Cookie\Jar: add input validation #610
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The tests for the `Cookie\Jar` class were up to now mixed in with the tests for the `Cookie` class. This moves the `Jar` tests to a dedicated test file. The actual test code has not been touched. This includes duplicating a helper method. At a later point in time when these tests are reviewed, it can be decided whether this helper should move to the `TestCase`.
As `array_merge()` is used on the `$cookies` property in the `before_redirect_check()` method, only arrays can be accepted. Includes test.
The `$key` parameter corresponds to the `$name` parameter in the `Cookie::parse()` method, which expects a string and has a default value of `''`. This fixes the default value of the `$key` parameter to be the same, i.e. an empty string.
schlessera
approved these changes
Nov 15, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Cookie\Jar: move tests to dedicated file
The tests for the
Cookie\Jarclass were up to now mixed in with the tests for theCookieclass.This moves the
Jartests to a dedicated test file.The actual test code has not been touched.
This includes duplicating a helper method. At a later point in time when these tests are reviewed, it can be decided whether this helper should move to the
TestCase.Cookie\Jar::__construct(): add input validation
As
array_merge()is used on the$cookiesproperty in thebefore_redirect_check()method, only arrays can be accepted.Includes test.
Cookie\Jar::normalize_cookie(): fix default value of $key
The
$keyparameter corresponds to the$nameparameter in theCookie::parse()method, which expects a string and has a default value of''.This fixes the default value of the
$keyparameter to be the same, i.e. an empty string.Regarding the other
publicmethods:publicmagic/ArrayIterator methods should not need input validation as they should not be called directly, but only indirectly and when called that way, will receive the correct input type.normalize_cookie()method checks for an instance of Cookie already and if not passes off toCookie::parse()for which input validation is being added in PR Cookie: add input validation #609register()andbefore_redirect_check()methods already have a class based type declaration.before_request()method is intended to be only called as a Hook callback.publicmethods do not take parameters.