diff options
| author | Josh Hoyt <josh@janrain.com> | 2006-01-30 20:36:03 +0000 |
|---|---|---|
| committer | Josh Hoyt <josh@janrain.com> | 2006-01-30 20:36:03 +0000 |
| commit | c9d453a80825a0eed95be9f5d753e213efe10c1e (patch) | |
| tree | ab3c38e142e3435084aad6fe9a7813be0eb6de1a | |
| parent | 26dd653f024d18139000f500b968beea1f3c2eab (diff) | |
| download | php-openid-c9d453a80825a0eed95be9f5d753e213efe10c1e.zip php-openid-c9d453a80825a0eed95be9f5d753e213efe10c1e.tar.gz php-openid-c9d453a80825a0eed95be9f5d753e213efe10c1e.tar.bz2 | |
[project @ Add trust root query handling tests]
| -rw-r--r-- | Auth/OpenID/TrustRoot.php | 17 | ||||
| -rw-r--r-- | Tests/Auth/OpenID/data/trustroot.txt | 8 |
2 files changed, 20 insertions, 5 deletions
diff --git a/Auth/OpenID/TrustRoot.php b/Auth/OpenID/TrustRoot.php index 94e3b99..1e9df2c 100644 --- a/Auth/OpenID/TrustRoot.php +++ b/Auth/OpenID/TrustRoot.php @@ -201,11 +201,22 @@ function Auth_OpenID_matchTrustRoot($trust_root, $url) } } - // Check path matching + // Check path and query matching $base_path = $trust_root_parsed['path']; $path = $url_parsed['path']; - if (substr($path, 0, strlen($base_path)) != $base_path) { - return false; + if (!isset($trust_root_parsed['query'])) { + if (substr($path, 0, strlen($base_path)) != $base_path) { + return false; + } + } else { + $base_query = $trust_root_parsed['query']; + $query = @$url_parsed['query']; + $qplus = substr($query, 0, strlen($base_query) + 1); + $bqplus = $base_query . '&'; + if ($base_path != $path || + ($base_query != $query && $qplus != $bqplus)) { + return false; + } } // The port and scheme need to match exactly diff --git a/Tests/Auth/OpenID/data/trustroot.txt b/Tests/Auth/OpenID/data/trustroot.txt index 0db7f50..cdfb773 100644 --- a/Tests/Auth/OpenID/data/trustroot.txt +++ b/Tests/Auth/OpenID/data/trustroot.txt @@ -59,7 +59,7 @@ return_to matching ======================================== ---------------------------------------- -29: matches +30: matches ---------------------------------------- http://*/ http://cnn.com/ http://*/ http://livejournal.com/ @@ -90,9 +90,10 @@ http://goathack.livejournal.org:8020/ http://goathack.livejournal.org:8020/openi https://foo.com https://foo.com http://Foo.com http://foo.com http://foo.com http://Foo.com +http://foo.com/?x=y http://foo.com/?x=y&a=b ---------------------------------------- -19: does not match +22: does not match ---------------------------------------- http://*/ ftp://foo.com/ http://*/ xxx @@ -113,3 +114,6 @@ http://foo.com:80 http://foo.com http://foo.com http://foo.com:80 http://foo.com:81 http://foo.com:80 http://*:80 http://foo.com:81 +http://foo.com/?a=b http://foo.com/?x=y +http://foo.com/?a=b http://foo.com/?x=y&a=b +http://foo.com/?a=b http://foo.com/ |