2022 02:43:50 +0100 Subject: [PATCH 2/5] Test exception --- Tests/AbstractWebApplicationTest.php | 30 +++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/Tests/AbstractWebApplicationTest.php b/Tests/AbstractWebApplicationTest.php index 198d1303..fa2ec6c1 100644 --- a/Tests/AbstractWebApplicationTest.php +++ b/Tests/AbstractWebApplicationTest.php @@ -1407,7 +1407,7 @@ public function testGetBody() } /** - * @testdox Tests that the application correcty detects the request URI based on the injected data + * @testdox Tests that the application correctly detects the request URI based on the injected data * * @param string|null $https Value for $_SERVER['HTTPS'] or null to not set it * @param string $phpSelf Value for $_SERVER['PHP_SELF'] @@ -1453,6 +1453,34 @@ public function testDetectRequestUri( ); } + /** + * @testdox Tests that the application correctly detects the request URI based on the injected data + * + * @param string|null $https Value for $_SERVER['HTTPS'] or null to not set it + * @param string $phpSelf Value for $_SERVER['PHP_SELF'] + * @param string $requestUri Value for $_SERVER['REQUEST_URI'] + * @param string $httpHost Value for $_SERVER['HTTP_HOST'] + * @param string $scriptName Value for $_SERVER['SCRIPT_NAME'] + * @param string $queryString Value for $_SERVER['QUERY_STRING'] + * @param string $expects Expected full URI string + * + * @covers \Joomla\Application\AbstractWebApplication + * + * @backupGlobals enabled + */ + public function testDetectRequestUriException() + { + $this->expectException(\InvalidArgumentException::class); + $mockInput = new Input([]); + + $_SERVER['PHP_SELF'] = 'somthing/framework.php'; + $_SERVER['HTTP_HOST'] = ''; + $_SERVER['SCRIPT_NAME'] = 'somthing/framework.php'; + + $object = $this->getMockForAbstractClass(AbstractWebApplication::class, [$mockInput]); + + TestHelper::invoke($object, 'detectRequestUri'); + } /** * @testdox Tests the system URIs are correctly loaded when a URI is set in the application configuration * From a28f52ad0a6418b9fd14cd0756f4884f6aa9c208 Mon Sep 17 00:00:00 2001 From: George Wilson Date: Sun, 21 Aug 2022 02:45:07 +0100 Subject: [PATCH 3/5] improve exception message --- src/AbstractWebApplication.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/AbstractWebApplication.php b/src/AbstractWebApplication.php index 1f28196b..9658ed53 100644 --- a/src/AbstractWebApplication.php +++ b/src/AbstractWebApplication.php @@ -805,7 +805,7 @@ protected function detectRequestUri() if ($httpHost === null) { - throw new \InvalidArgumentException('Unable to parse the hostname from the request'); + throw new \InvalidArgumentException('Found an empty hostname when parsing the request'); } // First we need to detect the URI scheme. From 3cb5266e0b8010908fa9917869e4f7fdc4f994af Mon Sep 17 00:00:00 2001 From: George Wilson Date: Wed, 5 Jul 2023 14:51:01 +0100 Subject: [PATCH 4/5] Fix test header --- Tests/AbstractWebApplicationTest.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Tests/AbstractWebApplicationTest.php b/Tests/AbstractWebApplicationTest.php index fa2ec6c1..288cbae3 100644 --- a/Tests/AbstractWebApplicationTest.php +++ b/Tests/AbstractWebApplicationTest.php @@ -1454,7 +1454,7 @@ public function testDetectRequestUri( } /** - * @testdox Tests that the application correctly detects the request URI based on the injected data + * @testdox Tests that the application throws an exception when there isn't a valid HTTP host. * * @param string|null $https Value for $_SERVER['HTTPS'] or null to not set it * @param string $phpSelf Value for $_SERVER['PHP_SELF'] From fdfa6561e0f8e97664de7a83348ef326dad1c77a Mon Sep 17 00:00:00 2001 From: George Wilson Date: Wed, 5 Jul 2023 22:50:53 +0100 Subject: [PATCH 5/5] Codestyle --- src/AbstractWebApplication.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/src/AbstractWebApplication.php b/src/AbstractWebApplication.php index 9658ed53..6145408b 100644 --- a/src/AbstractWebApplication.php +++ b/src/AbstractWebApplication.php @@ -803,8 +803,7 @@ protected function detectRequestUri() */ $httpHost = $this->input->server->getString('HTTP_HOST'); - if ($httpHost === null) - { + if ($httpHost === null) { throw new \InvalidArgumentException('Found an empty hostname when parsing the request'); }