add test for _SERVER check on filter_input

Author: withinboredom

frankenphp.c

@@ -63,7 +63,6 @@ frankenphp_config frankenphp_get_config() {
   };
 }
 
-bool should_filter_var = 0;
 __thread uintptr_t thread_index;
 __thread bool is_worker_thread = false;
 __thread zval *os_environment = NULL;
@@ -613,10 +612,8 @@ void frankenphp_register_trusted_var(zend_string *z_key, char *value,
   }
   size_t new_val_len = val_len;
 
-  if ((should_filter_var &&
-       sapi_module.input_filter(PARSE_SERVER, ZSTR_VAL(z_key), &value,
-                                new_val_len, &new_val_len)) ||
-      !should_filter_var) {
+  if (sapi_module.input_filter(PARSE_SERVER, ZSTR_VAL(z_key), &value,
+                               new_val_len, &new_val_len)) {
     zval z_value;
     ZVAL_STRINGL_FAST(&z_value, value, new_val_len);
     zend_hash_update_ind(ht, z_key, &z_value);
@@ -744,10 +741,8 @@ void frankenphp_register_variable_safe(char *key, char *val, size_t val_len,
     val = "";
   }
   size_t new_val_len = val_len;
-  if ((should_filter_var &&
-       sapi_module.input_filter(PARSE_SERVER, key, &val, new_val_len,
-                                &new_val_len)) ||
-      !should_filter_var) {
+  if (sapi_module.input_filter(PARSE_SERVER, key, &val, new_val_len,
+                               &new_val_len)) {
     php_register_variable_safe(key, val, new_val_len, track_vars_array);
   }
 }
@@ -918,12 +913,6 @@ static void *php_main(void *arg) {
 
   frankenphp_sapi_module.startup(&frankenphp_sapi_module);
 
-  /* check if a default filter is set in php.ini and only filter if
-   * it is, this is deprecated and will be removed in PHP 9 */
-  char *default_filter;
-  cfg_get_string("filter.default", &default_filter);
-  should_filter_var = default_filter != NULL;
-
   go_frankenphp_main_thread_is_ready();
 
   /* channel closed, shutdown gracefully */

frankenphp_test.go

@@ -286,11 +286,11 @@ func testInput(t *testing.T, opts *testOptions) {
 	}, opts)
 }
 
-func TestFilterInput_module(t *testing.T) { testFilterInput(t, nil) }
-func TestFilterInput_worker(t *testing.T) {
+func TestFilterInputDefault_module(t *testing.T) { testFilterInput(t, nil) }
+func TestFilterInputDefault_worker(t *testing.T) {
 	testFilterInput(t, &testOptions{workerScript: "filter.php"})
 }
-func testFilterInput(t *testing.T, opts *testOptions) {
+func testFilterInputDefault(t *testing.T, opts *testOptions) {
 	if opts == nil {
 		opts = &testOptions{}
 	}
@@ -309,6 +309,23 @@ func testFilterInput(t *testing.T, opts *testOptions) {
 	}, opts)
 }
 
+func TestFilterInput_module(t *testing.T) { testFilterInput(t, nil) }
+func TestFilterInput_worker(t *testing.T) {
+	testFilterInput(t, &testOptions{workerScript: "filter.php"})
+}
+func testFilterInput(t *testing.T, opts *testOptions) {
+	runTest(t, func(handler func(http.ResponseWriter, *http.Request), _ *httptest.Server, i int) {
+		req := httptest.NewRequest("GET", "http://example.com/filter.php", nil)
+		w := httptest.NewRecorder()
+		handler(w, req)
+
+		resp := w.Result()
+		body, _ := io.ReadAll(resp.Body)
+
+		assert.Equal(t, "GET", string(body))
+	}, opts)
+}
+
 func TestPostSuperGlobals_module(t *testing.T) { testPostSuperGlobals(t, nil) }
 func TestPostSuperGlobals_worker(t *testing.T) {
 	testPostSuperGlobals(t, &testOptions{workerScript: "super-globals.php"})