‪TYPO3CMS  ‪main
DebugExceptionHandlerTest.php
Go to the documentation of this file.
1 <?php
2 
3 declare(strict_types=1);
4 
5 /*
6  * This file is part of the TYPO3 CMS project.
7  *
8  * It is free software; you can redistribute it and/or modify it under
9  * the terms of the GNU General Public License, either version 2
10  * of the License, or any later version.
11  *
12  * For the full copyright and license information, please read the
13  * LICENSE.txt file that was distributed with this source code.
14  *
15  * The TYPO3 project - inspiring people to share!
16  */
17 
18 namespace ‪TYPO3\CMS\Core\Tests\Unit\Error;
19 
20 use PHPUnit\Framework\MockObject\MockObject;
21 use Psr\Log\LoggerInterface;
22 use Psr\Log\LoggerTrait;
23 use ‪TYPO3\CMS\Core\Error\DebugExceptionHandler;
24 use ‪TYPO3\CMS\Core\Utility\GeneralUtility;
25 use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
26 
30 final class ‪DebugExceptionHandlerTest extends UnitTestCase
31 {
32  protected ‪DebugExceptionHandler&MockObject ‪$subject;
33 
37  protected function ‪setUp(): void
38  {
39  parent::setUp();
40  $this->subject = $this->getMockBuilder(DebugExceptionHandler::class)
41  ->onlyMethods(['sendStatusHeaders', 'writeLogEntries'])
42  ->disableOriginalConstructor()
43  ->getMock();
44  }
45 
46  protected function ‪tearDown(): void
47  {
48  $previousExceptionHandler = set_exception_handler(function () {});
49  restore_exception_handler();
50  if ($previousExceptionHandler !== null) {
51  // testcase exception handler detected, remove it
52  restore_exception_handler();
53  }
54  parent::tearDown();
55  }
56 
60  public function ‪echoExceptionWebEscapesExceptionMessage(): void
61  {
62  $message = '<b>b</b><script>alert(1);</script>';
63  $exception = new \Exception($message, 1476049363);
64  ob_start();
65  $this->subject->echoExceptionWeb($exception);
66  ‪$output = ob_get_contents();
67  ob_end_clean();
68 
69  self::assertStringContainsString(htmlspecialchars($message), ‪$output);
70  self::assertStringNotContainsString($message, ‪$output);
71  }
72 
78  public static function ‪exampleUrlsForTokenAnonymization(): array
79  {
80  return [
81  'url with valid token' => [
82  'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8ea206693b0d530ccd6b2b36',
83  'http://localhost/typo3/index.php?M=foo&moduleToken=--AnonymizedToken--',
84  ],
85  'url with valid token and encoded token' => [
86  'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8ea206693b0d530ccd6b2b36&returnUrl=%2Ftypo3%2Findex%2Ephp%3FM%3Dfoo%26moduleToken%3D5f1f7d447f22886e8ea206693b0d530ccd6b2b36',
87  'http://localhost/typo3/index.php?M=foo&moduleToken=--AnonymizedToken--&returnUrl=%2Ftypo3%2Findex%2Ephp%3FM%3Dfoo%26moduleToken%3D--AnonymizedToken--',
88  ],
89  'url with valid token in the middle' => [
90  'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8ea206693b0d530ccd6b2b36&param=asdf',
91  'http://localhost/typo3/index.php?M=foo&moduleToken=--AnonymizedToken--&param=asdf',
92  ],
93  'url with invalid token' => [
94  'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8/e',
95  'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8/e',
96  ],
97  'url with empty token' => [
98  'http://localhost/typo3/index.php?M=foo&moduleToken=',
99  'http://localhost/typo3/index.php?M=foo&moduleToken=',
100  ],
101  'url with no token' => [
102  'http://localhost/typo3/index.php?M=foo',
103  'http://localhost/typo3/index.php?M=foo',
104  ],
105  ];
106  }
107 
112  public function ‪logEntriesContainAnonymousTokens(string $originalUrl, string $expectedUrl): void
113  {
114  ‪$subject = new ‪DebugExceptionHandler();
115 
116  $logger = new class () implements LoggerInterface {
117  use LoggerTrait;
118  public array $records = [];
119  public function log($level, string|\Stringable $message, array $context = []): void
120  {
121  $this->records[] = [
122  'level' => $level,
123  'message' => $message,
124  'context' => $context,
125  ];
126  }
127  };
128 
129  ‪$subject->setLogger($logger);
130 
131  GeneralUtility::setIndpEnv('TYPO3_REQUEST_URL', $originalUrl);
132 
133  $exception = new \Exception('message', 1476049367);
134  ob_start();
135  ‪$subject->‪echoExceptionWeb($exception);
136  // output is caught, so it does not pollute the test run
137  ob_end_clean();
138 
139  self::assertEquals('critical', $logger->records[0]['level']);
140  self::assertEquals($expectedUrl, $logger->records[0]['context']['request_url']);
141  }
142 }
‪TYPO3\CMS\Core\Error\DebugExceptionHandler
Definition: DebugExceptionHandler.php:28
‪TYPO3\CMS\Core\Tests\Unit\Error
Definition: DebugExceptionHandlerTest.php:18
‪TYPO3\CMS\Core\Tests\Unit\Error\DebugExceptionHandlerTest\logEntriesContainAnonymousTokens
‪logEntriesContainAnonymousTokens(string $originalUrl, string $expectedUrl)
Definition: DebugExceptionHandlerTest.php:112
‪TYPO3\CMS\Core\Tests\Unit\Error\DebugExceptionHandlerTest\echoExceptionWebEscapesExceptionMessage
‪echoExceptionWebEscapesExceptionMessage()
Definition: DebugExceptionHandlerTest.php:60
‪TYPO3\CMS\Core\Tests\Unit\Error\DebugExceptionHandlerTest
Definition: DebugExceptionHandlerTest.php:31
‪TYPO3\CMS\Core\Tests\Unit\Error\DebugExceptionHandlerTest\exampleUrlsForTokenAnonymization
‪static string[][] exampleUrlsForTokenAnonymization()
Definition: DebugExceptionHandlerTest.php:78
‪$output
‪$output
Definition: annotationChecker.php:119
‪TYPO3\CMS\Core\Tests\Unit\Error\DebugExceptionHandlerTest\setUp
‪setUp()
Definition: DebugExceptionHandlerTest.php:37
‪TYPO3\CMS\Core\Tests\Unit\Error\DebugExceptionHandlerTest\$subject
‪DebugExceptionHandler &MockObject $subject
Definition: DebugExceptionHandlerTest.php:32
‪TYPO3\CMS\Core\Utility\GeneralUtility
Definition: GeneralUtility.php:51
‪TYPO3\CMS\Core\Error\DebugExceptionHandler\echoExceptionWeb
‪echoExceptionWeb(\Throwable $exception)
Definition: DebugExceptionHandler.php:47
‪TYPO3\CMS\Core\Tests\Unit\Error\DebugExceptionHandlerTest\tearDown
‪tearDown()
Definition: DebugExceptionHandlerTest.php:46