3 namespace Drupal\Tests\Core\DrupalKernel;
5 use Drupal\Core\DrupalKernel;
6 use Drupal\Tests\UnitTestCase;
7 use Symfony\Component\HttpFoundation\Request;
10 * @coversDefaultClass \Drupal\Core\DrupalKernel
13 class ValidateHostnameTest extends UnitTestCase {
16 * @covers ::validateHostname
17 * @dataProvider providerTestValidateHostname
19 public function testValidateHostname($hostname, $message, $expected = FALSE) {
20 $server = ['HTTP_HOST' => $hostname];
21 $request = new Request([], [], [], [], [], $server);
22 $validated_hostname = DrupalKernel::validateHostname($request);
23 $this->assertSame($expected, $validated_hostname, $message);
27 * Provides test data for testValidateHostname().
29 public function providerTestValidateHostname() {
32 // Verifies that DrupalKernel::validateHostname() prevents invalid
33 // characters per RFC 952/2181.
34 $data[] = ['security/.drupal.org:80', 'HTTP_HOST with / is invalid'];
35 $data[] = ['security/.drupal.org:80', 'HTTP_HOST with / is invalid'];
36 $data[] = ['security\\.drupal.org:80', 'HTTP_HOST with \\ is invalid'];
37 $data[] = ['security<.drupal.org:80', 'HTTP_HOST with < is invalid'];
38 $data[] = ['security..drupal.org:80', 'HTTP_HOST with .. is invalid'];
40 // Verifies hostnames that are too long, or have too many parts are
42 $data[] = [str_repeat('x', 1000) . '.security.drupal.org:80', 'HTTP_HOST with more than 1000 characters is invalid.'];
43 $data[] = [str_repeat('x.', 100) . 'security.drupal.org:80', 'HTTP_HOST with more than 100 subdomains is invalid.'];
44 $data[] = ['security.drupal.org:80' . str_repeat(':x', 100), 'HTTP_HOST with more than 100 port separators is invalid.'];
46 // Verifies that a valid hostname is allowed.
47 $data[] = ['security.drupal.org:80', 'Properly formed HTTP_HOST is valid.', TRUE];
49 // Verifies that using valid IP address for the hostname is allowed.
50 $data[] = ['72.21.91.99:80', 'Properly formed HTTP_HOST with IPv4 address valid.', TRUE];
51 $data[] = ['2607:f8b0:4004:803::1002:80', 'Properly formed HTTP_HOST with IPv6 address valid.', TRUE];
53 // Verfies that the IPv6 loopback address is valid.
54 $data[] = ['[::1]:80', 'HTTP_HOST containing IPv6 loopback is valid.', TRUE];