The driver fails to read the environment properly

Question

The driver fails to read the environment properly

robinstraub opened this issue 5 months ago · 3 comments

robinstraub commented 5 months ago

Dusk Version

11.13.0

Laravel Version

11.13.0

PHP Version

8.2

PHPUnit Version

10.5.17

Database Driver & Version

No response

Description

Dusk determine the selenium server url by searching for a DUSK_DRIVER_URL variable in $_ENV. This works properly with Sail when issuing a sail dusk (one can even specify a custom driver url with a DUSK_DRIVER_URL=http://my-custom-url:4444).

However this fails in several environment :

tested personally in a local environment with a "default" php-fpm setup
in Github Actions

After a little bit of research, the culprit is the use of $_ENV (see this stackoverflow question).

In both of these configurations the env variables are defined $_SERVER, not $_ENV.

Can this be considered a "bug" or is it the expected behavior ? I can see a couple solutions :

use getenv('DUSK_DRIVER_URL') instead of $_env['DUSK_DRIVER_URL']
use a combination of $_ENV and $_SERVER to search for DUSK_DRIVER_URL

I'm not sure whether it would open security issues tho, with regard to loading an environment variable from a broader context ... Although I don't see how loading an environment variable from another context for Dusk test execution, even in production could lead to a security breach (RCE and so on).

I modified my DuskTestCase for my project to fix my issue, however if you see value in making this change to the base repo I'd be glad to submit a PR

Steps To Reproduce

setup a default laravel project
install Dusk
modify DuskTestCase, line 40, to specify an invalid URL (here)
run DUSK_DRIVER_URL=http://localhost:9515 php artisan dusk, Dusk should use the invalid URL

Answer 1 · 2024-07-22T15:28:44.000Z

I believe we can utilize env() helper function directly here since it's being used when application is already booted. Can you submit a PR @robinstraub ?

Answer 2 · 2024-07-22T15:29:01.000Z

Thank you for reporting this issue!

As Laravel is an open source project, we rely on the community to help us diagnose and fix issues as it is not possible to research and fix every issue reported to us via GitHub.

If possible, please make a pull request fixing the issue you have described, along with corresponding tests. All pull requests are promptly reviewed by the Laravel team.

Thank you!

Answer 3 · 2024-07-22T19:42:25.000Z

Sure thing, U can assign it to me I'll submit a PR when I'm back from office