Changeset 55283
- Timestamp:
- 02/07/2023 05:43:55 PM (18 months ago)
- Location:
- trunk
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/includes/user.php
r55099 r55283 613 613 * 614 614 * @since 5.6.0 615 615 616 * 616 617 * @param array $request { … … 626 627 */ 627 628 function wp_is_authorize_application_password_request_valid( $request, $user ) { 628 $error = new WP_Error(); 629 $error = new WP_Error(); 630 $is_local = 'local' === wp_get_environment_type(); 629 631 630 632 if ( ! empty( $request['success_url'] ) ) { 631 633 $scheme = wp_parse_url( $request['success_url'], PHP_URL_SCHEME ); 632 634 633 if ( 'http' === $scheme ) {635 if ( 'http' === $scheme ) { 634 636 $error->add( 635 637 'invalid_redirect_scheme', … … 642 644 $scheme = wp_parse_url( $request['reject_url'], PHP_URL_SCHEME ); 643 645 644 if ( 'http' === $scheme ) {646 if ( 'http' === $scheme ) { 645 647 $error->add( 646 648 'invalid_redirect_scheme', -
trunk/tests/phpunit/tests/admin/includesUser.php
r54402 r55283 8 8 9 9 /** 10 * @ticket 42790 10 * Test redirect URLs for application password authorization requests. 11 * 12 * @ticket 42790 13 * @ticket 52617 14 * 15 * @covers ::wp_is_authorize_application_password_request_valid 16 * 11 17 * @dataProvider data_is_authorize_application_password_request_valid 12 * @param array $request The request data to validate. 13 * @param string $error_code The expected error code, empty if no error. 18 * 19 * @param array $request The request data to validate. 20 * @param string $expected_error_code The expected error code, empty if no error is expected. 21 * @param string $env The environment type. Defaults to 'production'. 14 22 */ 15 public function test_is_authorize_application_password_request_valid( $request, $e rror_code) {16 $error = wp_is_authorize_application_password_request_valid( $request, get_userdata( 1 ));23 public function test_is_authorize_application_password_request_valid( $request, $e ) { 24 ); 17 25 18 if ( $error_code ) { 19 $this->assertWPError( $error ); 20 $this->assertSame( $error_code, $error->get_error_code() ); 26 $actual = wp_is_authorize_application_password_request_valid( $request, get_userdata( 1 ) ); 27 28 putenv( 'WP_ENVIRONMENT_TYPE' ); 29 30 if ( $expected_error_code ) { 31 $this->assertWPError( $actual, 'A WP_Error object is expected.' ); 32 $this->assertSame( $expected_error_code, $actual->get_error_code(), 'Unexpected error code.' ); 21 33 } else { 22 $this->assertNotWPError( $ error);34 $this->assertNotWPError( $ ); 23 35 } 24 36 } 25 37 26 38 public function data_is_authorize_application_password_request_valid() { 27 return array( 28 array( 29 array(), 30 '', 31 ), 32 array( 33 array( 'success_url' => 'http://example.org' ), 34 'invalid_redirect_scheme', 35 ), 36 array( 37 array( 'reject_url' => 'http://example.org' ), 38 'invalid_redirect_scheme', 39 ), 40 array( 41 array( 'success_url' => 'https://example.org' ), 42 '', 43 ), 44 array( 45 array( 'reject_url' => 'https://example.org' ), 46 '', 47 ), 48 array( 49 array( 'success_url' => 'wordpress://example' ), 50 '', 51 ), 52 array( 53 array( 'reject_url' => 'wordpress://example' ), 54 '', 55 ), 56 ); 39 $environment_types = array( 'local', 'development', 'staging', 'production' ); 40 41 $datasets = array(); 42 foreach ( $environment_types as $environment_type ) { 43 $datasets[ $environment_type . ' and no request arguments' ] = array( 44 'request' => array(), 45 'expected_error_code' => '', 46 'env' => $environment_type, 47 ); 48 49 $datasets[ $environment_type . ' and a "https" scheme "success_url"' ] = array( 50 'request' => array( 'success_url' => 'https://example.org' ), 51 'expected_error_code' => '', 52 'env' => $environment_type, 53 ); 54 55 $datasets[ $environment_type . ' and a "https" scheme "reject_url"' ] = array( 56 'request' => array( 'reject_url' => 'https://example.org' ), 57 'expected_error_code' => '', 58 'env' => $environment_type, 59 ); 60 61 $datasets[ $environment_type . ' and an app scheme "success_url"' ] = array( 62 'request' => array( 'success_url' => 'wordpress://example' ), 63 'expected_error_code' => '', 64 'env' => $environment_type, 65 ); 66 67 $datasets[ $environment_type . ' and an app scheme "reject_url"' ] = array( 68 'request' => array( 'reject_url' => 'wordpress://example' ), 69 'expected_error_code' => '', 70 'env' => $environment_type, 71 ); 72 73 $datasets[ $environment_type . ' and a "http" scheme "success_url"' ] = array( 74 'request' => array( 'success_url' => 'http://example.org' ), 75 'expected_error_code' => 'local' === $environment_type ? '' : 'invalid_redirect_scheme', 76 'env' => $environment_type, 77 ); 78 79 $datasets[ $environment_type . ' and a "http" scheme "reject_url"' ] = array( 80 'request' => array( 'reject_url' => 'http://example.org' ), 81 'expected_error_code' => 'local' === $environment_type ? '' : 'invalid_redirect_scheme', 82 'env' => $environment_type, 83 ); 84 } 85 86 return $datasets; 57 87 } 58 88 }
Note: See TracChangeset
for help on using the changeset viewer.