Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions src/Event/Http/HttpRequestEvent.php
Original file line number Diff line number Diff line change
Expand Up @@ -101,13 +101,13 @@ public function getRemotePort(): int
*/
public function getBasicAuthCredentials(): array
{
$authorizationHeader = trim($this->headers['authorization'][0] ?? '');
$authorizationHeader = trim($this->headers['authorization'][0] ?? '', " \t");

if (! str_starts_with($authorizationHeader, 'Basic ')) {
return [null, null];
}

$auth = base64_decode(trim(explode(' ', $authorizationHeader)[1]), true);
$auth = base64_decode(trim(explode(' ', $authorizationHeader)[1], " \t"), true);

if ($auth === false || ! str_contains($auth, ':')) {
return [null, null];
Expand Down Expand Up @@ -186,7 +186,7 @@ public function getCookies(): array
// Multiple "Cookie" headers are not authorized
// https://stackoverflow.com/questions/16305814/are-multiple-cookie-headers-allowed-in-an-http-request
$cookieHeader = $this->headers['cookie'][0];
$cookieParts = array_map('trim', explode(';', $cookieHeader));
$cookieParts = array_map(fn (string $part) => trim($part, " \t"), explode(';', $cookieHeader));
}

$cookies = [];
Expand Down
2 changes: 1 addition & 1 deletion src/Runtime/LambdaRuntime.php
Original file line number Diff line number Diff line change
Expand Up @@ -149,7 +149,7 @@ private function waitNextInvocation(): array
}
[$name, $value] = preg_split('/:\s*/', $header, 2);
$name = strtolower($name);
$value = trim($value);
$value = trim($value, " \t\r\n");
if ($name === 'lambda-runtime-aws-request-id') {
$contextBuilder->setAwsRequestId($value);
}
Expand Down
24 changes: 24 additions & 0 deletions tests/Event/Http/HttpRequestEventTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -170,6 +170,18 @@ public function test basic auth with an empty password()
$this->assertSame(['user', ''], $event->getBasicAuthCredentials());
}

public function test basic auth with whitespace around the header value()
{
$event = new HttpRequestEvent([
'httpMethod' => 'GET',
'headers' => [
'Authorization' => "\t Basic " . base64_encode('user:password') . " \t",
],
]);

$this->assertSame(['user', 'password'], $event->getBasicAuthCredentials());
}

public function test basic auth without a colon is rejected()
{
$event = new HttpRequestEvent([
Expand Down Expand Up @@ -204,6 +216,18 @@ public function test cookies without a space after the semicolon()
$this->assertSame(['a' => '1', 'b' => '2', 'c' => '3'], $event->getCookies());
}

public function test cookies with whitespace around the pairs()
{
$event = new HttpRequestEvent([
'httpMethod' => 'GET',
'headers' => [
'Cookie' => "a=1 ;\tb=2\t; c=3",
],
]);

$this->assertSame(['a' => '1', 'b' => '2', 'c' => '3'], $event->getCookies());
}

/**
* @dataProvider provide query strings
*/
Expand Down
6 changes: 3 additions & 3 deletions tests/Sam/PhpRuntimeTest.php
Original file line number Diff line number Diff line change
Expand Up @@ -258,7 +258,7 @@ private function invokeLambda($event = null): array
$stderr = preg_replace('/\x1b\[[0-9;]*m/', '', $stderr);

// Extract the result from stdout
$output = explode("\n", trim($process->getOutput()));
$output = explode("\n", trim($process->getOutput(), " \t\n\r\0\x0B"));
$lastLine = end($output);
if (! empty($lastLine)) {
$result = json_decode($lastLine, true, 512, JSON_THROW_ON_ERROR);
Expand All @@ -269,7 +269,7 @@ private function invokeLambda($event = null): array
$result = null;
// Was there an error?
preg_match('/REPORT RequestId: [^\n]*(.*)/s', $stderr, $matches);
$error = trim($matches[1] ?? '');
$error = trim($matches[1] ?? '', " \t\n\r\0\x0B");
if ($error !== '') {
$result = json_decode($error, true, 512, JSON_THROW_ON_ERROR);
if (json_last_error()) {
Expand Down Expand Up @@ -314,7 +314,7 @@ private function assertErrorInLogs(
// Extract the only interesting log line
$logLines = explode("\n", $logs);
$logLines = array_filter($logLines, function (string $line): bool {
$line = trim($line);
$line = trim($line, " \t\n\r\0\x0B");
return $line !== ''
&& (strpos($line, 'START') !== 0)
&& (strpos($line, 'END') !== 0)
Expand Down
Loading