Skip to content
Snippets Groups Projects
Unverified Commit e239d3e3 authored by Alex Pott's avatar Alex Pott
Browse files

Issue #3175884 by gabesullice, mglaman, juagarc4: JSON:API link keys can collide

parent 6a910ad4
Branches
Tags
7 merge requests!7452Issue #1797438. HTML5 validation is preventing form submit and not fully...,!1012Issue #3226887: Hreflang on non-canonical content pages,!789Issue #3210310: Adjust Database API to remove deprecated Drupal 9 code in Drupal 10,!596Issue #3046532: deleting an entity reference field, used in a contextual view, makes the whole site unrecoverable,!496Issue #2463967: Use .user.ini file for PHP settings,!144Issue #2666286: Clean up menu_ui to conform to Drupal coding standards,!16Draft: Resolve #2081585 "History storage"
Hide whitespace changes
Inline Side-by-side
core/modules/jsonapi/src/Normalizer/LinkCollectionNormalizer.php
+ 8
1
View file @ e239d3e3
......@@ -94,7 +94,14 @@ protected function hashByHref(Link $link) {
if (!$this->hashSalt) {
$this->hashSalt = Crypt::randomBytesBase64();
}
return substr(str_replace(['-', '_'], '', Crypt::hashBase64($this->hashSalt . $link->getHref())), 0, 7);
$link_parameters = [
'href' => $link->getHref(),
] + $link->getTargetAttributes();
foreach ($link_parameters as $name => $value) {
$serialized_parameters[] = sprintf('%s="%s"', $name, implode(' ', (array) $value));
}
$b64_hash = Crypt::hashBase64($this->hashSalt . implode('; ', $serialized_parameters));
return substr(str_replace(['-', '_'], '', $b64_hash), 0, 7);
}
}
core/modules/jsonapi/tests/src/Kernel/Normalizer/LinkCollectionNormalizerTest.php 0 → 100644
+ 76
0
View file @ e239d3e3
<?php
namespace Drupal\Tests\jsonapi\Kernel\Normalizer;
use Drupal\Core\Cache\CacheableMetadata;
use Drupal\Core\Url;
use Drupal\jsonapi\JsonApiResource\Link;
use Drupal\jsonapi\JsonApiResource\LinkCollection;
use Drupal\jsonapi\JsonApiResource\ResourceObject;
use Drupal\jsonapi\Normalizer\LinkCollectionNormalizer;
use Drupal\jsonapi\ResourceType\ResourceType;
use Drupal\KernelTests\KernelTestBase;
/**
* @coversDefaultClass \Drupal\jsonapi\Normalizer\LinkCollectionNormalizer
* @group jsonapi
*
* @internal
*/
class LinkCollectionNormalizerTest extends KernelTestBase {
/**
* The subject under test.
*
* @var \Symfony\Component\Serializer\Normalizer\NormalizerInterface
*/
protected $normalizer;
/**
* {@inheritDoc}
*/
protected static $modules = [
'jsonapi',
'serialization',
];
/**
* {@inheritDoc}
*/
protected function setUp(): void {
parent::setUp();
$this->normalizer = new LinkCollectionNormalizer();
$this->normalizer->setSerializer($this->container->get('jsonapi.serializer'));
}
/**
* Tests the link collection normalizer.
*/
public function testNormalize() {
$link_context = new ResourceObject(new CacheableMetadata(), new ResourceType('n/a', 'n/a', 'n/a'), 'n/a', NULL, [], new LinkCollection([]));
$link_collection = (new LinkCollection([]))
->withLink('related', new Link(new CacheableMetadata(), Url::fromUri('http://example.com/post/42'), 'related', ['title' => 'Most viewed']))
->withLink('related', new Link(new CacheableMetadata(), Url::fromUri('http://example.com/post/42'), 'related', ['title' => 'Top rated']))
->withContext($link_context);
$normalized = $this->normalizer->normalize($link_collection)->getNormalization();
$this->assertIsArray($normalized);
foreach (array_keys($normalized) as $key) {
$this->assertStringStartsWith('related', $key);
}
$this->assertSame([
[
'href' => 'http://example.com/post/42',
'meta' => [
'title' => 'Most viewed',
],
],
[
'href' => 'http://example.com/post/42',
'meta' => [
'title' => 'Top rated',
],
],
], array_values($normalized));
}
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment