sanity check paths in path based invalidation commands

Author: dbu

src/Command/InvalidatePathCommand.php

@@ -23,6 +23,8 @@
  */
 class InvalidatePathCommand extends BaseInvalidateCommand
 {
+    use PathSanityCheck;
+
     /**
      * @var string
      */
@@ -73,6 +75,10 @@ protected function execute(InputInterface $input, OutputInterface $output)
         $paths = $input->getArgument('paths');
 
         foreach ($paths as $path) {
+            if ($this->looksLikeRegularExpression($path)) {
+                $output->writeln(sprintf('Path %s looks like a regular expression. Invalidation requests operate on exact paths. Use regex invalidation for regular expressions.', $path));
+            }
+
             $this->getCacheManager()->invalidatePath($path);
         }
     }

src/Command/PathSanityCheck.php

@@ -0,0 +1,44 @@
+<?php
+
+/*
+ * This file is part of the FOSHttpCacheBundle package.
+ *
+ * (c) FriendsOfSymfony <http://friendsofsymfony.github.com/>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace FOS\HttpCacheBundle\Command;
+
+use FOS\HttpCache\Exception\InvalidArgumentException;
+
+trait PathSanityCheck
+{
+    /**
+     * Check if the path looks like a regular expression.
+     *
+     * A sane path is non-empty and and contains no characters that are usually
+     * found in regular expressions: does not start with ^ or end with $ and
+     * does not contain the patterns .* or .+ or ().
+     *
+     * @param string $path
+     *
+     * @return bool Whether the path looks like it could be a regular expression
+     */
+    private function looksLikeRegularExpression($path)
+    {
+        if (strlen($path) < 1) {
+            throw new InvalidArgumentException('Path to invalidate can not be empty. To invalidate the root path, use "/"');
+        }
+
+        if ($path[0] === '^'
+            || substr($path, -1) === '$'
+            || preg_match('/(\.[\*\+]|\(|\))/', $path)
+        ) {
+            return true;
+        }
+
+        return false;
+    }
+}

src/Command/RefreshPathCommand.php

@@ -23,6 +23,8 @@
  */
 class RefreshPathCommand extends BaseInvalidateCommand
 {
+    use PathSanityCheck;
+
     /**
      * @var string
      */
@@ -73,6 +75,10 @@ protected function execute(InputInterface $input, OutputInterface $output)
         $paths = $input->getArgument('paths');
 
         foreach ($paths as $path) {
+            if ($this->looksLikeRegularExpression($path)) {
+                $output->writeln(sprintf('Path %s looks like a regular expression. Refresh requests operate with actual requests and thus use exact paths. Use regex invalidation for regular expressions.', $path));
+            }
+
             $this->getCacheManager()->refreshPath($path);
         }
     }

tests/Unit/Command/PathSanityCheckTest.php

@@ -0,0 +1,51 @@
+<?php
+
+/*
+* This file is part of the FOSHttpCacheBundle package.
+*
+* (c) FriendsOfSymfony <http://friendsofsymfony.github.com/>
+*
+* For the full copyright and license information, please view the LICENSE
+* file that was distributed with this source code.
+*/
+
+namespace FOS\HttpCacheBundle\Tests\Unit\Command;
+
+use FOS\HttpCacheBundle\Command\PathSanityCheck;
+
+class PathSanityCheckTest extends \PHPUnit_Framework_TestCase
+{
+    public function pathProvider()
+    {
+        return [
+            [false, '/foo'],
+            [false, '/foo?bar=^'],
+            [false, '/foo?bar=$€'],
+            [false, '/foo?bar[baz]=42'],
+            [true, '^/foo'],
+            [true, 'foo$'],
+            [true, '/foo/(bar|baz)'],
+        ];
+    }
+
+    /**
+     * @dataProvider pathProvider
+     */
+    public function testLooksLikeRegularExpression($expected, $path)
+    {
+        $sanityChecking = new SanityChecking();
+        $this->assertEquals($expected, $sanityChecking->looksLikeRegularExpression($path));
+    }
+}
+
+class SanityChecking
+{
+    use PathSanityCheck {
+        looksLikeRegularExpression as traitFunction;
+    }
+
+    public function looksLikeRegularExpression($path)
+    {
+        return $this->traitFunction($path);
+    }
+}