Documentation & API reference
function UrlTest::testDrupalParseUrl
Tests drupal_parse_url().
File
- drupal/
core/ modules/ system/ lib/ Drupal/ system/ Tests/ Common/ UrlTest.php, line 138 - Definition of Drupal\system\Tests\Common\UrlTest.
Class
- UrlTest
- Tests for URL generation functions.
Namespace
Drupal\system\Tests\CommonCode
function testDrupalParseUrl() {
// Relative, absolute, and external URLs, without/with explicit script path,
// without/with Drupal path.
foreach (array(
'',
'/',
'http://drupal.org/',
) as $absolute) {
foreach (array(
'',
'index.php/',
) as $script) {
foreach (array(
'',
'foo/bar',
) as $path) {
$url = $absolute . $script . $path . '?foo=bar&bar=baz&baz#foo';
$expected = array(
'path' => $absolute . $script . $path,
'query' => array(
'foo' => 'bar',
'bar' => 'baz',
'baz' => '',
),
'fragment' => 'foo',
);
$this
->assertEqual(drupal_parse_url($url), $expected, 'URL parsed correctly.');
}
}
}
// Relative URL that is known to confuse parse_url().
$url = 'foo/bar:1';
$result = array(
'path' => 'foo/bar:1',
'query' => array(),
'fragment' => '',
);
$this
->assertEqual(drupal_parse_url($url), $result, 'Relative URL parsed correctly.');
// Test that drupal can recognize an absolute URL. Used to prevent attack vectors.
$url = 'http://drupal.org/foo/bar?foo=bar&bar=baz&baz#foo';
$this
->assertTrue(url_is_external($url), 'Correctly identified an external URL.');
// Test that drupal_parse_url() does not allow spoofing a URL to force a malicious redirect.
$parts = drupal_parse_url('forged:http://cwe.mitre.org/data/definitions/601.html');
$this
->assertFalse(valid_url($parts['path'], TRUE), 'drupal_parse_url() correctly parsed a forged URL.');
}