Skip to content

Commit

Permalink
[HttpFoundation] use InputBag for Request::$request only if data is c…
Browse files Browse the repository at this point in the history 
…oming from a form
  • Loading branch information
@nicolas-grekas
nicolas-grekas committed Jun 13, 2020
1 parent 86c79ce commit 3f31a08
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 4 deletions.
10 changes: 6 additions & 4 deletions src/Symfony/Component/HttpFoundation/Request.php
View file
Expand Up @@ -85,7 +85,7 @@ class Request
/**
* Request body parameters ($_POST).
*
* @var InputBag
* @var InputBag|ParameterBag
*/
public $request;

Expand Down Expand Up @@ -268,7 +268,7 @@ public function __construct(array $query = [], array $request = [], array $attri
*/
public function initialize(array $query = [], array $request = [], array $attributes = [], array $cookies = [], array $files = [], array $server = [], $content = null)
{
$this->request = new InputBag($request);
$this->request = new ParameterBag($request);
$this->query = new InputBag($query);
$this->attributes = new ParameterBag($attributes);
$this->cookies = new InputBag($cookies);
Expand Down Expand Up @@ -298,7 +298,9 @@ public static function createFromGlobals()
{
$request = self::createRequestFromFactory($_GET, $_POST, [], $_COOKIE, $_FILES, $_SERVER);

if (0 === strpos($request->headers->get('CONTENT_TYPE'), 'application/x-www-form-urlencoded')
if ($_POST) {
$request->request = new InputBag($_POST);
} elseif (0 === strpos($request->headers->get('CONTENT_TYPE'), 'application/x-www-form-urlencoded')
&& \in_array(strtoupper($request->server->get('REQUEST_METHOD', 'GET')), ['PUT', 'DELETE', 'PATCH'])
) {
parse_str($request->getContent(), $data);
Expand Down Expand Up @@ -447,7 +449,7 @@ public function duplicate(array $query = null, array $request = null, array $att
$dup->query = new InputBag($query);
}
if (null !== $request) {
$dup->request = new InputBag($request);
$dup->request = new ParameterBag($request);
}
if (null !== $attributes) {
$dup->attributes = new ParameterBag($attributes);
Expand Down
11 changes: 11 additions & 0 deletions src/Symfony/Component/HttpFoundation/Tests/RequestTest.php
View file
Expand Up @@ -13,6 +13,8 @@

use PHPUnit\Framework\TestCase;
use Symfony\Component\HttpFoundation\Exception\SuspiciousOperationException;
use Symfony\Component\HttpFoundation\InputBag;
use Symfony\Component\HttpFoundation\ParameterBag;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\HttpFoundation\Session\Storage\MockArraySessionStorage;
Expand Down Expand Up @@ -1255,6 +1257,11 @@ public function testCreateFromGlobals($method)
{
$normalizedMethod = strtoupper($method);

$_POST = [];
$request = Request::createFromGlobals();
$this->assertNotInstanceOf(InputBag::class, $request->request);
$this->assertInstanceOf(ParameterBag::class, $request->request);

$_GET['foo1'] = 'bar1';
$_POST['foo2'] = 'bar2';
$_COOKIE['foo3'] = 'bar3';
Expand All @@ -1267,6 +1274,8 @@ public function testCreateFromGlobals($method)
$this->assertEquals('bar3', $request->cookies->get('foo3'), '::fromGlobals() uses values from $_COOKIE');
$this->assertEquals(['bar4'], $request->files->get('foo4'), '::fromGlobals() uses values from $_FILES');
$this->assertEquals('bar5', $request->server->get('foo5'), '::fromGlobals() uses values from $_SERVER');
$this->assertInstanceOf(InputBag::class, $request->request);
$this->assertInstanceOf(ParameterBag::class, $request->request);

unset($_GET['foo1'], $_POST['foo2'], $_COOKIE['foo3'], $_FILES['foo4'], $_SERVER['foo5']);

Expand All @@ -1275,6 +1284,8 @@ public function testCreateFromGlobals($method)
$request = RequestContentProxy::createFromGlobals();
$this->assertEquals($normalizedMethod, $request->getMethod());
$this->assertEquals('mycontent', $request->request->get('content'));
$this->assertInstanceOf(InputBag::class, $request->request);
$this->assertInstanceOf(ParameterBag::class, $request->request);

unset($_SERVER['REQUEST_METHOD'], $_SERVER['CONTENT_TYPE']);

Expand Down

0 comments on commit 3f31a08

Please sign in to comment.