1 bootstrap.test BootstrapIPAddressTestCase::testIPAddressHost()

test IP Address and hostname

File

core/modules/simpletest/tests/bootstrap.test, line 69

Class

BootstrapIPAddressTestCase

Code

function testIPAddressHost() {
  // Test the normal IP address.
  $this->assertTrue(
  ip_address() == $this->remote_ip, 
  'Got remote IP address.'
  );

  // Proxy forwarding on but no proxy addresses defined.
  $GLOBALS['settings']['reverse_proxy'] = 1;
  $this->assertTrue(
  ip_address() == $this->remote_ip, 
  'Proxy forwarding without trusted proxies got remote IP address.'
  );

  // Proxy forwarding on and proxy address not trusted.
  $GLOBALS['settings']['reverse_proxy_addresses'] = array($this->proxy_ip, $this->proxy2_ip);
  backdrop_static_reset('ip_address');
  $_SERVER['REMOTE_ADDR'] = $this->untrusted_ip;
  $this->assertTrue(
  ip_address() == $this->untrusted_ip, 
  'Proxy forwarding with untrusted proxy got remote IP address.'
  );

  // Proxy forwarding on and proxy address trusted.
  $_SERVER['REMOTE_ADDR'] = $this->proxy_ip;
  $_SERVER['HTTP_X_FORWARDED_FOR'] = $this->forwarded_ip;
  backdrop_static_reset('ip_address');
  $this->assertTrue(
  ip_address() == $this->forwarded_ip, 
  'Proxy forwarding with trusted proxy got forwarded IP address.'
  );

  // Proxy forwarding on and proxy address trusted and visiting from proxy.
  $_SERVER['REMOTE_ADDR'] = $this->proxy_ip;
  $_SERVER['HTTP_X_FORWARDED_FOR'] = $this->proxy_ip;
  backdrop_static_reset('ip_address');
  $this->assertTrue(
  ip_address() == $this->proxy_ip, 
  'Visiting from trusted proxy got proxy IP address.'
  );

  // Multi-tier architecture with comma separated values in header.
  $_SERVER['REMOTE_ADDR'] = $this->proxy_ip;
  $_SERVER['HTTP_X_FORWARDED_FOR'] = implode(', ', array($this->untrusted_ip, $this->forwarded_ip, $this->proxy2_ip));
  backdrop_static_reset('ip_address');
  $this->assertTrue(
  ip_address() == $this->forwarded_ip, 
  'Proxy forwarding with trusted 2-tier proxy got forwarded IP address.'
  );

  // Custom client-IP header.
  $GLOBALS['settings']['reverse_proxy_header'] = 'HTTP_X_CLUSTER_CLIENT_IP';
  $_SERVER['HTTP_X_CLUSTER_CLIENT_IP'] = $this->cluster_ip;
  backdrop_static_reset('ip_address');
  $this->assertTrue(
  ip_address() == $this->cluster_ip, 
  'Cluster environment got cluster client IP.'
  );

  // Verifies that backdrop_valid_http_host() prevents invalid characters.
  $this->assertFalse(backdrop_valid_http_host('security/.backdropcms.org:80'), 'HTTP_HOST with / is invalid');
  $this->assertFalse(backdrop_valid_http_host('security\\.backdropcms.org:80'), 'HTTP_HOST with \\ is invalid');
  $this->assertFalse(backdrop_valid_http_host('security<.backdropcms.org:80'), 'HTTP_HOST with &lt; is invalid');
  $this->assertFalse(backdrop_valid_http_host('security..backdropcms.org:80'), 'HTTP_HOST with .. is invalid');
  // Verifies that host names are shorter than 1000 characters.
  $this->assertFalse(backdrop_valid_http_host(str_repeat('x', 1001)), 'HTTP_HOST with more than 1000 characters is invalid.');
  $this->assertFalse(backdrop_valid_http_host(str_repeat('.', 101)), 'HTTP_HOST with more than 100 subdomains is invalid.');
  $this->assertFalse(backdrop_valid_http_host(str_repeat(':', 101)), 'HTTP_HOST with more than 100 port separators is invalid.');
  // IPv6 loopback address
  $this->assertTrue(backdrop_valid_http_host('[::1]:80'), 'HTTP_HOST containing IPv6 loopback is valid');
}