search

laravel / dusk

Laravel Dusk provides simple end-to-end testing and browser automation.
https://laravel.com/docs/dusk
MIT License
1.87k stars 320 forks source link

The driver fails to read the environment properly #1107

Closed robinstraub closed 1 month ago

robinstraub commented 1 month ago

Dusk Version

11.13.0

Laravel Version

11.13.0

PHP Version

8.2

PHPUnit Version

10.5.17

Database Driver & Version

No response

Description

Dusk determine the selenium server url by searching for a DUSK_DRIVER_URL variable in $_ENV. This works properly with Sail when issuing a sail dusk (one can even specify a custom driver url with a DUSK_DRIVER_URL=http://my-custom-url:4444).

However this fails in several environment :

After a little bit of research, the culprit is the use of $_ENV (see this stackoverflow question).

In both of these configurations the env variables are defined $_SERVER, not $_ENV.

Can this be considered a "bug" or is it the expected behavior ? I can see a couple solutions :

I'm not sure whether it would open security issues tho, with regard to loading an environment variable from a broader context ... Although I don't see how loading an environment variable from another context for Dusk test execution, even in production could lead to a security breach (RCE and so on).

I modified my DuskTestCase for my project to fix my issue, however if you see value in making this change to the base repo I'd be glad to submit a PR

Steps To Reproduce

  1. setup a default laravel project
  2. install Dusk
  3. modify DuskTestCase, line 40, to specify an invalid URL (here)
  4. run DUSK_DRIVER_URL=http://localhost:9515 php artisan dusk, Dusk should use the invalid URL
crynobone commented 1 month ago

I believe we can utilize env() helper function directly here since it's being used when application is already booted. Can you submit a PR @robinstraub ?

github-actions[bot] commented 1 month ago

Thank you for reporting this issue!

As Laravel is an open source project, we rely on the community to help us diagnose and fix issues as it is not possible to research and fix every issue reported to us via GitHub.

If possible, please make a pull request fixing the issue you have described, along with corresponding tests. All pull requests are promptly reviewed by the Laravel team.

Thank you!

robinstraub commented 1 month ago

Sure thing, U can assign it to me I'll submit a PR when I'm back from office