function ValidateTest::testInsecureExtensions

Same name in other branches
  1. 8.9.x core/modules/file/tests/src/Kernel/ValidateTest.php \Drupal\Tests\file\Kernel\ValidateTest::testInsecureExtensions()

Tests hard-coded security check in file_validate().

File

core/modules/file/tests/src/Kernel/ValidateTest.php, line 41

Class

ValidateTest
Tests the file_validate() function.

Namespace

Drupal\Tests\file\Kernel

Code

public function testInsecureExtensions() {
    $file = $this->createFile('test.php', 'Invalid PHP');
    // Test that file_validate() will check for insecure extensions by default.
    $errors = file_validate($file, []);
    $this->assertEquals('For security reasons, your upload has been rejected.', $errors[0]);
    $this->assertFileHooksCalled([
        'validate',
    ]);
    file_test_reset();
    // Test that the 'allow_insecure_uploads' is respected.
    $this->config('system.file')
        ->set('allow_insecure_uploads', TRUE)
        ->save();
    $errors = file_validate($file, []);
    $this->assertEmpty($errors);
    $this->assertFileHooksCalled([
        'validate',
    ]);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.