diff --git a/components/com_users/controllers/user.php b/components/com_users/controllers/user.php index 593e5a699e605..4a478d65d8e1d 100644 --- a/components/com_users/controllers/user.php +++ b/components/com_users/controllers/user.php @@ -210,7 +210,7 @@ public function logout() // Don't redirect to an external URL. if (!JUri::isInternal($return)) { - $return = ''; + $return = 'index.php'; } } diff --git a/libraries/src/Uri/Uri.php b/libraries/src/Uri/Uri.php index 535c465dca059..c77ecbee553b5 100644 --- a/libraries/src/Uri/Uri.php +++ b/libraries/src/Uri/Uri.php @@ -270,6 +270,59 @@ public function setPath($path) public static function isInternal($url) { $uri = static::getInstance($url); + + if ($uri->getScheme()) + { + /* + * The supplied URL contains a scheme, a host and probably also a port. + * In order to allow URLs as internal even if they use a different scheme we have to replace the scheme etc. for the following tests accordingly + * if the host in the supplied URL is identical to the host in our base. + */ + $baseuri = static::getInstance(static::base()); + + if ($uri->getHost() == $baseuri->getHost()) + { + $uScheme = $uri->getScheme(); + $uPort = $uri->getPort(); + $bScheme = $baseuri->getScheme(); + $bPort = $baseuri->getPort(); + + if ($uScheme == $bScheme) + { + /* + * The supplied URL contains the same scheme as our base URL, so the scheme needs not to be changed for the following tests. + * But we might have different ports given in the supplied URL and in our base URL: + * - supplied URL: no port, our base URL: port 80 (HTTP) or 443 (HTTPS) + * - supplied URL: port 80 (HTTP) or 443 (HTTPS), our base URL: no port + * In these two cases we have to replace the port in the supplied URL with the port from our base URL. + */ + if ((!$uPort && (($bScheme == 'http' && $bPort == 80) || ($bScheme == 'https' && $bPort == 443))) + || (!$bPort && (($uScheme == 'http' && $uPort == 80) || ($uScheme == 'https' && $uPort == 443)))) + { + $uri->setPort($bPort); + } + } + else + { + /* + * The supplied URL doesn't contain the same scheme as our base URL, so probably the scheme needs to be changed for the following tests. + * Whether we change the scheme or not depends upon the following conditions: + * - the scheme of the supplied URL is "http" and the port is either not specified or 80 and the scheme of our base URL is "https" and + * the port is either not specified or 443 + * - the scheme of the supplied URL is "https" and the port is either not specified or 443 and the scheme of our base URL is "http" and + * the port is either not specified or 80 + * In these two cases we have to replace the scheme and the port in the supplied URL with the scheme and the port from our base URL. + */ + if (($uScheme == 'http' && (!$uPort || $uPort == 80) && $bScheme == 'https' && (!$bPort || $bPort == 443)) + || ($uScheme == 'https' && (!$uPort || $uPort == 443) && $bScheme == 'http' && (!$bPort || $bPort == 80))) + { + $uri->setScheme($bScheme); + $uri->setPort($bPort); + } + } + } + } + $base = $uri->toString(array('scheme', 'host', 'port', 'path')); $host = $uri->toString(array('scheme', 'host', 'port')); diff --git a/modules/mod_login/helper.php b/modules/mod_login/helper.php index fc31d5444b606..29b818ebc8a85 100644 --- a/modules/mod_login/helper.php +++ b/modules/mod_login/helper.php @@ -29,11 +29,9 @@ public static function getReturnUrl($params, $type) $app = JFactory::getApplication(); $item = $app->getMenu()->getItem($params->get($type)); - // Stay on the same page - $url = JUri::getInstance()->toString(); - if ($item) { + // Continue with the redirection page configured $lang = ''; if ($item->language !== '*' && JLanguageMultilang::isEnabled()) @@ -42,6 +40,27 @@ public static function getReturnUrl($params, $type) } $url = 'index.php?Itemid=' . $item->id . $lang; + + // Check whether encrypted login form is enabled + if ($params->get('usesecure')) + { + // Login: access to redirection page via HTTPS, logout: access to redirection page via HTTP + $url = JRoute::_($url, true, ($type == 'login') ? 1 : 2); + } + } + else + { + // Stay on the same page + $url = JUri::getInstance(); + + // Check whether encrypted login form is enabled + if ($params->get('usesecure')) + { + // Login: access page via HTTPS, logout: access page via HTTP + $url->setScheme(($type == 'login') ? 'https' : 'http'); + } + + $url = $url->toString(); } return base64_encode($url); diff --git a/tests/unit/suites/libraries/joomla/uri/JURITest.php b/tests/unit/suites/libraries/joomla/uri/JURITest.php index f81b49ed6641d..1e0255d4a2054 100644 --- a/tests/unit/suites/libraries/joomla/uri/JURITest.php +++ b/tests/unit/suites/libraries/joomla/uri/JURITest.php @@ -29,6 +29,48 @@ class JUriTest extends \PHPUnit\Framework\TestCase */ protected $backupServer; + /** + * Set up JUri environment depending upon arguments. + * Allows to replace the environment for some tests. + * + * @param string $httpHost + * @param bool $https + * @param string $scriptName + * @param string $query + * @param string $fragment + * + * @return void + * + * @since 11.1 + */ + private function setUpLocal($httpHost, $https, $scriptName, $query = null, $fragment = null) + { + JUri::reset(); + + $_SERVER['HTTP_HOST'] = $httpHost; + if ($https) + { + $_SERVER['HTTPS'] = 'on'; + } + else + { + unset($_SERVER['HTTPS']); + } + $_SERVER['SCRIPT_NAME'] = $scriptName; + $_SERVER['PHP_SELF'] = $scriptName; + $_SERVER['REQUEST_URI'] = $scriptName; + if (!empty($query)) + { + $_SERVER['REQUEST_URI'] .= '?' . $query; + } + if (!empty($fragment)) + { + $_SERVER['REQUEST_URI'] .= '#' . $fragment; + } + + $this->object = new JUri; + } + /** * Sets up the fixture, for example, opens a network connection. * This method is called before a test is executed. @@ -41,14 +83,7 @@ protected function setUp() { parent::setUp(); $this->backupServer = $_SERVER; - JUri::reset(); - - $_SERVER['HTTP_HOST'] = 'www.example.com:80'; - $_SERVER['SCRIPT_NAME'] = '/joomla/index.php'; - $_SERVER['PHP_SELF'] = '/joomla/index.php'; - $_SERVER['REQUEST_URI'] = '/joomla/index.php?var=value 10'; - - $this->object = new JUri; + self::setUpLocal('www.example.com:80', false, '/joomla/index.php', 'var=value 10'); } /** @@ -216,6 +251,24 @@ public function testisInternalWithNoSchemeAndNotInternal() JUri::isInternal('www.myotherexample.com'), 'www.myotherexample.com should NOT be resolved as internal' ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('www.myotherexample.com'), + 'www.myotherexample.com should NOT be resolved as internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('www.myotherexample.com'), + 'www.myotherexample.com should NOT be resolved as internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('www.myotherexample.com'), + 'www.myotherexample.com should NOT be resolved as internal' + ); } /** @@ -231,6 +284,24 @@ public function testisInternalWithNoSchemeAndNoHostnameAndNotInternal() JUri::isInternal('myotherexample.com'), 'myotherexample.com should NOT be resolved as internal' ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('myotherexample.com'), + 'myotherexample.com should NOT be resolved as internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('myotherexample.com'), + 'myotherexample.com should NOT be resolved as internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('myotherexample.com'), + 'myotherexample.com should NOT be resolved as internal' + ); } /** @@ -244,7 +315,25 @@ public function testisInternalWithSchemeAndNotInternal() { $this->assertFalse( JUri::isInternal('http://www.myotherexample.com'), - 'http://www.myotherexample.com should NOT be resolved as internal' + 'http://www.myotherexample.com should NOT be resolved as internal' + ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('http://www.myotherexample.com'), + 'http://www.myotherexample.com should NOT be resolved as internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('http://www.myotherexample.com'), + 'http://www.myotherexample.com should NOT be resolved as internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('http://www.myotherexample.com'), + 'http://www.myotherexample.com should NOT be resolved as internal' ); } @@ -261,6 +350,24 @@ public function testisInternalWhenInternalWithNoDomainOrScheme() JUri::isInternal('index.php?option=com_something'), 'index.php?option=com_something should be internal' ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('index.php?option=com_something'), + 'index.php?option=com_something should be internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('index.php?option=com_something'), + 'index.php?option=com_something should be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('index.php?option=com_something'), + 'index.php?option=com_something should be internal' + ); } /** @@ -276,6 +383,34 @@ public function testisInternalWhenInternalWithDomainAndSchemeAndPort() JUri::isInternal(JUri::base() . 'index.php?option=com_something'), JUri::base() . 'index.php?option=com_something should be internal' ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal(JUri::base() . 'index.php?option=com_something'), + JUri::base() . 'index.php?option=com_something should be internal' + ); + } + + /** + * Test hardening of JUri::isInternal against non internal links + * + * @return void + * + * @covers JUri::isInternal + */ + public function testisInternalWhenInternalWithDomainAndSchemeAndNoPort() + { + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal(JUri::base() . 'index.php?option=com_something'), + JUri::base() . 'index.php?option=com_something should be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal(JUri::base() . 'index.php?option=com_something'), + JUri::base() . 'index.php?option=com_something should be internal' + ); } /** @@ -287,15 +422,35 @@ public function testisInternalWhenInternalWithDomainAndSchemeAndPort() */ public function testisInternalWhenInternalWithDomainAndSchemeAndPortNoSubFolder() { - JUri::reset(); + self::setUpLocal('www.example.com:80', false, '/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal(JUri::base() . 'index.php?option=com_something'), + JUri::base() . 'index.php?option=com_something should be internal' + ); - $_SERVER['HTTP_HOST'] = 'www.example.com:80'; - $_SERVER['SCRIPT_NAME'] = '/index.php'; - $_SERVER['PHP_SELF'] = '/index.php'; - $_SERVER['REQUEST_URI'] = '/index.php?var=value 10'; + self::setUpLocal('www.example.com:443', true, '/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal(JUri::base() . 'index.php?option=com_something'), + JUri::base() . 'index.php?option=com_something should be internal' + ); + } - $this->object = new JUri; + /** + * Test hardening of JUri::isInternal against non internal links + * + * @return void + * + * @covers JUri::isInternal + */ + public function testisInternalWhenInternalWithDomainAndSchemeAndNoPortNoSubFolder() + { + self::setUpLocal('www.example.com', false, '/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal(JUri::base() . 'index.php?option=com_something'), + JUri::base() . 'index.php?option=com_something should be internal' + ); + self::setUpLocal('www.example.com', true, '/index.php', 'var=value 10'); $this->assertTrue( JUri::isInternal(JUri::base() . 'index.php?option=com_something'), JUri::base() . 'index.php?option=com_something should be internal' @@ -315,6 +470,34 @@ public function testisInternalWhenNOTInternalWithDomainAndSchemeAndPortAndIndex( JUri::isInternal('http://www.myotherexample.com/index.php?option=com_something'), 'http://www.myotherexample.com/index.php?option=com_something should NOT be internal' ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('http://www.myotherexample.com/index.php?option=com_something'), + 'http://www.myotherexample.com/index.php?option=com_something should NOT be internal' + ); + } + + /** + * Test hardening of JUri::isInternal against non internal links + * + * @return void + * + * @covers JUri::isInternal + */ + public function testisInternalWhenNOTInternalWithDomainAndSchemeAndNoPortAndIndex() + { + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('http://www.myotherexample.com/index.php?option=com_something'), + 'http://www.myotherexample.com/index.php?option=com_something should NOT be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('http://www.myotherexample.com/index.php?option=com_something'), + 'http://www.myotherexample.com/index.php?option=com_something should NOT be internal' + ); } /** @@ -330,6 +513,24 @@ public function testisInternalWhenNOTInternalWithDomainAndNoSchemeAndPortAndInde JUri::isInternal('www.myotherexample.com/index.php?option=com_something'), 'www.myotherexample.comindex.php?option=com_something should NOT be internal' ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('www.myotherexample.com/index.php?option=com_something'), + 'www.myotherexample.comindex.php?option=com_something should NOT be internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('www.myotherexample.com/index.php?option=com_something'), + 'www.myotherexample.comindex.php?option=com_something should NOT be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('www.myotherexample.com/index.php?option=com_something'), + 'www.myotherexample.comindex.php?option=com_something should NOT be internal' + ); } /** @@ -345,6 +546,24 @@ public function testisInternal3rdPartyDevs() JUri::isInternal('/customDevScript.php'), '/customDevScript.php should NOT be internal' ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('/customDevScript.php'), + '/customDevScript.php should NOT be internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('/customDevScript.php'), + '/customDevScript.php should NOT be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('/customDevScript.php'), + '/customDevScript.php should NOT be internal' + ); } /** @@ -360,6 +579,24 @@ public function testAppendingOfBaseToTheEndOfTheUrl() JUri::isInternal('/customDevScript.php?www.example.com'), '/customDevScript.php?www.example.com should NOT be internal' ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('/customDevScript.php?www.example.com'), + '/customDevScript.php?www.example.com should NOT be internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('/customDevScript.php?www.example.com'), + '/customDevScript.php?www.example.com should NOT be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('/customDevScript.php?www.example.com'), + '/customDevScript.php?www.example.com should NOT be internal' + ); } /** @@ -375,6 +612,24 @@ public function testAppendingOfBaseToTheEndOfTheUrl2() JUri::isInternal('www.otherexample.com/www.example.com'), 'www.otherexample.com/www.example.com should NOT be internal' ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('www.otherexample.com/www.example.com'), + 'www.otherexample.com/www.example.com should NOT be internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('www.otherexample.com/www.example.com'), + 'www.otherexample.com/www.example.com should NOT be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('www.otherexample.com/www.example.com'), + 'www.otherexample.com/www.example.com should NOT be internal' + ); } /** @@ -390,6 +645,210 @@ public function testSchemeEmptyButHostAndPortMatch() JUri::isInternal('www.example.com:80'), 'www.example.com:80 should be internal' ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('www.example.com:443'), + 'www.example.com:443 should be internal' + ); + } + + /** + * Test hardening of JUri::isInternal against non internal links + * + * @return void + * + * @covers JUri::isInternal + */ + public function testSchemeHostMatchNoPort() + { + $this->assertTrue( + JUri::isInternal('http://www.example.com/joomla/index.php'), + 'http://www.example.com/joomla/index.php should be internal' + ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('http://www.example.com/joomla/index.php'), + 'http://www.example.com/joomla/index.php should be internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('https://www.example.com/joomla/index.php'), + 'https://www.example.com/joomla/index.php should be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('https://www.example.com/joomla/index.php'), + 'https://www.example.com/joomla/index.php should be internal' + ); + } + + /** + * Test hardening of JUri::isInternal against non internal links + * + * @return void + * + * @covers JUri::isInternal + */ + public function testSchemeDifferHostMatchNoPort() + { + $this->assertTrue( + JUri::isInternal('https://www.example.com/joomla/index.php'), + 'https://www.example.com/joomla/index.php should be internal' + ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('https://www.example.com/joomla/index.php'), + 'https://www.example.com/joomla/index.php should be internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('http://www.example.com/joomla/index.php'), + 'http://www.example.com/joomla/index.php should be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('http://www.example.com/joomla/index.php'), + 'http://www.example.com/joomla/index.php should be internal' + ); + } + + /** + * Test hardening of JUri::isInternal against non internal links + * + * @return void + * + * @covers JUri::isInternal + */ + public function testSchemeHostMatchStandardPort() + { + $this->assertTrue( + JUri::isInternal('http://www.example.com:80/joomla/index.php'), + 'http://www.example.com:80/joomla/index.php should be internal' + ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('http://www.example.com:80/joomla/index.php'), + 'http://www.example.com:80/joomla/index.php should be internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('https://www.example.com:443/joomla/index.php'), + 'https://www.example.com:443/joomla/index.php should be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('https://www.example.com:443/joomla/index.php'), + 'https://www.example.com:443/joomla/index.php should be internal' + ); + } + + /** + * Test hardening of JUri::isInternal against non internal links + * + * @return void + * + * @covers JUri::isInternal + */ + public function testSchemeDifferHostMatchStandardPort() + { + $this->assertTrue( + JUri::isInternal('https://www.example.com:443/joomla/index.php'), + 'https://www.example.com:443/joomla/index.php should be internal' + ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('https://www.example.com:443/joomla/index.php'), + 'https://www.example.com:443/joomla/index.php should be internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('http://www.example.com:80/joomla/index.php'), + 'http://www.example.com:80/joomla/index.php should be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertTrue( + JUri::isInternal('http://www.example.com:80/joomla/index.php'), + 'http://www.example.com:80/joomla/index.php should be internal' + ); + } + + /** + * Test hardening of JUri::isInternal against non internal links + * + * @return void + * + * @covers JUri::isInternal + */ + public function testSchemeHostMatchNonStandardPort() + { + $this->assertFalse( + JUri::isInternal('http://www.example.com:8080/joomla/index.php'), + 'http://www.example.com:8080/joomla/index.php should NOT be internal' + ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('http://www.example.com:8080/joomla/index.php'), + 'http://www.example.com:8080/joomla/index.php should NOT be internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('https://www.example.com:8443/joomla/index.php'), + 'https://www.example.com:8443/joomla/index.php should NOT be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('https://www.example.com:8443/joomla/index.php'), + 'https://www.example.com:8443/joomla/index.php should NOT be internal' + ); + } + + /** + * Test hardening of JUri::isInternal against non internal links + * + * @return void + * + * @covers JUri::isInternal + */ + public function testSchemeDifferHostMatchNonStandardPort() + { + $this->assertFalse( + JUri::isInternal('https://www.example.com:8443/joomla/index.php'), + 'https://www.example.com:8443/joomla/index.php should NOT be internal' + ); + + self::setUpLocal('www.example.com', false, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('https://www.example.com:8443/joomla/index.php'), + 'https://www.example.com:8443/joomla/index.php should NOT be internal' + ); + + self::setUpLocal('www.example.com:443', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('http://www.example.com:8080/joomla/index.php'), + 'http://www.example.com:8080/joomla/index.php should NOT be internal' + ); + + self::setUpLocal('www.example.com', true, '/joomla/index.php', 'var=value 10'); + $this->assertFalse( + JUri::isInternal('http://www.example.com:8080/joomla/index.php'), + 'http://www.example.com:8080/joomla/index.php should NOT be internal' + ); } /**