Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
100.00% covered (success)
100.00%
19 / 19
100.00% covered (success)
100.00%
1 / 1
 CRAP
100.00% covered (success)
100.00%
1 / 1
PassInfoFromRewriteToScriptThroughRequestHeaderTester
100.00% covered (success)
100.00%
19 / 19
100.00% covered (success)
100.00%
1 / 1
 1
100.00% covered (success)
100.00%
1 / 1
 __construct
100.00% covered (success)
100.00%
19 / 19
100.00% covered (success)
100.00%
1 / 1
 1
1<?php
2
3namespace HtaccessCapabilityTester\Testers;
4
5/**
6 * Say you have a rewrite rule that points to a PHP script and you would like to pass some information
7 * along to the PHP. Usually, you will just pass it in the query string. But this won't do if the information
8 * is sensitive. In that case, there are some tricks available. The trick being tested here sets tells the
9 * RewriteRule directive to set an environment variable which a RequestHeader directive picks up on and passes
10 * on to the script in a request header.
11 *
12 * @package    HtaccessCapabilityTester
13 * @author     Bjørn Rosell <it@rosell.dk>
14 * @since      Class available since 0.7
15 */
16class PassInfoFromRewriteToScriptThroughRequestHeaderTester extends CustomTester
17{
18
19    /**
20     * Constructor.
21     *
22     * @return void
23     */
24    public function __construct()
25    {
26        $htaccessFile = <<<'EOD'
27<IfModule mod_rewrite.c>
28    RewriteEngine On
29    # We pass document root, because that can easily be checked by the script
30    RewriteRule ^test\.php$ - [E=PASSTHROUGHHEADER:%{DOCUMENT_ROOT},L]
31
32    <IfModule mod_headers.c>
33      RequestHeader set PASSTHROUGHHEADER "%{PASSTHROUGHHEADER}e" env=PASSTHROUGHHEADER
34    </IfModule>
35
36</IfModule>
37EOD;
38
39        $phpFile = <<<'EOD'
40<?php
41if (isset($_SERVER['HTTP_PASSTHROUGHHEADER'])) {
42    echo ($_SERVER['HTTP_PASSTHROUGHHEADER'] == $_SERVER['DOCUMENT_ROOT'] ? 1 : 0);
43    exit;
44}
45echo '0';
46EOD;
47
48        $test = [
49            'subdir' => 'pass-info-from-rewrite-to-script-through-request-header',
50            'files' => [
51                ['.htaccess', $htaccessFile],
52                ['test.php', $phpFile],
53            ],
54            'request' => 'test.php',
55            'interpretation' => [
56                ['success', 'body', 'equals', '1'],
57                ['failure', 'body', 'equals', '0'],
58                ['inconclusive', 'body', 'begins-with', '<' . '?php'],
59                ['inconclusive']
60            ]
61        ];
62
63        parent::__construct($test);
64    }
65}