function LegacyValidateTest::testInsecureExtensions
Same name in other branches
- 10 core/modules/file/tests/src/Kernel/LegacyValidateTest.php \Drupal\Tests\file\Kernel\LegacyValidateTest::testInsecureExtensions()
Tests hard-coded security check in file_validate().
File
-
core/
modules/ file/ tests/ src/ Kernel/ LegacyValidateTest.php, line 42
Class
- LegacyValidateTest
- Tests the file_validate() function.
Namespace
Drupal\Tests\file\KernelCode
public function testInsecureExtensions() {
$file = $this->createFile('test.php', 'Invalid PHP');
// Test that file_validate() will check for insecure extensions by default.
$this->expectDeprecation('file_validate() is deprecated in drupal:10.2.0 and is removed from drupal:11.0.0. Use the \'file.validator\' service instead. See https://www.drupal.org/node/3363700');
$errors = file_validate($file, []);
$this->assertEquals('For security reasons, your upload has been rejected.', $errors[0]);
$this->assertFileHooksCalled([]);
file_test_reset();
// Test that the 'allow_insecure_uploads' is respected.
$this->config('system.file')
->set('allow_insecure_uploads', TRUE)
->save();
$errors = file_validate($file, []);
$this->assertEmpty($errors);
$this->assertFileHooksCalled([]);
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.