From: =?utf-8?q?David_Pr=C3=A9vot?= Date: Mon, 1 Jan 2024 19:29:13 +0100 Subject: Ignore more failing tests with current Guzzle --- tests/Guzzle/RequestTest.php | 1 + tests/Guzzle/ServerRequestTest.php | 12 ++++++++++++ tests/Guzzle/UriTest.php | 4 ++++ 3 files changed, 17 insertions(+) diff --git a/tests/Guzzle/RequestTest.php b/tests/Guzzle/RequestTest.php index a89abdc..49d54cb 100644 --- a/tests/Guzzle/RequestTest.php +++ b/tests/Guzzle/RequestTest.php @@ -9,6 +9,7 @@ class RequestTest extends RequestIntegrationTest { protected $skippedTests = [ 'testMethodIsCaseSensitive' => 'methods are uppercased for BC', + 'testGetRequestTargetInOriginFormNormalizesUriWithMultipleLeadingSlashesInPath' => 'mitigations for CVE-2015-3257 are not in place', ]; public function createSubject() diff --git a/tests/Guzzle/ServerRequestTest.php b/tests/Guzzle/ServerRequestTest.php index 8e77863..1fb26c4 100644 --- a/tests/Guzzle/ServerRequestTest.php +++ b/tests/Guzzle/ServerRequestTest.php @@ -31,10 +31,22 @@ class ServerRequestTest extends ServerRequestIntegrationTest */ protected $skippedTests = [ 'testGetParsedBodyInvalid' => 'more types are accepted per rfc7158', + 'testMethodIsCaseSensitive' => 'methods are uppercased for BC', + 'testGetRequestTargetInOriginFormNormalizesUriWithMultipleLeadingSlashesInPath' => 'mitigations for CVE-2015-3257 are not in place', ]; public function createSubject() { return new ServerRequest('GET', '/', [], null, '1.1', $_SERVER); } + + public static function getInvalidHeaderArguments() + { + $testCases = parent::getInvalidHeaderArguments(); + + // Guzzle accepts false as value for BC + unset($testCases[3]); + + return $testCases; + } } diff --git a/tests/Guzzle/UriTest.php b/tests/Guzzle/UriTest.php index 78cd981..39a3401 100644 --- a/tests/Guzzle/UriTest.php +++ b/tests/Guzzle/UriTest.php @@ -7,6 +7,10 @@ use Http\Psr7Test\UriIntegrationTest; class UriTest extends UriIntegrationTest { + protected $skippedTests = [ + 'testGetPathNormalizesMultipleLeadingSlashesToSingleSlashToPreventXSS' => 'mitigations for CVE-2015-3257 are not in place', + ]; + public function createUri($uri) { return new Uri($uri);