function LegacyValidateTest::testInsecureExtensions

Same name in other branches
  1. 11.x core/modules/file/tests/src/Kernel/LegacyValidateTest.php \Drupal\Tests\file\Kernel\LegacyValidateTest::testInsecureExtensions()

Tests hard-coded security check in file_validate().

File

core/modules/file/tests/src/Kernel/LegacyValidateTest.php, line 44

Class

LegacyValidateTest
Tests the file_validate() function.

Namespace

Drupal\Tests\file\Kernel

Code

public function testInsecureExtensions() : void {
    $file = $this->createFile('test.php', 'Invalid PHP');
    // Test that file_validate() will check for insecure extensions by default.
    $this->expectDeprecation('file_validate() is deprecated in drupal:10.2.0 and is removed from drupal:11.0.0. Use the \'file.validator\' service instead. See https://www.drupal.org/node/3363700');
    $errors = file_validate($file, []);
    $this->assertEquals('For security reasons, your upload has been rejected.', $errors[0]);
    $this->assertFileHooksCalled([]);
    file_test_reset();
    // Test that the 'allow_insecure_uploads' is respected.
    $this->config('system.file')
        ->set('allow_insecure_uploads', TRUE)
        ->save();
    $errors = file_validate($file, []);
    $this->assertEmpty($errors);
    $this->assertFileHooksCalled([]);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.