Deprecate Network::unparseURL in favor of UriInterfact objects

- Added specific test for Probe::cleanURI
This commit is contained in:
Hypolite Petovan 2021-12-02 07:53:14 -05:00
parent e76c754de4
commit d05d2a348b
3 changed files with 52 additions and 20 deletions

View File

@ -44,6 +44,7 @@ use Friendica\Util\DateTimeFormat;
use Friendica\Util\Network;
use Friendica\Util\Strings;
use Friendica\Util\XML;
use GuzzleHttp\Psr7\Uri;
/**
* This class contain functions for probing URL
@ -58,26 +59,23 @@ class Probe
/**
* Remove stuff from an URI that doesn't belong there
*
* @param string $URI
* @param string $rawUri
* @return string Cleaned URI
*/
public static function cleanURI(string $URI)
public static function cleanURI(string $rawUri): string
{
// At first remove leading and trailing junk
$URI = trim($URI, "@#?:/ \t\n\r\0\x0B");
$rawUri = trim($rawUri, "@#?:/ \t\n\r\0\x0B");
$parts = parse_url($URI);
if (empty($parts['scheme'])) {
return $URI;
$uri = new Uri($rawUri);
if (!$uri->getScheme()) {
return $uri->__toString();
}
// Remove the URL fragment, since these shouldn't be part of any profile URL
unset($parts['fragment']);
$uri = $uri->withFragment('');
$URI = Network::unparseURL($parts);
return $URI;
return $uri->__toString();
}
/**

View File

@ -435,7 +435,8 @@ class Network
*
* @param array $parsed URL parts
*
* @return string The glued URL
* @return string The glued URL.
* @deprecated since version 2021.12, use a UriInterface object like GuzzleHttp\Psr7\Uri instead
*/
public static function unparseURL(array $parsed)
{

View File

@ -117,12 +117,48 @@ class ProbeTest extends FixtureTest
}
}
public function dataUri()
public function dataCleanUri(): array
{
return [
'@-first' => [
'uri' => '@Artists4Future_Muenchen@climatejustice.global',
'assertUri' => 'Artists4Future_Muenchen@climatejustice.global',
'expected' => 'Artists4Future_Muenchen@climatejustice.global',
'uri' => '@Artists4Future_Muenchen@climatejustice.global',
],
'no-scheme-no-fragment' => [
'expected' => 'example.com/path?arg=value',
'uri' => 'example.com/path?arg=value',
],
/* This case makes little sense, both in our expectation of receiving it in any context and in the way we
* do not change it in Probe::cleanUri, but it doesn't seem to be the source of any terrible security hole.
*/
'no-scheme-fragment' => [
'expected' => 'example.com/path?arg=value#fragment',
'uri' => 'example.com/path?arg=value#fragment',
],
'scheme-no-fragment' => [
'expected' => 'https://example.com/path?arg=value',
'uri' => 'https://example.com/path?arg=value#fragment',
],
'scheme-fragment' => [
'expected' => 'https://example.com/path?arg=value',
'uri' => 'https://example.com/path?arg=value#fragment',
],
];
}
/**
* @dataProvider dataCleanUri
*/
public function testCleanUri(string $expected, string $uri)
{
self::assertEquals($expected, Probe::cleanURI($uri));
}
public function dataUri(): array
{
return [
'Artists4Future_Muenchen@climatejustice.global' => [
'uri' => 'Artists4Future_Muenchen@climatejustice.global',
'assertInfos' => [
'name' => 'Artists4Future München',
'nick' => 'Artists4Future_Muenchen',
@ -163,7 +199,7 @@ xQIDAQAB
/**
* @dataProvider dataUri
*/
public function testCleanUri(string $uri, string $assertUri, array $assertInfos)
public function testProbeUri(string $uri, array $assertInfos)
{
self::markTestIncomplete('hard work due mocking 19 different http-requests');
@ -216,10 +252,7 @@ xQIDAQAB
$this->httpRequestHandler->push($history);
$cleaned = Probe::cleanURI($uri);
self::assertEquals($assertUri, $cleaned);
self::assertArraySubset($assertInfos, Probe::uri($cleaned, '', 0));
self::assertArraySubset($assertInfos, Probe::uri($uri, '', 0));
// Iterate over the requests and responses
foreach ($container as $transaction) {