public function getRedirect($urlString, $stayLocal = true, $preserveHttps = true) { /** * Check that the URL has the correct format expected of a valid HTTP * or HTTPS URL. If so, normalize the URL. */ $valid = false; $url = new Uri(); try { $url->parse($urlString); if ($url->isValid() && $url->isAbsolute()) { $url->normalize(); $valid = true; } } catch (\Exception $e) { } if (false === $valid) { throw new Exception\InvalidArgumentException("Given value was not a valid absolute HTTP(S) URL: " . $url); } /** * Make sure we don't redirect from HTTPS to HTTP unless flagged by * the user. Using a Strict-Transport-Security header helps too! */ if (true === (bool) $preserveHttps && HttpsDetector::isHttpsRequest()) { if (!$this->isHttps($url)) { throw new Exception\InvalidArgumentException("Given value was not a HTTPS URL as expected: " . $url); } } /** * Check if the URL meets the local host restriction unless disabled */ if (true === $stayLocal && !$this->isLocal($url)) { throw new Exception\InvalidArgumentException("Given value was not a local HTTP(S) URL: " . $url); } /** * Check if the URL host exists on a whitelist of allowed hosts */ $whitelist = $this->getWhitelist(); if (!empty($whitelist) && !$this->isWhitelisted($url)) { throw new Exception\InvalidArgumentException("Given value was not a whitelisted URL as expected: " . $url); } /** * Get URL string after URL encoding checks and return a Location header * object. */ $header = new Header\Location(array('url' => $url->toString(), 'status_code' => 302)); return $header; }
/** * Test normalizing URLs * * @param string $orig * @param string $expected * @dataProvider normalizedUrlsProvider */ public function testNormalizeUrl($orig, $expected) { $url = new Uri($orig); $this->assertEquals($expected, $url->normalize()->toString()); }
/** * @return Uri */ public function normalize() { parent::normalize(); $this->fragment = static::normalizeFragment($this->fragment); if (!$this->isAbsolute() && !$this->path && !$this->query && null === $this->fragment) { $this->fragment = ''; } return $this; }
/** * Normalize the URI * * @return \Zend\Uri\Uri */ public function normalize() { $this->uri->normalize(); return $this; }