mirror of
https://github.com/gosticks/wordpress-develop.git
synced 2025-10-16 12:05:38 +00:00
ddb409edca
> PHPUnit 8.0.0 introduced a `void` return type declaration to the "fixture" methods – `setUpBeforeClass()`, `setUp()`, `tearDown()` and `tearDownAfterClass()`. As the `void` return type was not introduced until PHP 7.1, this makes it more difficult to create cross-version compatible tests when using fixtures, due to signature mismatches. > > The `Yoast\PHPUnitPolyfills\TestCases\TestCase` overcomes the signature mismatch by having two versions. The correct one will be loaded depending on the PHPUnit version being used. > > When using this TestCase, if an individual test, or another TestCase which extends this TestCase, needs to overload any of the "fixture" methods, it should do so by using a snake_case variant of the original fixture method name, i.e. `set_up_before_class()`, `set_up()`, `assert_pre_conditions()`, `assert_post_conditions()`, `tear_down()`, and `tear_down_after_class()`. > > The snake_case methods will automatically be called by PHPUnit. > > > IMPORTANT: The snake_case methods should not call the PHPUnit parent, i.e. do not use `parent::setUp()` from within an overloaded `set_up()` method. If necessary, DO call `parent::set_up()`. Reference: https://github.com/Yoast/PHPUnit-Polyfills#testcases This commit renames all declared fixture methods, and calls to parent versions of those fixture methods, from camelCase to snake_case. Follow-up to [51559-51567]. Props jrf, hellofromTonya, johnbillion, netweb, dd32, pputzer, SergeyBiryukov. See #46149. git-svn-id: https://develop.svn.wordpress.org/trunk@51568 602fd350-edb4-49c9-b593-d223f7449a82
353 lines
12 KiB
PHP
353 lines
12 KiB
PHP
<?php
|
|
|
|
/**
|
|
* @group https-detection
|
|
*/
|
|
class Tests_HTTPS_Detection extends WP_UnitTestCase {
|
|
|
|
private $last_request_url;
|
|
|
|
public function set_up() {
|
|
parent::set_up();
|
|
|
|
remove_all_filters( 'option_home' );
|
|
remove_all_filters( 'option_siteurl' );
|
|
remove_all_filters( 'home_url' );
|
|
remove_all_filters( 'site_url' );
|
|
}
|
|
|
|
/**
|
|
* @ticket 47577
|
|
*/
|
|
public function test_wp_is_using_https() {
|
|
update_option( 'home', 'http://example.com/' );
|
|
update_option( 'siteurl', 'http://example.com/' );
|
|
$this->assertFalse( wp_is_using_https() );
|
|
|
|
// Expect false if only one of the two relevant URLs is HTTPS.
|
|
update_option( 'siteurl', 'https://example.com/' );
|
|
$this->assertFalse( wp_is_using_https() );
|
|
|
|
update_option( 'home', 'https://example.com/' );
|
|
$this->assertTrue( wp_is_using_https() );
|
|
|
|
// Test that the manually included 'site_url' filter works as expected
|
|
// by using it to set the URL to use HTTP.
|
|
add_filter( 'site_url', $this->filter_set_url_scheme( 'http' ) );
|
|
$this->assertFalse( wp_is_using_https() );
|
|
}
|
|
|
|
/**
|
|
* @ticket 47577
|
|
*/
|
|
public function test_wp_is_https_supported() {
|
|
// The function works with cached errors, so only test that here.
|
|
$wp_error = new WP_Error();
|
|
|
|
// No errors, so HTTPS is supported.
|
|
update_option( 'https_detection_errors', $wp_error->errors );
|
|
$this->assertTrue( wp_is_https_supported() );
|
|
|
|
// Errors, so HTTPS is not supported.
|
|
$wp_error->add( 'ssl_verification_failed', 'SSL verification failed.' );
|
|
update_option( 'https_detection_errors', $wp_error->errors );
|
|
$this->assertFalse( wp_is_https_supported() );
|
|
}
|
|
|
|
/**
|
|
* @ticket 47577
|
|
* @ticket 52484
|
|
*/
|
|
public function test_wp_update_https_detection_errors() {
|
|
// Set HTTP URL, the request below should use its HTTPS version.
|
|
update_option( 'home', 'http://example.com/' );
|
|
add_filter( 'pre_http_request', array( $this, 'record_request_url' ), 10, 3 );
|
|
|
|
// If initial request succeeds, all good.
|
|
add_filter( 'pre_http_request', array( $this, 'mock_success_with_sslverify' ), 10, 2 );
|
|
wp_update_https_detection_errors();
|
|
$this->assertSame( array(), get_option( 'https_detection_errors' ) );
|
|
|
|
// If initial request fails and request without SSL verification succeeds,
|
|
// return 'ssl_verification_failed' error.
|
|
add_filter( 'pre_http_request', array( $this, 'mock_error_with_sslverify' ), 10, 2 );
|
|
add_filter( 'pre_http_request', array( $this, 'mock_success_without_sslverify' ), 10, 2 );
|
|
wp_update_https_detection_errors();
|
|
$this->assertSame(
|
|
array( 'ssl_verification_failed' => array( __( 'SSL verification failed.' ) ) ),
|
|
get_option( 'https_detection_errors' )
|
|
);
|
|
|
|
// If both initial request and request without SSL verification fail,
|
|
// return 'https_request_failed' error.
|
|
add_filter( 'pre_http_request', array( $this, 'mock_error_with_sslverify' ), 10, 2 );
|
|
add_filter( 'pre_http_request', array( $this, 'mock_error_without_sslverify' ), 10, 2 );
|
|
wp_update_https_detection_errors();
|
|
$this->assertSame(
|
|
array( 'https_request_failed' => array( __( 'HTTPS request failed.' ) ) ),
|
|
get_option( 'https_detection_errors' )
|
|
);
|
|
|
|
// If request succeeds, but response is not 200, return error with
|
|
// 'bad_response_code' error code.
|
|
add_filter( 'pre_http_request', array( $this, 'mock_not_found' ), 10, 2 );
|
|
wp_update_https_detection_errors();
|
|
$this->assertSame(
|
|
array( 'bad_response_code' => array( 'Not Found' ) ),
|
|
get_option( 'https_detection_errors' )
|
|
);
|
|
|
|
// If request succeeds, but response was not generated by this
|
|
// WordPress site, return error with 'bad_response_source' error code.
|
|
add_filter( 'pre_http_request', array( $this, 'mock_bad_source' ), 10, 2 );
|
|
wp_update_https_detection_errors();
|
|
$this->assertSame(
|
|
array( 'bad_response_source' => array( 'It looks like the response did not come from this site.' ) ),
|
|
get_option( 'https_detection_errors' )
|
|
);
|
|
|
|
// Check that the requests are made to the correct URL.
|
|
$this->assertSame( 'https://example.com/', $this->last_request_url );
|
|
}
|
|
|
|
/**
|
|
* @ticket 47577
|
|
*/
|
|
public function test_pre_wp_update_https_detection_errors() {
|
|
// Override to enforce no errors being detected.
|
|
add_filter(
|
|
'pre_wp_update_https_detection_errors',
|
|
function() {
|
|
return new WP_Error();
|
|
}
|
|
);
|
|
wp_update_https_detection_errors();
|
|
$this->assertSame( array(), get_option( 'https_detection_errors' ) );
|
|
|
|
// Override to enforce an error being detected.
|
|
add_filter(
|
|
'pre_wp_update_https_detection_errors',
|
|
function() {
|
|
return new WP_Error(
|
|
'ssl_verification_failed',
|
|
'Bad SSL certificate.'
|
|
);
|
|
}
|
|
);
|
|
wp_update_https_detection_errors();
|
|
$this->assertSame(
|
|
array( 'ssl_verification_failed' => array( 'Bad SSL certificate.' ) ),
|
|
get_option( 'https_detection_errors' )
|
|
);
|
|
}
|
|
|
|
/**
|
|
* @ticket 47577
|
|
*/
|
|
public function test_wp_schedule_https_detection() {
|
|
wp_schedule_https_detection();
|
|
$this->assertSame( 'twicedaily', wp_get_schedule( 'wp_https_detection' ) );
|
|
}
|
|
|
|
/**
|
|
* @ticket 47577
|
|
*/
|
|
public function test_wp_cron_conditionally_prevent_sslverify() {
|
|
// If URL is not using HTTPS, don't set 'sslverify' to false.
|
|
$request = array(
|
|
'url' => 'http://example.com/',
|
|
'args' => array( 'sslverify' => true ),
|
|
);
|
|
$this->assertSame( $request, wp_cron_conditionally_prevent_sslverify( $request ) );
|
|
|
|
// If URL is using HTTPS, set 'sslverify' to false.
|
|
$request = array(
|
|
'url' => 'https://example.com/',
|
|
'args' => array( 'sslverify' => true ),
|
|
);
|
|
$expected = $request;
|
|
$expected['args']['sslverify'] = false;
|
|
$this->assertSame( $expected, wp_cron_conditionally_prevent_sslverify( $request ) );
|
|
}
|
|
|
|
/**
|
|
* @ticket 47577
|
|
* @ticket 52542
|
|
*/
|
|
public function test_wp_is_local_html_output_via_rsd_link() {
|
|
// HTML includes RSD link.
|
|
$head_tag = get_echo( 'rsd_link' );
|
|
$html = $this->get_sample_html_string( $head_tag );
|
|
$this->assertTrue( wp_is_local_html_output( $html ) );
|
|
|
|
// HTML includes modified RSD link but same URL.
|
|
$head_tag = str_replace( ' />', '>', get_echo( 'rsd_link' ) );
|
|
$html = $this->get_sample_html_string( $head_tag );
|
|
$this->assertTrue( wp_is_local_html_output( $html ) );
|
|
|
|
// HTML includes RSD link with alternative URL scheme.
|
|
$head_tag = get_echo( 'rsd_link' );
|
|
$head_tag = false !== strpos( $head_tag, 'https://' ) ? str_replace( 'https://', 'http://', $head_tag ) : str_replace( 'http://', 'https://', $head_tag );
|
|
$html = $this->get_sample_html_string( $head_tag );
|
|
$this->assertTrue( wp_is_local_html_output( $html ) );
|
|
|
|
// HTML does not include RSD link.
|
|
$html = $this->get_sample_html_string();
|
|
$this->assertFalse( wp_is_local_html_output( $html ) );
|
|
}
|
|
|
|
/**
|
|
* @ticket 47577
|
|
*/
|
|
public function test_wp_is_local_html_output_via_wlwmanifest_link() {
|
|
remove_action( 'wp_head', 'rsd_link' );
|
|
|
|
// HTML includes WLW manifest link.
|
|
$head_tag = get_echo( 'wlwmanifest_link' );
|
|
$html = $this->get_sample_html_string( $head_tag );
|
|
$this->assertTrue( wp_is_local_html_output( $html ) );
|
|
|
|
// HTML includes modified WLW manifest link but same URL.
|
|
$head_tag = str_replace( ' />', '>', get_echo( 'wlwmanifest_link' ) );
|
|
$html = $this->get_sample_html_string( $head_tag );
|
|
$this->assertTrue( wp_is_local_html_output( $html ) );
|
|
|
|
// HTML includes WLW manifest link with alternative URL scheme.
|
|
$head_tag = get_echo( 'wlwmanifest_link' );
|
|
$head_tag = false !== strpos( $head_tag, 'https://' ) ? str_replace( 'https://', 'http://', $head_tag ) : str_replace( 'http://', 'https://', $head_tag );
|
|
$html = $this->get_sample_html_string( $head_tag );
|
|
$this->assertTrue( wp_is_local_html_output( $html ) );
|
|
|
|
// HTML does not include WLW manifest link.
|
|
$html = $this->get_sample_html_string();
|
|
$this->assertFalse( wp_is_local_html_output( $html ) );
|
|
}
|
|
|
|
/**
|
|
* @ticket 47577
|
|
*/
|
|
public function test_wp_is_local_html_output_via_rest_link() {
|
|
remove_action( 'wp_head', 'rsd_link' );
|
|
remove_action( 'wp_head', 'wlwmanifest_link' );
|
|
|
|
// HTML includes REST API link.
|
|
$head_tag = get_echo( 'rest_output_link_wp_head' );
|
|
$html = $this->get_sample_html_string( $head_tag );
|
|
$this->assertTrue( wp_is_local_html_output( $html ) );
|
|
|
|
// HTML includes modified REST API link but same URL.
|
|
$head_tag = str_replace( ' />', '>', get_echo( 'rest_output_link_wp_head' ) );
|
|
$html = $this->get_sample_html_string( $head_tag );
|
|
$this->assertTrue( wp_is_local_html_output( $html ) );
|
|
|
|
// HTML includes REST API link with alternative URL scheme.
|
|
$head_tag = get_echo( 'rest_output_link_wp_head' );
|
|
$head_tag = false !== strpos( $head_tag, 'https://' ) ? str_replace( 'https://', 'http://', $head_tag ) : str_replace( 'http://', 'https://', $head_tag );
|
|
$html = $this->get_sample_html_string( $head_tag );
|
|
$this->assertTrue( wp_is_local_html_output( $html ) );
|
|
|
|
// HTML does not include REST API link.
|
|
$html = $this->get_sample_html_string();
|
|
$this->assertFalse( wp_is_local_html_output( $html ) );
|
|
}
|
|
|
|
/**
|
|
* @ticket 47577
|
|
*/
|
|
public function test_wp_is_local_html_output_cannot_determine() {
|
|
remove_action( 'wp_head', 'rsd_link' );
|
|
remove_action( 'wp_head', 'wlwmanifest_link' );
|
|
remove_action( 'wp_head', 'rest_output_link_wp_head' );
|
|
|
|
// The HTML here doesn't matter because all hooks are removed.
|
|
$html = $this->get_sample_html_string();
|
|
$this->assertNull( wp_is_local_html_output( $html ) );
|
|
}
|
|
|
|
public function record_request_url( $preempt, $parsed_args, $url ) {
|
|
$this->last_request_url = $url;
|
|
return $preempt;
|
|
}
|
|
|
|
public function mock_success_with_sslverify( $preempt, $parsed_args ) {
|
|
if ( ! empty( $parsed_args['sslverify'] ) ) {
|
|
return $this->mock_success();
|
|
}
|
|
return $preempt;
|
|
}
|
|
|
|
public function mock_error_with_sslverify( $preempt, $parsed_args ) {
|
|
if ( ! empty( $parsed_args['sslverify'] ) ) {
|
|
return $this->mock_error();
|
|
}
|
|
return $preempt;
|
|
}
|
|
|
|
public function mock_success_without_sslverify( $preempt, $parsed_args ) {
|
|
if ( empty( $parsed_args['sslverify'] ) ) {
|
|
return $this->mock_success();
|
|
}
|
|
return $preempt;
|
|
}
|
|
|
|
public function mock_error_without_sslverify( $preempt, $parsed_args ) {
|
|
if ( empty( $parsed_args['sslverify'] ) ) {
|
|
return $this->mock_error();
|
|
}
|
|
return $preempt;
|
|
}
|
|
|
|
public function mock_not_found() {
|
|
return array(
|
|
'body' => '<!DOCTYPE html><html><head><title>404</title></head><body>Not Found</body></html>',
|
|
'response' => array(
|
|
'code' => 404,
|
|
'message' => 'Not Found',
|
|
),
|
|
);
|
|
}
|
|
|
|
public function mock_bad_source() {
|
|
// Looks like a success response, but is not generated by WordPress (e.g. missing RSD link).
|
|
return array(
|
|
'body' => $this->get_sample_html_string(),
|
|
'response' => array(
|
|
'code' => 200,
|
|
'message' => 'OK',
|
|
),
|
|
);
|
|
}
|
|
|
|
private function mock_success() {
|
|
// Success response containing RSD link.
|
|
return array(
|
|
'body' => $this->get_sample_html_string( get_echo( 'rsd_link' ) ),
|
|
'response' => array(
|
|
'code' => 200,
|
|
'message' => 'OK',
|
|
),
|
|
);
|
|
}
|
|
|
|
private function mock_error() {
|
|
return new WP_Error( 'bad_ssl_certificate', 'Bad SSL certificate.' );
|
|
}
|
|
|
|
private function get_sample_html_string( $head_tag = '' ) {
|
|
return '<!DOCTYPE html><html><head><title>Page Title</title>' . $head_tag . '</head><body>Page Content.</body></html>';
|
|
}
|
|
|
|
/**
|
|
* Returns a filter callback that expects a URL and will set the URL scheme
|
|
* to the provided $scheme.
|
|
*
|
|
* @param string $scheme URL scheme to set.
|
|
* @return callable Filter callback.
|
|
*/
|
|
private function filter_set_url_scheme( $scheme ) {
|
|
return function( $url ) use ( $scheme ) {
|
|
return set_url_scheme( $url, $scheme );
|
|
};
|
|
}
|
|
}
|