Vectorface /
whip
| @@ 152-168 (lines=17) @@ | ||
| 149 | * |
|
| 150 | * @dataProvider proxyMethodWhitelistProvider |
|
| 151 | */ |
|
| 152 | public function testValidWhitelistedProxyMethod($remoteAddr) |
|
| 153 | { |
|
| 154 | $lookup = new Whip( |
|
| 155 | Whip::PROXY_HEADERS, |
|
| 156 | array( |
|
| 157 | Whip::PROXY_HEADERS => array( |
|
| 158 | Whip::IPV4 => array('127.0.0.1'), |
|
| 159 | Whip::IPV6 => array('::1') |
|
| 160 | ) |
|
| 161 | ), |
|
| 162 | array( |
|
| 163 | 'REMOTE_ADDR' => $remoteAddr, |
|
| 164 | 'HTTP_X_FORWARDED_FOR' => '192.168.1.1,32.32.32.32' |
|
| 165 | ) |
|
| 166 | ); |
|
| 167 | $this->assertEquals('32.32.32.32', $lookup->getIpAddress()); |
|
| 168 | } |
|
| 169 | ||
| 170 | /** |
|
| 171 | * Repeats the above test twice for ipv4 and ipv6 |
|
| @@ 185-205 (lines=21) @@ | ||
| 182 | * Tests that we accept proxy method based on a whitelisted IP using the |
|
| 183 | * dashed range notation. |
|
| 184 | */ |
|
| 185 | public function testValidWhitelistedProxyMethodWithDashNotation() |
|
| 186 | { |
|
| 187 | $lookup = new Whip( |
|
| 188 | Whip::PROXY_HEADERS, |
|
| 189 | array( |
|
| 190 | Whip::PROXY_HEADERS => array( |
|
| 191 | Whip::IPV4 => array( |
|
| 192 | '127.0.0.0-127.0.255.255', |
|
| 193 | ), |
|
| 194 | Whip::IPV6 => array( |
|
| 195 | '::1' |
|
| 196 | ) |
|
| 197 | ) |
|
| 198 | ), |
|
| 199 | array( |
|
| 200 | 'REMOTE_ADDR' => '127.0.0.1', |
|
| 201 | 'HTTP_X_FORWARDED_FOR' => '32.32.32.32' |
|
| 202 | ) |
|
| 203 | ); |
|
| 204 | $this->assertEquals('32.32.32.32', $lookup->getIpAddress()); |
|
| 205 | } |
|
| 206 | ||
| 207 | /** |
|
| 208 | * Tests that we accept proxy method based on a whitelisted IP using the |
|
| @@ 211-231 (lines=21) @@ | ||
| 208 | * Tests that we accept proxy method based on a whitelisted IP using the |
|
| 209 | * wildcard asterix notation. |
|
| 210 | */ |
|
| 211 | public function testValidWhitelistedProxyMethodWithWildcardNotation() |
|
| 212 | { |
|
| 213 | $lookup = new Whip( |
|
| 214 | Whip::PROXY_HEADERS, |
|
| 215 | array( |
|
| 216 | Whip::PROXY_HEADERS => array( |
|
| 217 | Whip::IPV4 => array( |
|
| 218 | '127.0.*' |
|
| 219 | ), |
|
| 220 | Whip::IPV6 => array( |
|
| 221 | '::1' |
|
| 222 | ) |
|
| 223 | ) |
|
| 224 | ), |
|
| 225 | array( |
|
| 226 | 'REMOTE_ADDR' => '127.0.0.1', |
|
| 227 | 'HTTP_X_FORWARDED_FOR' => '32.32.32.32' |
|
| 228 | ) |
|
| 229 | ); |
|
| 230 | $this->assertEquals('32.32.32.32', $lookup->getIpAddress()); |
|
| 231 | } |
|
| 232 | ||
| 233 | /** |
|
| 234 | * Tests that we accept proxy method based on a whitelisted IP using the |
|
| @@ 237-257 (lines=21) @@ | ||
| 234 | * Tests that we accept proxy method based on a whitelisted IP using the |
|
| 235 | * CIDR address notation. |
|
| 236 | */ |
|
| 237 | public function testValidWhitelistedProxyMethodWithCIDRdNotation() |
|
| 238 | { |
|
| 239 | $lookup = new Whip( |
|
| 240 | Whip::PROXY_HEADERS, |
|
| 241 | array( |
|
| 242 | Whip::PROXY_HEADERS => array( |
|
| 243 | Whip::IPV4 => array( |
|
| 244 | '127.0.0.0/24' |
|
| 245 | ), |
|
| 246 | Whip::IPV6 => array( |
|
| 247 | '::1' |
|
| 248 | ) |
|
| 249 | ) |
|
| 250 | ), |
|
| 251 | array( |
|
| 252 | 'REMOTE_ADDR' => '127.0.0.1', |
|
| 253 | 'HTTP_X_FORWARDED_FOR' => '32.32.32.32' |
|
| 254 | ) |
|
| 255 | ); |
|
| 256 | $this->assertEquals('32.32.32.32', $lookup->getIpAddress()); |
|
| 257 | } |
|
| 258 | ||
| 259 | /** |
|
| 260 | * Tests that we get false if there is a valid IP in a proxy header but |
|
| @@ 263-283 (lines=21) @@ | ||
| 260 | * Tests that we get false if there is a valid IP in a proxy header but |
|
| 261 | * we reject it due to REMOTE_ADDR not being in the whitelist. |
|
| 262 | */ |
|
| 263 | public function testValidIpRejectedDueToWhitelist() |
|
| 264 | { |
|
| 265 | $lookup = new Whip( |
|
| 266 | Whip::PROXY_HEADERS, |
|
| 267 | array( |
|
| 268 | Whip::PROXY_HEADERS => array( |
|
| 269 | Whip::IPV4 => array( |
|
| 270 | '127.0.0.1/24' |
|
| 271 | ), |
|
| 272 | Whip::IPV6 => array( |
|
| 273 | '::1' |
|
| 274 | ) |
|
| 275 | ) |
|
| 276 | ), |
|
| 277 | array( |
|
| 278 | 'REMOTE_ADDR' => '24.24.24.24', |
|
| 279 | 'HTTP_X_FORWARDED_FOR' => '32.32.32.32' |
|
| 280 | ) |
|
| 281 | ); |
|
| 282 | $this->assertFalse($lookup->getIpAddress()); |
|
| 283 | } |
|
| 284 | ||
| 285 | /** |
|
| 286 | * Tests that we reject a proxy listed IPv6 address that does not fall within |
|
| @@ 380-401 (lines=22) @@ | ||
| 377 | /** |
|
| 378 | * Test a custom header with a whitelisted IP. |
|
| 379 | */ |
|
| 380 | public function testCustomHeader() |
|
| 381 | { |
|
| 382 | $lookup = new Whip( |
|
| 383 | Whip::CUSTOM_HEADERS | Whip::REMOTE_ADDR, |
|
| 384 | array( |
|
| 385 | Whip::CUSTOM_HEADERS => array( |
|
| 386 | Whip::IPV4 => array( |
|
| 387 | '127.0.0.1', |
|
| 388 | '::1' |
|
| 389 | ) |
|
| 390 | ) |
|
| 391 | ), |
|
| 392 | array( |
|
| 393 | 'REMOTE_ADDR' => '127.0.0.1', |
|
| 394 | 'HTTP_CUSTOM_SECRET_HEADER' => '32.32.32.32' |
|
| 395 | ) |
|
| 396 | ); |
|
| 397 | $this->assertEquals( |
|
| 398 | '32.32.32.32', |
|
| 399 | $lookup->addCustomHeader('HTTP_CUSTOM_SECRET_HEADER')->getIpAddress() |
|
| 400 | ); |
|
| 401 | } |
|
| 402 | ||
| 403 | /** |
|
| 404 | * Test HTTP_X_REAL_IP header. |
|
