Exemplo n.º 1
0
 public function testDetectorWorksWithServerPortSetTo443()
 {
     $_SERVER['SERVER_PORT'] = 443;
     $this->assertTrue(HttpsDetector::isHttpsRequest());
     $_SERVER['SERVER_PORT'] = 80;
     $this->assertFalse(HttpsDetector::isHttpsRequest());
     $_SERVER['SERVER_PORT'] = 8080;
     $this->assertFalse(HttpsDetector::isHttpsRequest());
 }
Exemplo n.º 2
0
 public function getRedirect($urlString, $stayLocal = true, $preserveHttps = true)
 {
     /**
      * Check that the URL has the correct format expected of a valid HTTP
      * or HTTPS URL. If so, normalize the URL.
      */
     $valid = false;
     $url = new Uri();
     try {
         $url->parse($urlString);
         if ($url->isValid() && $url->isAbsolute()) {
             $url->normalize();
             $valid = true;
         }
     } catch (\Exception $e) {
     }
     if (false === $valid) {
         throw new Exception\InvalidArgumentException("Given value was not a valid absolute HTTP(S) URL: " . $url);
     }
     /**
      * Make sure we don't redirect from HTTPS to HTTP unless flagged by
      * the user. Using a Strict-Transport-Security header helps too!
      */
     if (true === (bool) $preserveHttps && HttpsDetector::isHttpsRequest()) {
         if (!$this->isHttps($url)) {
             throw new Exception\InvalidArgumentException("Given value was not a HTTPS URL as expected: " . $url);
         }
     }
     /**
      * Check if the URL meets the local host restriction unless disabled
      */
     if (true === $stayLocal && !$this->isLocal($url)) {
         throw new Exception\InvalidArgumentException("Given value was not a local HTTP(S) URL: " . $url);
     }
     /**
      * Check if the URL host exists on a whitelist of allowed hosts
      */
     $whitelist = $this->getWhitelist();
     if (!empty($whitelist) && !$this->isWhitelisted($url)) {
         throw new Exception\InvalidArgumentException("Given value was not a whitelisted URL as expected: " . $url);
     }
     /**
      * Get URL string after URL encoding checks and return a Location header
      * object.
      */
     $header = new Header\Location(array('url' => $url->toString(), 'status_code' => 302));
     return $header;
 }
Exemplo n.º 3
0
 protected function isHttpsRequest()
 {
     return HttpsDetector::isHttpsRequest();
 }