Home Explore Help
Sign In
githab
/
cakephp
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Merge pull request #13749 from cakephp/issue-13543

Fix incorrect cookies being used on redirects
Mark Story 6 years ago
parent
df308bde79 acc5896d30
commit
2ace7675e0
2 changed files with 49 additions and 2 deletions
Split View Show Diff Stats
  1. 1 2
      src/Http/Client.php
  2. 48 0
      tests/TestCase/Http/ClientTest.php

+ 1 - 2
src/Http/Client.php
View File 

@@ -418,7 +418,6 @@ class Client
 
             $handleRedirect = $response->isRedirect() && $redirects-- > 0;
 
             if ($handleRedirect) {
 
                 $url = $request->getUri();
 
-                $request = $this->_cookies->addToRequest($request, []);
 
 
                 $location = $response->getHeaderLine('Location');
 
                 $locationUrl = $this->buildUrl($location, [], [
 
@@ -427,8 +426,8 @@ class Client
 
                     'scheme' => $url->getScheme(),
 
                     'protocolRelative' => true
 
                 ]);
 
-
 
                 $request = $request->withUri(new Uri($locationUrl));
 
+                $request = $this->_cookies->addToRequest($request, []);
 
             }
 
         } while ($handleRedirect);

+ 48 - 0
tests/TestCase/Http/ClientTest.php
View File 

@@ -845,4 +845,52 @@ class ClientTest extends TestCase
 
         $this->assertTrue($cookies->has('redirect1'));
 
         $this->assertTrue($cookies->has('redirect2'));
 
     }
 
+
 
+    /**
 
+     * test redirect across sub domains
 
+     *
 
+     * @return void
 
+     */
 
+    public function testRedirectDifferentSubDomains()
 
+    {
 
+        $adapter = $this->getMockBuilder(Client\Adapter\Stream::class)
 
+            ->setMethods(['send'])
 
+            ->getMock();
 
+
 
+        $url = 'http://auth.example.org';
 
+
 
+        $redirect = new Response([
 
+            'HTTP/1.0 301',
 
+            'Location: http://backstage.example.org',
 
+        ]);
 
+        $adapter->expects($this->at(0))
 
+            ->method('send')
 
+            ->willReturn([$redirect]);
 
+
 
+        $response = new Response([
 
+            'HTTP/1.0 200'
 
+        ]);
 
+        $adapter->expects($this->at(1))
 
+            ->method('send')
 
+            ->with($this->callback(function ($request) {
 
+                $this->assertSame('http://backstage.example.org', (string)$request->getUri());
 
+                $this->assertSame('session=backend', $request->getHeaderLine('Cookie'));
 
+
 
+                return true;
 
+            }))
 
+            ->willReturn([$response]);
 
+
 
+        $client = new Client([
 
+            'adapter' => $adapter
 
+        ]);
 
+        $client->addCookie(new Cookie('session', 'backend', null, '/', 'backstage.example.org'));
 
+        $client->addCookie(new Cookie('session', 'authz', null, '/', 'auth.example.org'));
 
+
 
+        $result = $client->send(new Request($url), [
 
+            'redirect' => 10
 
+        ]);
 
+
 
+        $this->assertInstanceOf(Response::class, $result);
 
+        $this->assertSame($response, $result);
 
+    }
 
 }