cacert-testmgr/external/ZendFramework-1.9.5/tests/Zend/Http/CookieTest.php

557 lines
20 KiB
PHP
Raw Permalink Normal View History

<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Http_Cookie
* @subpackage UnitTests
* @copyright Copyright (c) 2005-2009 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
* @version $Id: CookieTest.php 17556 2009-08-11 16:19:57Z shahar $
*/
require_once dirname(__FILE__) . '/../../TestHelper.php';
require_once 'Zend/Http/Cookie.php';
/**
* Zend_Http_Cookie unit tests
*
* @category Zend
* @package Zend_Http_Cookie
* @subpackage UnitTests
* @copyright Copyright (c) 2005-2009 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
* @group Zend_Http
* @group Zend_Http_Cookie
*/
class Zend_Http_CookieTest extends PHPUnit_Framework_TestCase
{
/**
* Cookie creation and data accessors tests
*/
/**
* Make sure we can't set invalid names
*
* @dataProvider invalidCookieNameCharProvider
* @expectedException Zend_Http_Exception
*/
public function testSetInvalidName($char)
{
$cookie = new Zend_Http_Cookie("cookie_$char", 'foo', 'example.com');
}
/**
* Test we get the cookie name properly
*
* @dataProvider validCookieWithInfoProvider
*/
public function testGetName($cStr, $cInfo)
{
$cookie = Zend_Http_Cookie::fromString($cStr);
if (! $cookie instanceof Zend_Http_Cookie) {
$this->fail("Failed creating a cookie object from '$cStr'");
}
if (isset($cInfo['name'])) {
$this->assertEquals($cInfo['name'], $cookie->getName());
}
}
/**
* Make sure we get the correct value if it was set through the constructor
*
* @param string $value
* @dataProvider validCookieValueProvider
*/
public function testGetValueConstructor($val)
{
$cookie = new Zend_Http_Cookie('cookie', $val, 'example.com', time(), '/', true);
$this->assertEquals($val, $cookie->getValue());
}
/**
* Make sure we get the correct value if it was set through fromString()
*
* @param string $value
* @dataProvider validCookieValueProvider
*/
public function testGetValueFromString($val)
{
$cookie = Zend_Http_Cookie::fromString('cookie=' . urlencode($val) . '; domain=example.com');
$this->assertEquals($val, $cookie->getValue());
}
/**
* Make sure we get the correct domain when it's set in the cookie string
*
* @dataProvider validCookieWithInfoProvider
*/
public function testGetDomainInStr($cStr, $cInfo)
{
$cookie = Zend_Http_Cookie::fromString($cStr);
if (! $cookie instanceof Zend_Http_Cookie) {
$this->fail("Failed creating a cookie object from '$cStr'");
}
if (isset($cInfo['domain'])) {
$this->assertEquals($cInfo['domain'], $cookie->getDomain());
}
}
/**
* Make sure we get the correct domain when it's set in a reference URL
*
* @dataProvider refUrlProvider
*/
public function testGetDomainInRefUrl(Zend_Uri $uri)
{
$domain = $uri->getHost();
$cookie = Zend_Http_Cookie::fromString('foo=baz; path=/', 'http://' . $domain);
if (! $cookie instanceof Zend_Http_Cookie) {
$this->fail("Failed creating a cookie object with URL '$uri'");
}
$this->assertEquals($domain, $cookie->getDomain());
}
/**
* Make sure we get the correct path when it's set in the cookie string
*
* @dataProvider validCookieWithInfoProvider
*/
public function testGetPathInStr($cStr, $cInfo)
{
$cookie = Zend_Http_Cookie::fromString($cStr);
if (! $cookie instanceof Zend_Http_Cookie) {
$this->fail("Failed creating a cookie object from '$cStr'");
}
if (isset($cInfo['path'])) {
$this->assertEquals($cInfo['path'], $cookie->getPath());
}
}
/**
* Make sure we get the correct path when it's set a reference URL
*
* @dataProvider refUrlProvider
*/
public function testGetPathInRefUrl(Zend_Uri $uri)
{
$path = $uri->getPath();
if (substr($path, -1, 1) == '/') $path .= 'x';
$path = dirname($path);
$cookie = Zend_Http_Cookie::fromString('foo=bar', (string) $uri);
if (! $cookie instanceof Zend_Http_Cookie) {
$this->fail("Failed creating a cookie object with URL '$uri'");
}
$this->assertEquals($path, $cookie->getPath());
}
/**
* Test we get the correct expiry time
*
* @dataProvider validCookieWithInfoProvider
*/
public function testGetExpiryTime($cStr, $cInfo)
{
$cookie = Zend_Http_Cookie::fromString($cStr);
if (! $cookie instanceof Zend_Http_Cookie) {
$this->fail("Failed creating a cookie object from '$cStr'");
}
if (isset($cInfo['expires'])) {
$this->assertEquals($cInfo['expires'], $cookie->getExpiryTime());
}
}
/**
* Make sure the "is secure" flag is correctly set
*
* @dataProvider validCookieWithInfoProvider
*/
public function testIsSecure($cStr, $cInfo)
{
$cookie = Zend_Http_Cookie::fromString($cStr);
if (! $cookie instanceof Zend_Http_Cookie) {
$this->fail("Failed creating a cookie object from '$cStr'");
}
if (isset($cInfo['secure'])) {
$this->assertEquals($cInfo['secure'], $cookie->isSecure());
}
}
/**
* Cookie expiry time tests
*/
/**
* Make sure we get the correct value for 'isExpired'
*
* @dataProvider cookieWithExpiredFlagProvider
*/
public function testIsExpired($cStr, $expired)
{
$cookie = Zend_Http_Cookie::fromString($cStr);
if (! $cookie) {
$this->fail("Failed creating a cookie object from '$cStr'");
}
$this->assertEquals($expired, $cookie->isExpired());
}
/**
* Make sure we get the correct value for 'isExpired', when time is manually set
*/
public function testIsExpiredDifferentTime()
{
$notexpired = time() + 3600;
$expired = time() - 3600;
$now = time() + 7200;
$cookies = array(
'cookie=foo; domain=example.com; expires=' . date(DATE_COOKIE, $notexpired),
'cookie=foo; domain=example.com; expires=' . date(DATE_COOKIE, $expired)
);
// Make sure all cookies are expired
foreach ($cookies as $cstr) {
$cookie = Zend_Http_Cookie::fromString($cstr);
if (! $cookie) $this->fail('Got no cookie object from a valid cookie string');
$this->assertTrue($cookie->isExpired($now), 'Cookie is expected to be expired');
}
// Make sure all cookies are not expired
$now = time() - 7200;
foreach ($cookies as $cstr) {
$cookie = Zend_Http_Cookie::fromString($cstr);
if (! $cookie) $this->fail('Got no cookie object from a valid cookie string');
$this->assertFalse($cookie->isExpired($now), 'Cookie is expected not to be expired');
}
}
/**
* Test we can properly check if a cookie is a session cookie (has no expiry time)
*
* @dataProvider validCookieWithInfoProvider
*/
public function testIsSessionCookie($cStr, $cInfo)
{
$cookie = Zend_Http_Cookie::fromString($cStr);
if (! $cookie instanceof Zend_Http_Cookie) {
$this->fail("Failed creating a cookie object from '$cStr'");
}
if (array_key_exists('expires', $cInfo)) {
$this->assertEquals(($cInfo['expires'] === null), $cookie->isSessionCookie());
}
}
/**
* Make sure cookies are properly converted back to strings
*
* @dataProvider validCookieWithInfoProvider
*/
public function testToString($cStr, $cInfo)
{
$cookie = Zend_Http_Cookie::fromString($cStr);
if (! $cookie instanceof Zend_Http_Cookie) {
$this->fail("Failed creating a cookie object from '$cStr'");
}
$expected = substr($cStr, 0, strpos($cStr, ';') + 1);
$this->assertEquals($expected, (string) $cookie);
}
public function testGarbageInStrIsIgnored()
{
$cookies = array(
'name=value; domain=foo.com; silly=place; secure',
'foo=value; someCrap; secure; domain=foo.com; ',
'anothercookie=value; secure; has some crap; ignore=me; domain=foo.com; '
);
foreach ($cookies as $cstr) {
$cookie = Zend_Http_Cookie::fromString($cstr);
if (! $cookie) $this->fail('Got no cookie object from a valid cookie string');
$this->assertEquals('value', $cookie->getValue(), 'Value is not as expected');
$this->assertEquals('foo.com', $cookie->getDomain(), 'Domain is not as expected');
$this->assertTrue($cookie->isSecure(), 'Cookie is expected to be secure');
}
}
/**
* Test the match() method against a domain
*
* @dataProvider domainMatchTestProvider
*/
public function testMatchDomain($cookieStr, $uri, $match)
{
$cookie = Zend_Http_Cookie::fromString($cookieStr);
$this->assertEquals($match, $cookie->match($uri));
}
static public function domainMatchTestProvider()
{
$uri = Zend_Uri::factory('http://www.foo.com/some/file.txt');
return array(
array('foo=bar; domain=.example.com;', 'http://www.example.com/foo/bar.php', true),
array('foo=bar; domain=.example.com;', 'http://example.com/foo/bar.php', true),
array('foo=bar; domain=.example.com;', 'http://www.somexample.com/foo/bar.php', false),
array('foo=bar; domain=example.com;', 'http://www.somexample.com/foo/bar.php', false),
array('cookie=value; domain=www.foo.com', $uri, true),
array('cookie=value; domain=www.foo.com', 'http://il.www.foo.com', true),
array('cookie=value; domain=www.foo.com', 'http://bar.foo.com', false)
);
}
/**
* Test the match() method against a domain
*
*/
public function testMatchPath()
{
$cookie = Zend_Http_Cookie::fromString('foo=bar; domain=.example.com; path=/foo');
$this->assertTrue($cookie->match('http://www.example.com/foo/bar.php'), 'Cookie expected to match, but didn\'t');
$this->assertFalse($cookie->match('http://www.example.com/bar.php'), 'Cookie expected not to match, but did');
$cookie = Zend_Http_Cookie::fromString('cookie=value; domain=www.foo.com; path=/some/long/path');
$this->assertTrue($cookie->match('http://www.foo.com/some/long/path/file.txt'), 'Cookie expected to match, but didn\'t');
$this->assertTrue($cookie->match('http://www.foo.com/some/long/path/and/even/more'), 'Cookie expected to match, but didn\'t');
$this->assertFalse($cookie->match('http://www.foo.com/some/long/file.txt'), 'Cookie expected not to match, but did');
$this->assertFalse($cookie->match('http://www.foo.com/some/different/path/file.txt'), 'Cookie expected not to match, but did');
}
/**
* Test the match() method against secure / non secure connections
*
*/
public function testMatchSecure()
{
// A non secure cookie, should match both
$cookie = Zend_Http_Cookie::fromString('foo=bar; domain=.example.com;');
$this->assertTrue($cookie->match('http://www.example.com/foo/bar.php'), 'Cookie expected to match, but didn\'t');
$this->assertTrue($cookie->match('https://www.example.com/bar.php'), 'Cookie expected to match, but didn\'t');
// A secure cookie, should match secure connections only
$cookie = Zend_Http_Cookie::fromString('foo=bar; domain=.example.com; secure');
$this->assertFalse($cookie->match('http://www.example.com/foo/bar.php'), 'Cookie expected not to match, but it did');
$this->assertTrue($cookie->match('https://www.example.com/bar.php'), 'Cookie expected to match, but didn\'t');
}
/**
* Test the match() method against different expiry times
*
*/
public function testMatchExpire()
{
// A session cookie - should always be valid
$cookie = Zend_Http_Cookie::fromString('foo=bar; domain=.example.com;');
$this->assertTrue($cookie->match('http://www.example.com/'), 'Cookie expected to match, but didn\'t');
$this->assertTrue($cookie->match('http://www.example.com/', true, time() + 3600), 'Cookie expected to match, but didn\'t');
// A session cookie, should not match
$this->assertFalse($cookie->match('https://www.example.com/', false), 'Cookie expected not to match, but it did');
$this->assertFalse($cookie->match('https://www.example.com/', false, time() - 3600), 'Cookie expected not to match, but it did');
// A cookie with expiry time in the future
$cookie = Zend_Http_Cookie::fromString('foo=bar; domain=.example.com; expires=' . date(DATE_COOKIE, time() + 3600));
$this->assertTrue($cookie->match('http://www.example.com/'), 'Cookie expected to match, but didn\'t');
$this->assertFalse($cookie->match('https://www.example.com/', true, time() + 7200), 'Cookie expected not to match, but it did');
// A cookie with expiry time in the past
$cookie = Zend_Http_Cookie::fromString('foo=bar; domain=.example.com; expires=' . date(DATE_COOKIE, time() - 3600));
$this->assertFalse($cookie->match('http://www.example.com/'), 'Cookie expected not to match, but it did');
$this->assertTrue($cookie->match('https://www.example.com/', true, time() - 7200), 'Cookie expected to match, but didn\'t');
}
public function testFromStringFalse()
{
$cookie = Zend_Http_Cookie::fromString('foo; domain=www.exmaple.com');
$this->assertEquals(false, $cookie, 'fromString was expected to fail and return false');
$cookie = Zend_Http_Cookie::fromString('=bar; secure; domain=foo.nl');
$this->assertEquals(false, $cookie, 'fromString was expected to fail and return false');
$cookie = Zend_Http_Cookie::fromString('fo;o=bar; secure; domain=foo.nl');
$this->assertEquals(false, $cookie, 'fromString was expected to fail and return false');
}
/**
* Test that cookies with far future expiry date (beyond the 32 bit unsigned int range) are
* not mistakenly marked as 'expired'
*
* @link http://framework.zend.com/issues/browse/ZF-5690
*/
public function testZF5690OverflowingExpiryDate()
{
$expTime = "Sat, 29-Jan-2039 00:54:42 GMT";
$cookie = Zend_Http_Cookie::fromString("foo=bar; domain=.example.com; expires=$expTime");
$this->assertFalse($cookie->isExpired(), 'Expiry: ' . $cookie->getExpiryTime());
}
/**
* Data Providers
*/
/**
* Provide characters which are invalid in cookie names
*
* @return array
*/
static public function invalidCookieNameCharProvider()
{
return array(
array("="),
array(","),
array(";"),
array("\t"),
array("\r"),
array("\n"),
array("\013"),
array("\014")
);
}
/**
* Provide valid cookie values
*
* @return array
*/
static public function validCookieValueProvider()
{
return array(
array('simpleCookie'),
array('space cookie'),
array('!@#$%^*&()* ][{}?;'),
array("line\n\rbreaks"),
// Long cookie value - 2kb
array(str_repeat(md5(time()), 64))
);
}
/**
* Provider of valid reference URLs to be used for creating cookies
*
* @return array
*/
static public function refUrlProvider()
{
return array(
array(Zend_Uri::factory('http://example.com/')),
array(Zend_Uri::factory('http://www.example.com/foo/bar/')),
array(Zend_Uri::factory('http://some.really.deep.domain.com')),
array(Zend_Uri::factory('http://localhost/path/to/very/deep/file.php')),
array(Zend_Uri::factory('http://arr.gr/some%20path/text%2Ffile'))
);
}
/**
* Provide valid cookie strings with information about them
*
* @return array
*/
static public function validCookieWithInfoProvider()
{
$now = time();
$yesterday = $now - (3600 * 24);
return array(
array(
'justacookie=foo; domain=example.com',
array(
'name' => 'justacookie',
'domain' => 'example.com',
'path' => '/',
'expires' => null,
'secure' => false
)
),
array(
'expires=tomorrow; secure; path=/Space Out/; expires=Tue, 21-Nov-2006 08:33:44 GMT; domain=.example.com',
array(
'name' => 'expires',
'domain' => '.example.com',
'path' => '/Space Out/',
'expires' => strtotime('Tue, 21-Nov-2006 08:33:44 GMT'),
'secure' => true
)
),
array(
'domain=unittests; expires=' . date(DATE_COOKIE, $now) . '; domain=example.com; path=/some%20value/',
array(
'name' => 'domain',
'domain' => 'example.com',
'path' => '/some%20value/',
'expires' => $now,
'secure' => false,
)
),
array(
'path=indexAction; path=/; domain=.foo.com; expires=' . date(DATE_COOKIE, $yesterday),
array(
'name' => 'path',
'domain' => '.foo.com',
'path' => '/',
'expires' => $yesterday,
'secure' => false
)
),
array(
'secure=sha1; secure; SECURE; domain=some.really.deep.domain.com',
array(
'name' => 'secure',
'domain' => 'some.really.deep.domain.com',
'path' => '/',
'expires' => null,
'secure' => true
)
),
array(
'PHPSESSID=123456789+abcd%2Cef; secure; domain=.localdomain; path=/foo/baz; expires=Tue, 21-Nov-2006 08:33:44 GMT;',
array(
'name' => 'PHPSESSID',
'domain' => '.localdomain',
'path' => '/foo/baz',
'expires' => strtotime('Tue, 21-Nov-2006 08:33:44 GMT'),
'secure' => true
)
),
);
}
/**
* Cookie with 'expired' flag, used to test if Cookie->isExpired()
*
* @return array
*/
public static function cookieWithExpiredFlagProvider()
{
return array(
array('cookie=foo;domain=example.com;expires=' . date(DATE_COOKIE, time() + 12 * 3600), false),
array('cookie=foo;domain=example.com;expires=' . date(DATE_COOKIE, time() - 15), true),
array('cookie=foo;domain=example.com;', false),
array('cookie=foo;domain=example.com;expires=Fri, 01-Mar-2109 00:19:21 GMT', false),
array('cookie=foo;domain=example.com;expires=Fri, 06-Jun-1966 00:19:21 GMT', true),
);
}
}