Validate URI state instead of having workarounds in __toString according to PSR-7 errata

Tobion · Tobion · commit 2c1a1e653ca6 · 2016-06-27T15:05:42.000+02:00
diff --git a/composer.json b/composer.json
@@ -1,14 +1,18 @@
 {
     "name": "guzzlehttp/psr7",
     "type": "library",
-    "description": "PSR-7 message implementation",
-    "keywords": ["message", "stream", "http", "uri"],
+    "description": "PSR-7 message implementation that also provides common utility methods",
+    "keywords": ["request", "response", "message", "stream", "http", "uri", "url"],
     "license": "MIT",
     "authors": [
         {
             "name": "Michael Dowling",
             "email": "mtdowling@gmail.com",
             "homepage": "https://github.com/mtdowling"
+        },
+        {
+            "name": "Tobias Schultze",
+            "homepage": "https://github.com/Tobion"
         }
     ],
     "require": {
diff --git a/src/Uri.php b/src/Uri.php
@@ -12,6 +12,14 @@
  */
 class Uri implements UriInterface
 {
+    /**
+     * Absolute http and https URIs require a host per RFC 7230 Section 2.7
+     * but in generic URIs the host can be empty. So for http(s) URIs
+     * we apply this default host when no host is given yet to form a
+     * valid URI.
+     */
+    const HTTP_DEFAULT_HOST = 'localhost';
+
     private static $schemes = [
         'http'  => 80,
         'https' => 443,
@@ -241,16 +249,20 @@ public static function withQueryValue(UriInterface $uri, $key, $value)
     }
 
     /**
-     * Create a URI from a hash of parse_url parts.
+     * Create a URI from a hash of parse_url components.
      *
      * @param array $parts
      *
      * @return self
+     *
+     * @throws \InvalidArgumentException If the components do not form a valid URI.
      */
     public static function fromParts(array $parts)
     {
         $uri = new self();
         $uri->applyParts($parts);
+        $uri->validateState();
+
         return $uri;
     }
 
@@ -261,10 +273,6 @@ public function getScheme()
 
     public function getAuthority()
     {
-        if ($this->host == '') {
-            return '';
-        }
-
         $authority = $this->host;
         if ($this->userInfo != '') {
             $authority = $this->userInfo . '@' . $authority;
@@ -318,6 +326,8 @@ public function withScheme($scheme)
         $new = clone $this;
         $new->scheme = $scheme;
         $new->port = $new->filterPort($new->port);
+        $new->validateState();
+
         return $new;
     }
 
@@ -334,6 +344,8 @@ public function withUserInfo($user, $password = null)
 
         $new = clone $this;
         $new->userInfo = $info;
+        $new->validateState();
+
         return $new;
     }
 
@@ -347,6 +359,8 @@ public function withHost($host)
 
         $new = clone $this;
         $new->host = $host;
+        $new->validateState();
+
         return $new;
     }
 
@@ -360,6 +374,8 @@ public function withPort($port)
 
         $new = clone $this;
         $new->port = $port;
+        $new->validateState();
+
         return $new;
     }
 
@@ -373,6 +389,8 @@ public function withPath($path)
 
         $new = clone $this;
         $new->path = $path;
+        $new->validateState();
+
         return $new;
     }
 
@@ -386,6 +404,7 @@ public function withQuery($query)
 
         $new = clone $this;
         $new->query = $query;
+
         return $new;
     }
 
@@ -399,6 +418,7 @@ public function withFragment($fragment)
 
         $new = clone $this;
         $new->fragment = $fragment;
+
         return $new;
     }
 
@@ -455,22 +475,7 @@ private static function createUriString($scheme, $authority, $path, $query, $fra
             $uri .= '//' . $authority;
         }
 
-        if ($path != '') {
-            if ($path[0] !== '/') {
-                if ($authority != '') {
-                    // If the path is rootless and an authority is present, the path MUST be prefixed by "/"
-                    $path = '/' . $path;
-                }
-            } elseif (isset($path[1]) && $path[1] === '/') {
-                if ($authority == '') {
-                    // If the path is starting with more than one "/" and no authority is present, the
-                    // starting slashes MUST be reduced to one.
-                    $path = '/' . ltrim($path, '/');
-                }
-            }
-
-            $uri .= $path;
-        }
+        $uri .= $path;
 
         if ($query != '') {
             $uri .= '?' . $query;
@@ -599,4 +604,26 @@ private function rawurlencodeMatchZero(array $match)
     {
         return rawurlencode($match[0]);
     }
+
+    private function validateState()
+    {
+        if ($this->host === '' && ($this->scheme === 'http' || $this->scheme === 'https')) {
+            $this->host = self::HTTP_DEFAULT_HOST;
+        }
+
+        if ($this->getAuthority() === '') {
+            if (0 === strpos($this->path, '//')) {
+                throw new \InvalidArgumentException('The path of a URI without an authority must not start with two slashes "//"');
+            }
+        } elseif (isset($this->path[0]) && $this->path[0] !== '/') {
+            throw new \InvalidArgumentException('The path of a URI with an authority must start with a slash "/" or be empty');
+        }
+
+        if ($this->scheme === ''
+            && false !== ($colonPos = strpos($this->path, ':'))
+            && ($colonPos < ($slashPos = strpos($this->path, '/')) || false === $slashPos)
+        ) {
+            throw new \InvalidArgumentException('A relative URI must not have a path beginning with a segment containing a colon');
+        }
+    }
 }
diff --git a/tests/UriTest.php b/tests/UriTest.php
@@ -434,12 +434,42 @@ public function testPortCanBeRemoved()
         $this->assertSame('http://example.com', (string) $uri);
     }
 
-    public function testAuthorityWithUserInfoButWithoutHost()
+    /**
+     * In RFC 8986 the host is optional and the authority can only
+     * consist of the user info and port.
+     */
+    public function testAuthorityWithUserInfoOrPortButWithoutHost()
     {
         $uri = (new Uri())->withUserInfo('user', 'pass');
 
         $this->assertSame('user:pass', $uri->getUserInfo());
-        $this->assertSame('', $uri->getAuthority());
+        $this->assertSame('user:pass@', $uri->getAuthority());
+
+        $uri = $uri->withPort(8080);
+        $this->assertSame(8080, $uri->getPort());
+        $this->assertSame('user:pass@:8080', $uri->getAuthority());
+        $this->assertSame('//user:pass@:8080', (string) $uri);
+
+        $uri = $uri->withUserInfo('');
+        $this->assertSame(':8080', $uri->getAuthority());
+    }
+
+    public function testHostInHttpUriDefaultsToLocalhost()
+    {
+        $uri = (new Uri())->withScheme('http');
+
+        $this->assertSame('localhost', $uri->getHost());
+        $this->assertSame('localhost', $uri->getAuthority());
+        $this->assertSame('http://localhost', (string) $uri);
+    }
+
+    public function testHostInHttpsUriDefaultsToLocalhost()
+    {
+        $uri = (new Uri())->withScheme('https');
+
+        $this->assertSame('localhost', $uri->getHost());
+        $this->assertSame('localhost', $uri->getAuthority());
+        $this->assertSame('https://localhost', (string) $uri);
     }
 
     public function uriComponentsEncodingProvider()
@@ -509,24 +539,53 @@ public function testAllowsForRelativeUri()
         $this->assertSame('foo', (string) $uri);
     }
 
-    public function testAddsSlashForRelativeUriStringWithHost()
+    /**
+     * @expectedException \InvalidArgumentException
+     * @expectedExceptionMessage The path of a URI with an authority must start with a slash "/" or be empty
+     */
+    public function testRelativePathAndAuhorityIsInvalid()
     {
-        // If the path is rootless and an authority is present, the path MUST
-        // be prefixed by "/".
-        $uri = (new Uri)->withPath('foo')->withHost('example.com');
-        $this->assertSame('foo', $uri->getPath());
         // concatenating a relative path with a host doesn't work: "//example.comfoo" would be wrong
-        $this->assertSame('//example.com/foo', (string) $uri);
+        (new Uri)->withPath('foo')->withHost('example.com');
     }
 
-    public function testRemoveExtraSlashesWihoutHost()
+    /**
+     * @expectedException \InvalidArgumentException
+     * @expectedExceptionMessage The path of a URI without an authority must not start with two slashes "//"
+     */
+    public function testPathStartingWithTwoSlashesAndNoAuthorityIsInvalid()
     {
-        // If the path is starting with more than one "/" and no authority is
-        // present, the starting slashes MUST be reduced to one.
-        $uri = (new Uri)->withPath('//foo');
-        $this->assertSame('//foo', $uri->getPath());
         // URI "//foo" would be interpreted as network reference and thus change the original path to the host
-        $this->assertSame('/foo', (string) $uri);
+        (new Uri)->withPath('//foo');
+    }
+
+    public function testPathStartingWithTwoSlashes()
+    {
+        $uri = new Uri('http://example.org//path-not-host.com');
+        $this->assertSame('//path-not-host.com', $uri->getPath());
+
+        $uri = $uri->withScheme('');
+        $this->assertSame('//example.org//path-not-host.com', (string) $uri); // This is still valid
+        $this->setExpectedException('\InvalidArgumentException');
+        $uri->withHost(''); // Now it becomes invalid
+    }
+
+    /**
+     * @expectedException \InvalidArgumentException
+     * @expectedExceptionMessage A relative URI must not have a path beginning with a segment containing a colon
+     */
+    public function testRelativeUriWithPathBeginngWithColonSegmentIsInvalid()
+    {
+        (new Uri)->withPath('mailto:foo');
+    }
+
+    public function testRelativeUriWithPathHavingColonSegment()
+    {
+        $uri = (new Uri('urn:/mailto:foo'))->withScheme('');
+        $this->assertSame('/mailto:foo', $uri->getPath());
+
+        $this->setExpectedException('\InvalidArgumentException');
+        (new Uri('urn:mailto:foo'))->withScheme('');
     }
 
     public function testDefaultReturnValuesOfGetters()
@@ -559,15 +618,15 @@ public function testImmutability()
     public function testExtendingClassesInstantiates()
     {
         // The non-standard port triggers a cascade of private methods which
-        //  should not use late static binding to access private static members.
+        // should not use late static binding to access private static members.
         // If they do, this will fatal.
         $this->assertInstanceOf(
-            '\GuzzleHttp\Tests\Psr7\ExtendingClassTest',
-            new ExtendingClassTest('http://h:9/')
+            'GuzzleHttp\Tests\Psr7\ExtendedUriTest',
+            new ExtendedUriTest('http://h:9/')
         );
     }
 }
 
-class ExtendingClassTest extends \GuzzleHttp\Psr7\Uri
+class ExtendedUriTest extends Uri
 {
 }
