From 1ae2875352ecf9dee01f37ab861cdfc296ae3ec7 Mon Sep 17 00:00:00 2001
From: Noel Light-Hilary <n.light-hilary@comicrelief.com>
Date: Wed, 31 Jan 2018 14:30:01 +0000
Subject: [PATCH 1/2] GP-1173 - Check that Notification data is supplied as a
 string

---
 src/Omnipay/WorldpayCGHosted/Message/Notification.php | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/Omnipay/WorldpayCGHosted/Message/Notification.php b/src/Omnipay/WorldpayCGHosted/Message/Notification.php
index e09d0ea..b66a702 100644
--- a/src/Omnipay/WorldpayCGHosted/Message/Notification.php
+++ b/src/Omnipay/WorldpayCGHosted/Message/Notification.php
@@ -38,6 +38,10 @@ public function __construct($data, $notificationOriginIp)
             throw new InvalidResponseException();
         }
 
+        if (!is_string($data)) {
+            throw new InvalidResponseException('Data must be provided as a string');
+        }
+
         $responseDom = new DOMDocument;
         if (!@$responseDom->loadXML($data)) {
             throw new InvalidResponseException('Non-XML notification body received');

From 276ad13254800bc79c78113ac89ca8b33b1aab3a Mon Sep 17 00:00:00 2001
From: Noel Light-Hilary <n.light-hilary@comicrelief.com>
Date: Wed, 31 Jan 2018 15:17:08 +0000
Subject: [PATCH 2/2] GP-1173 - get mock bodies' contents only as string

---
 .../Message/NotificationTest.php              | 24 +++++++++----------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/tests/Omnipay/WorldpayCGHosted/Message/NotificationTest.php b/tests/Omnipay/WorldpayCGHosted/Message/NotificationTest.php
index 90eb981..1854f39 100644
--- a/tests/Omnipay/WorldpayCGHosted/Message/NotificationTest.php
+++ b/tests/Omnipay/WorldpayCGHosted/Message/NotificationTest.php
@@ -15,7 +15,7 @@ public function testAuthorisedValid()
         $http = $this->getMockHttpResponse('NotificationAuthorised.txt');
 
         $notification = new Notification(
-            $http->getBody(),
+            $http->getBody(true),
             self::ORIGIN_IP_VALID
         );
 
@@ -37,7 +37,7 @@ public function testSentForAuthorisationValid()
         $http = $this->getMockHttpResponse('NotificationSentForAuth.txt');
 
         $notification = new Notification(
-            $http->getBody(),
+            $http->getBody(true),
             self::ORIGIN_IP_VALID
         );
 
@@ -57,7 +57,7 @@ public function testAuthorisedFromBadIp()
         $http = $this->getMockHttpResponse('NotificationAuthorised.txt');
 
         $notification = new Notification(
-            $http->getBody(),
+            $http->getBody(true),
             self::ORIGIN_IP_BAD
         );
 
@@ -77,7 +77,7 @@ public function testAuthorisedFromInvalidIp()
         $http = $this->getMockHttpResponse('NotificationAuthorised.txt');
 
         $notification = new Notification(
-            $http->getBody(),
+            $http->getBody(true),
             'not-a-real-ip'
         );
 
@@ -97,7 +97,7 @@ public function testAuthorisedFromMissingIp()
         $http = $this->getMockHttpResponse('NotificationAuthorised.txt');
 
         $notification = new Notification(
-            $http->getBody(),
+            $http->getBody(true),
             '' // no origin IP
         );
 
@@ -120,7 +120,7 @@ public function testAuthorisedMissingOrderCode()
         $http = $this->getMockHttpResponse('NotificationAuthorisedMissingOrderCode.txt');
 
         $notification = new Notification(
-            $http->getBody(),
+            $http->getBody(true),
             self::ORIGIN_IP_VALID
         );
 
@@ -143,7 +143,7 @@ public function testCaptured()
         $http = $this->getMockHttpResponse('NotificationCaptured.txt');
 
         $notification = new Notification(
-            $http->getBody(),
+            $http->getBody(true),
             self::ORIGIN_IP_VALID
         );
 
@@ -163,7 +163,7 @@ public function testRefused()
         $http = $this->getMockHttpResponse('NotificationRefused.txt');
 
         $notification = new Notification(
-            $http->getBody(),
+            $http->getBody(true),
             self::ORIGIN_IP_VALID
         );
 
@@ -183,7 +183,7 @@ public function testCancelled()
         $http = $this->getMockHttpResponse('NotificationCancelled.txt');
 
         $notification = new Notification(
-            $http->getBody(),
+            $http->getBody(true),
             self::ORIGIN_IP_VALID
         );
 
@@ -203,7 +203,7 @@ public function testRefundRequest()
         $http = $this->getMockHttpResponse('NotificationRefundRequest.txt');
 
         $notification = new Notification(
-            $http->getBody(),
+            $http->getBody(true),
             self::ORIGIN_IP_VALID
         );
 
@@ -226,7 +226,7 @@ public function testNonXmlResponse()
     {
         $http = $this->getMockHttpResponse('NotificationNonXml.txt');
         new Notification(
-            $http->getBody(),
+            $http->getBody(true),
             self::ORIGIN_IP_VALID
         );
     }
@@ -235,7 +235,7 @@ public function testUnexpectedXmlBody()
     {
         $http = $this->getMockHttpResponse('NotificationUnexpectedXml.txt');
         $notification = new Notification(
-            $http->getBody(),
+            $http->getBody(true),
             self::ORIGIN_IP_VALID
         );