Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixes session active detection on force_https function and add more test CodeIgniter::forceSecureAccess() run force_https() #2871

Merged
merged 9 commits into from
Apr 27, 2020
Merged

Fixes session active detection on force_https function and add more test CodeIgniter::forceSecureAccess() run force_https() #2871

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
3636585
add more test CodeIgniter::forceSecureAccess() run force_https()
samsonasik Apr 23, 2020
7a56b33
move ignore coverage on before and after exit
samsonasik Apr 23, 2020
a37a56d
Fix session status check
samsonasik Apr 23, 2020
ee7624b
add test for force_https() null request and response will create on t…
samsonasik Apr 23, 2020
d4be3c3
ignore coverage for session regenerate test on force_https
samsonasik Apr 23, 2020
96f2308
test force https null request and response assertion
samsonasik Apr 23, 2020
10f1624
test assert header Location before and after force_https called
samsonasik Apr 23, 2020
4a881a9
clean up response var redefinition in test force secure
samsonasik Apr 23, 2020
529a4c8
using @runInSeparateProcess & @preserveGlobalState disabled for test…
samsonasik Apr 23, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
21 changes: 11 additions & 10 deletions system/Common.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -387,10 +387,7 @@ function esc($data, string $context = 'html', string $encoding = null)
* @param RequestInterface $request
* @param ResponseInterface $response
*
* Not testable, as it will exit!
*
* @throws \CodeIgniter\HTTP\Exceptions\HTTPException
* @codeCoverageIgnore
* @throws \CodeIgniter\HTTP\Exceptions\HTTPException
*/
function force_https(int $duration = 31536000, RequestInterface $request = null, ResponseInterface $response = null)
{
Expand All @@ -403,14 +400,14 @@ function force_https(int $duration = 31536000, RequestInterface $request = null,
$response = Services::response(null, true);
}

if (is_cli() || $request->isSecure())
if (ENVIRONMENT !== 'testing' && (is_cli() || $request->isSecure()))
{
return;
}
// @codeCoverageIgnoreStart
// If the session library is loaded, we should regenerate

// If the session status is active, we should regenerate
// the session ID for safety sake.
if (class_exists('Session', false))
if (session_status() === PHP_SESSION_ACTIVE)
samsonasik marked this conversation as resolved.
Show resolved Hide resolved
{
Services::session(null, true)
->regenerate();
Expand All @@ -433,8 +430,12 @@ function force_https(int $duration = 31536000, RequestInterface $request = null,
$response->redirect($uri);
$response->sendHeaders();

exit();
// @codeCoverageIgnoreEnd
if (ENVIRONMENT !== 'testing')
{
// @codeCoverageIgnoreStart
exit();
// @codeCoverageIgnoreEnd
}
}
}

Expand Down
22 changes: 22 additions & 0 deletions tests/system/CodeIgniterTest.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -273,4 +273,26 @@ public function testIgnoringErrorSuppressedByAt()

$this->assertStringContainsString('Welcome to CodeIgniter', $output);
}

//--------------------------------------------------------------------

public function testRunForceSecure()
{
$_SERVER['argv'] = [
'index.php',
'/',
];
$_SERVER['argc'] = 2;

$config = new App();
$config->forceGlobalSecureRequests = true;
$codeigniter = new MockCodeIgniter($config);

ob_start();
$codeigniter->useSafeOutput(true)->run();
$output = ob_get_clean();

$response = $this->getPrivateProperty($codeigniter, 'response');
$this->assertEquals('https://example.com', $response->getHeader('Location')->getValue());
}
}