diff options
author | Thomas Steur <thomas.steur@googlemail.com> | 2014-09-13 17:21:46 +0400 |
---|---|---|
committer | Thomas Steur <thomas.steur@googlemail.com> | 2014-09-13 17:21:46 +0400 |
commit | 0f12cc9a8725636c04fdfc42bc576f337b8ec2f8 (patch) | |
tree | 560a9de9c5d01888ae26e04b7713aaafb7a4c841 /tests/PHPUnit/Core | |
parent | 92e2aa09d8c787d463b38fb404fd0da75dddc0b6 (diff) |
refs #4996 allow redirects to subdomains of known hosts
Diffstat (limited to 'tests/PHPUnit/Core')
-rw-r--r-- | tests/PHPUnit/Core/UrlTest.php | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/tests/PHPUnit/Core/UrlTest.php b/tests/PHPUnit/Core/UrlTest.php index 2620b9a5c9..c77907ee04 100644 --- a/tests/PHPUnit/Core/UrlTest.php +++ b/tests/PHPUnit/Core/UrlTest.php @@ -320,12 +320,17 @@ class UrlTest extends PHPUnit_Framework_TestCase array(false, 'http://', array()), array(false, 'example.com', array()), array(false, 'www.example.com', array()), - array(false, 'example.com', array('www.example.com')), - array(false, 'example.com', array('http://www.example.com')), + array(false, 'example.com', array('www.example.com')), // not a domain so no "host" array(true, 'example.com', array('example.com')), array(true, 'eXamPle.com', array('exaMple.com')), array(true, 'eXamPle.com', array('http://exaMple.com')), - array(true, 'example.com', array('http://example.com/test')), + array(true, 'eXamPle.com', array('http://piwik.org', 'http://www.exaMple.com', 'http://exaMple.com')), // multiple urls one or more are valid but not first one + array(true, 'example.com', array('http://example.com/test')), // url with path but correct host + array(true, 'example.com', array('http://www.example.com')), // subdomains are allowed + array(false, 'example.com', array('http://wwwexample.com')), // it should not be possible to create a similar host and make redirects work again. we allow only subdomains + array(true, 'example.com', array('http://ftp.exAmple.com/test')), + array(true, 'example.com', array('http://www.exAmple.com/test')), + array(false, 'ftp.example.com', array('http://www.example.com/test')), array(true, '127.0.0.1', array()), // always trusted host ); } |