Same name and namespace in other branches
  1. 7.x includes/bootstrap.inc \drupal_generate_test_ua()
  2. 8.9.x core/includes/bootstrap.inc \drupal_generate_test_ua()
  3. 9 core/includes/bootstrap.inc \drupal_generate_test_ua()

Generates a user agent string with a HMAC and timestamp for tests.

6 calls to drupal_generate_test_ua()
BrowserTestBaseUserAgentTest::prepareRequest in core/tests/Drupal/FunctionalTests/BrowserTestBaseUserAgentTest.php
BrowserTestBaseUserAgentTest::testUserAgentValidation in core/tests/Drupal/FunctionalTests/BrowserTestBaseUserAgentTest.php
Tests validation of the User-Agent header we use to perform test requests.
PageCacheTest::getHeaders in core/modules/page_cache/tests/src/Functional/PageCacheTest.php
Retrieves only the headers for an absolute path.
QuickStartTest::testQuickStartCommand in core/tests/Drupal/Tests/Core/Command/QuickStartTest.php
Tests the quick-start command.
QuickStartTest::testQuickStartInstallAndServerCommands in core/tests/Drupal/Tests/Core/Command/QuickStartTest.php
Tests the quick-start commands.

... See full list

File

core/includes/bootstrap.inc, line 280
Functions that need to be loaded on every Drupal request.

Code

function drupal_generate_test_ua($prefix) {
  static $key, $last_prefix;
  if (!isset($key) || $last_prefix != $prefix) {
    $last_prefix = $prefix;
    $test_db = new TestDatabase($prefix);
    $key_file = DRUPAL_ROOT . '/' . $test_db
      ->getTestSitePath() . '/.htkey';

    // When issuing an outbound HTTP client request from within an inbound test
    // request, then the outbound request has to use the same User-Agent header
    // as the inbound request. A newly generated private key for the same test
    // prefix would invalidate all subsequent inbound requests.
    // @see \Drupal\Core\Test\HttpClientMiddleware\TestHttpClientMiddleware
    if (DRUPAL_TEST_IN_CHILD_SITE && ($parent_prefix = drupal_valid_test_ua())) {
      if ($parent_prefix != $prefix) {
        throw new \RuntimeException("Malformed User-Agent: Expected '{$parent_prefix}' but got '{$prefix}'.");
      }

      // If the file is not readable, a PHP warning is expected in this case.
      $private_key = file_get_contents($key_file);
    }
    else {

      // Generate and save a new hash salt for a test run.
      // Consumed by drupal_valid_test_ua() before settings.php is loaded.
      $private_key = Crypt::randomBytesBase64(55);
      file_put_contents($key_file, $private_key);
    }

    // The file properties add more entropy not easily accessible to others.
    $key = $private_key . filectime(__FILE__) . fileinode(__FILE__);
  }

  // Generate a moderately secure HMAC based on the database credentials.
  $salt = uniqid('', TRUE);
  $check_string = $prefix . ':' . time() . ':' . $salt;
  return 'simple' . $check_string . ':' . Crypt::hmacBase64($check_string, $key);
}