diff --git a/typo3/sysext/core/Tests/Unit/Error/AbstractExceptionHandlerTest.php b/typo3/sysext/core/Tests/Unit/Error/AbstractExceptionHandlerTest.php
deleted file mode 100644
index 751f6040ae4291b9e9317cd27f884dbaa578871d..0000000000000000000000000000000000000000
--- a/typo3/sysext/core/Tests/Unit/Error/AbstractExceptionHandlerTest.php
+++ /dev/null
@@ -1,69 +0,0 @@
-<?php
-declare(strict_types = 1);
-namespace TYPO3\CMS\Core\Tests\Unit\Error;
-
-/*
- * This file is part of the TYPO3 CMS project.
- *
- * It is free software; you can redistribute it and/or modify it under
- * the terms of the GNU General Public License, either version 2
- * of the License, or any later version.
- *
- * For the full copyright and license information, please read the
- * LICENSE.txt file that was distributed with this source code.
- *
- * The TYPO3 project - inspiring people to share!
- */
-
-use TYPO3\CMS\Core\Error\AbstractExceptionHandler;
-use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
-
-/**
- * Testcase for the AbstractExceptionHandlerTest class
- */
-class AbstractExceptionHandlerTest extends UnitTestCase
-{
- /**
- * Data provider with allowed contexts.
- *
- * @return array
- */
- public function exampleUrlsForTokenAnonymization(): array
- {
- return [
- 'url with valid token' => [
- 'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8ea206693b0d530ccd6b2b36',
- 'http://localhost/typo3/index.php?M=foo&moduleToken=--AnonymizedToken--'
- ],
- 'url with valid token in the middle' => [
- 'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8ea206693b0d530ccd6b2b36¶m=asdf',
- 'http://localhost/typo3/index.php?M=foo&moduleToken=--AnonymizedToken--¶m=asdf'
- ],
- 'url with invalid token' => [
- 'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8/e',
- 'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8/e',
- ],
- 'url with empty token' => [
- 'http://localhost/typo3/index.php?M=foo&moduleToken=',
- 'http://localhost/typo3/index.php?M=foo&moduleToken=',
- ],
- 'url with no token' => [
- 'http://localhost/typo3/index.php?M=foo',
- 'http://localhost/typo3/index.php?M=foo',
- ],
- ];
- }
-
- /**
- * @test
- * @dataProvider exampleUrlsForTokenAnonymization
- * @param string $originalUrl
- * @param string $expectedUrl
- */
- public function anonymizeTokenReturnsCorrectModifiedUrl(string $originalUrl, string $expectedUrl)
- {
- $mock = $this->getAccessibleMockForAbstractClass(AbstractExceptionHandler::class, ['dummy']);
- $anonymizedUrl = $mock->_call('anonymizeToken', $originalUrl);
- self::assertSame($expectedUrl, $anonymizedUrl);
- }
-}
diff --git a/typo3/sysext/core/Tests/Unit/Error/DebugExceptionHandlerTest.php b/typo3/sysext/core/Tests/Unit/Error/DebugExceptionHandlerTest.php
index 49981e05a979adfa8d30f7ae0f72b6c98fc3ea5d..01941d670f15cd4184b39f48f527b9d474ac79fb 100644
--- a/typo3/sysext/core/Tests/Unit/Error/DebugExceptionHandlerTest.php
+++ b/typo3/sysext/core/Tests/Unit/Error/DebugExceptionHandlerTest.php
@@ -14,6 +14,10 @@ namespace TYPO3\CMS\Core\Tests\Unit\Error;
* The TYPO3 project - inspiring people to share!
*/
+use Prophecy\Argument;
+use Psr\Log\LoggerInterface;
+use TYPO3\CMS\Core\Error\DebugExceptionHandler;
+use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
/**
@@ -52,4 +56,57 @@ class DebugExceptionHandlerTest extends UnitTestCase
self::assertStringContainsString(htmlspecialchars($message), $output);
self::assertStringNotContainsString($message, $output);
}
+
+ /**
+ * Data provider with allowed contexts.
+ *
+ * @return string[][]
+ */
+ public function exampleUrlsForTokenAnonymization(): array
+ {
+ return [
+ 'url with valid token' => [
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8ea206693b0d530ccd6b2b36',
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=--AnonymizedToken--'
+ ],
+ 'url with valid token in the middle' => [
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8ea206693b0d530ccd6b2b36¶m=asdf',
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=--AnonymizedToken--¶m=asdf'
+ ],
+ 'url with invalid token' => [
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8/e',
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8/e',
+ ],
+ 'url with empty token' => [
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=',
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=',
+ ],
+ 'url with no token' => [
+ 'http://localhost/typo3/index.php?M=foo',
+ 'http://localhost/typo3/index.php?M=foo',
+ ],
+ ];
+ }
+
+ /**
+ * @test
+ * @dataProvider exampleUrlsForTokenAnonymization
+ * @param string $originalUrl
+ * @param string $expectedUrl
+ */
+ public function logEntriesContainAnonymousTokens(string $originalUrl, string $expectedUrl)
+ {
+ $subject = new DebugExceptionHandler();
+ $logger = $this->prophesize(LoggerInterface::class);
+ $logger->critical(Argument::containingString($expectedUrl), Argument::cetera())->shouldBeCalled();
+ $subject->setLogger($logger->reveal());
+
+ GeneralUtility::setIndpEnv('TYPO3_REQUEST_URL', $originalUrl);
+
+ $exception = new \Exception('message', 1476049367);
+ ob_start();
+ $subject->echoExceptionWeb($exception);
+ // output is caught, so it does not pollute the test run
+ ob_end_clean();
+ }
}
diff --git a/typo3/sysext/core/Tests/Unit/Error/ProductionExceptionHandlerTest.php b/typo3/sysext/core/Tests/Unit/Error/ProductionExceptionHandlerTest.php
index 3086e18da11900b8149e7ade696fa09196995210..193255ef1bf465969c1e6f578e7d2cf73f885de3 100644
--- a/typo3/sysext/core/Tests/Unit/Error/ProductionExceptionHandlerTest.php
+++ b/typo3/sysext/core/Tests/Unit/Error/ProductionExceptionHandlerTest.php
@@ -14,6 +14,10 @@ namespace TYPO3\CMS\Core\Tests\Unit\Error;
* The TYPO3 project - inspiring people to share!
*/
+use Prophecy\Argument;
+use Psr\Log\LoggerInterface;
+use TYPO3\CMS\Core\Error\ProductionExceptionHandler;
+use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\TestingFramework\Core\Unit\UnitTestCase;
/**
@@ -75,4 +79,58 @@ class ProductionExceptionHandlerTest extends UnitTestCase
self::assertStringContainsString(htmlspecialchars($title), $output);
self::assertStringNotContainsString($title, $output);
}
+
+ /**
+ * Data provider with allowed contexts.
+ *
+ * @return string[][]
+ */
+ public function exampleUrlsForTokenAnonymization(): array
+ {
+ return [
+ 'url with valid token' => [
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8ea206693b0d530ccd6b2b36',
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=--AnonymizedToken--'
+ ],
+ 'url with valid token in the middle' => [
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8ea206693b0d530ccd6b2b36¶m=asdf',
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=--AnonymizedToken--¶m=asdf'
+ ],
+ 'url with invalid token' => [
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8/e',
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=5f1f7d447f22886e8/e',
+ ],
+ 'url with empty token' => [
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=',
+ 'http://localhost/typo3/index.php?M=foo&moduleToken=',
+ ],
+ 'url with no token' => [
+ 'http://localhost/typo3/index.php?M=foo',
+ 'http://localhost/typo3/index.php?M=foo',
+ ],
+ ];
+ }
+
+ /**
+ * @test
+ * @dataProvider exampleUrlsForTokenAnonymization
+ * @param string $originalUrl
+ * @param string $expectedUrl
+ */
+ public function logEntriesContainAnonymousTokens(string $originalUrl, string $expectedUrl)
+ {
+ $subject = new ProductionExceptionHandler();
+ $logger = $this->prophesize(LoggerInterface::class);
+ $logger->critical(Argument::containingString($expectedUrl), Argument::cetera())->shouldBeCalled();
+ $subject->setLogger($logger->reveal());
+
+ GeneralUtility::setIndpEnv('TYPO3_REQUEST_URL', $originalUrl);
+ $GLOBALS['BE_USER'] = null;
+
+ $exception = new \Exception('message', 1476049365);
+ ob_start();
+ $subject->echoExceptionWeb($exception);
+ // output is caught, so it does not pollute the test run
+ ob_end_clean();
+ }
}