diff --git a/src/Omnipay/WorldpayCGHosted/Message/Notification.php b/src/Omnipay/WorldpayCGHosted/Message/Notification.php index e09d0ea..b66a702 100644 --- a/src/Omnipay/WorldpayCGHosted/Message/Notification.php +++ b/src/Omnipay/WorldpayCGHosted/Message/Notification.php @@ -38,6 +38,10 @@ public function __construct($data, $notificationOriginIp) throw new InvalidResponseException(); } + if (!is_string($data)) { + throw new InvalidResponseException('Data must be provided as a string'); + } + $responseDom = new DOMDocument; if (!@$responseDom->loadXML($data)) { throw new InvalidResponseException('Non-XML notification body received'); diff --git a/tests/Omnipay/WorldpayCGHosted/Message/NotificationTest.php b/tests/Omnipay/WorldpayCGHosted/Message/NotificationTest.php index 90eb981..1854f39 100644 --- a/tests/Omnipay/WorldpayCGHosted/Message/NotificationTest.php +++ b/tests/Omnipay/WorldpayCGHosted/Message/NotificationTest.php @@ -15,7 +15,7 @@ public function testAuthorisedValid() $http = $this->getMockHttpResponse('NotificationAuthorised.txt'); $notification = new Notification( - $http->getBody(), + $http->getBody(true), self::ORIGIN_IP_VALID ); @@ -37,7 +37,7 @@ public function testSentForAuthorisationValid() $http = $this->getMockHttpResponse('NotificationSentForAuth.txt'); $notification = new Notification( - $http->getBody(), + $http->getBody(true), self::ORIGIN_IP_VALID ); @@ -57,7 +57,7 @@ public function testAuthorisedFromBadIp() $http = $this->getMockHttpResponse('NotificationAuthorised.txt'); $notification = new Notification( - $http->getBody(), + $http->getBody(true), self::ORIGIN_IP_BAD ); @@ -77,7 +77,7 @@ public function testAuthorisedFromInvalidIp() $http = $this->getMockHttpResponse('NotificationAuthorised.txt'); $notification = new Notification( - $http->getBody(), + $http->getBody(true), 'not-a-real-ip' ); @@ -97,7 +97,7 @@ public function testAuthorisedFromMissingIp() $http = $this->getMockHttpResponse('NotificationAuthorised.txt'); $notification = new Notification( - $http->getBody(), + $http->getBody(true), '' // no origin IP ); @@ -120,7 +120,7 @@ public function testAuthorisedMissingOrderCode() $http = $this->getMockHttpResponse('NotificationAuthorisedMissingOrderCode.txt'); $notification = new Notification( - $http->getBody(), + $http->getBody(true), self::ORIGIN_IP_VALID ); @@ -143,7 +143,7 @@ public function testCaptured() $http = $this->getMockHttpResponse('NotificationCaptured.txt'); $notification = new Notification( - $http->getBody(), + $http->getBody(true), self::ORIGIN_IP_VALID ); @@ -163,7 +163,7 @@ public function testRefused() $http = $this->getMockHttpResponse('NotificationRefused.txt'); $notification = new Notification( - $http->getBody(), + $http->getBody(true), self::ORIGIN_IP_VALID ); @@ -183,7 +183,7 @@ public function testCancelled() $http = $this->getMockHttpResponse('NotificationCancelled.txt'); $notification = new Notification( - $http->getBody(), + $http->getBody(true), self::ORIGIN_IP_VALID ); @@ -203,7 +203,7 @@ public function testRefundRequest() $http = $this->getMockHttpResponse('NotificationRefundRequest.txt'); $notification = new Notification( - $http->getBody(), + $http->getBody(true), self::ORIGIN_IP_VALID ); @@ -226,7 +226,7 @@ public function testNonXmlResponse() { $http = $this->getMockHttpResponse('NotificationNonXml.txt'); new Notification( - $http->getBody(), + $http->getBody(true), self::ORIGIN_IP_VALID ); } @@ -235,7 +235,7 @@ public function testUnexpectedXmlBody() { $http = $this->getMockHttpResponse('NotificationUnexpectedXml.txt'); $notification = new Notification( - $http->getBody(), + $http->getBody(true), self::ORIGIN_IP_VALID );