Commits

Evan Coury committed f30be2f Merge

Merge remote-tracking branch 'SocalNick/feature/prevent-circular-forward'

Comments (0)

Files changed (3)

library/Zend/Mvc/Controller/Plugin/Forward.php

 {
     protected $event;
     protected $locator;
+    protected $maxNestedForwards = 10;
+    protected $numNestedForwards = 0;
+
+    public function setMaxNestedForwards($maxNestedForwards)
+    {
+        $this->maxNestedForwards = (int) $maxNestedForwards;
+        return $this;
+    }
 
     /**
      * Dispatch another controller
             $event->setRouteMatch($matches);
         }
 
+        if ($this->numNestedForwards > $this->maxNestedForwards) {
+            throw new Exception\DomainException("Circular forwarding detected: greater than $this->maxNestedForwards nested forwards");
+        }
+        $this->numNestedForwards++;
+
         $return = $controller->dispatch($event->getRequest(), $event->getResponse());
 
+        $this->numNestedForwards--;
+
         if ($cachedMatches) {
             $event->setRouteMatch($cachedMatches);
         }

tests/Zend/Mvc/Controller/Plugin/ForwardTest.php

         $this->plugin->dispatch('bogus');
     }
 
+    public function testDispatchRaisesDomainExceptionIfCircular()
+    {
+        $this->setExpectedException('Zend\Mvc\Exception\DomainException', 'Circular forwarding');
+        $sampleController = $this->controller;
+        $sampleController->getLocator()->add('sample', function() use ($sampleController) {
+            return $sampleController;
+        });
+        $this->plugin->dispatch('sample', array('action' => 'test-circular'));
+    }
+
     public function testPluginDispatchsRequestedControllerWhenFound()
     {
         $result = $this->plugin->dispatch('forward');

tests/Zend/Mvc/Controller/TestAsset/SampleController.php

     {
         return array('content' => 'Test Some Strangely Separated Words');
     }
+
+    public function testCircularAction()
+    {
+        return $this->forward()->dispatch('sample', array('action' => 'test-circular'));
+    }
 }
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.