SimpleTestBrowserTest.php

Namespace

Drupal\simpletest\Tests

File

core/modules/simpletest/src/Tests/SimpleTestBrowserTest.php

View source 
<?php

namespace Drupal\simpletest\Tests;

use Drupal\Core\Url;
use Drupal\simpletest\WebTestBase;

/**
 * Tests the WebTestBase internal browser.
 *
 * @group simpletest
 * @group WebTestBase
 */
class SimpleTestBrowserTest extends WebTestBase {
    
    /**
     * Modules to enable.
     *
     * @var array
     */
    public static $modules = [
        'simpletest',
        'test_page_test',
    ];
    protected function setUp() {
        parent::setUp();
        // Create and log in an admin user.
        $this->drupalLogin($this->drupalCreateUser([
            'administer unit tests',
        ]));
    }
    
    /**
     * Test the internal browsers functionality.
     */
    public function testInternalBrowser() {
        // Retrieve the test page and check its title and headers.
        $this->drupalGet('test-page');
        $this->assertTrue($this->drupalGetHeader('Date'), 'An HTTP header was received.');
        $this->assertTitle(t('Test page | @site-name', [
            '@site-name' => $this->config('system.site')
                ->get('name'),
        ]));
        $this->assertNoTitle('Foo');
        $old_user_id = $this->container
            ->get('current_user')
            ->id();
        $user = $this->drupalCreateUser();
        $this->drupalLogin($user);
        // Check that current user service updated.
        $this->assertNotEqual($old_user_id, $this->container
            ->get('current_user')
            ->id(), 'Current user service updated.');
        $headers = $this->drupalGetHeaders(TRUE);
        $this->assertEqual(count($headers), 2, 'There was one intermediate request.');
        $this->assertTrue(strpos($headers[0][':status'], '303') !== FALSE, 'Intermediate response code was 303.');
        $this->assertFalse(empty($headers[0]['location']), 'Intermediate request contained a Location header.');
        $this->assertEqual($this->getUrl(), $headers[0]['location'], 'HTTP redirect was followed');
        $this->assertFalse($this->drupalGetHeader('Location'), 'Headers from intermediate request were reset.');
        $this->assertResponse(200, 'Response code from intermediate request was reset.');
        $this->drupalLogout();
        // Check that current user service updated to anonymous user.
        $this->assertEqual(0, $this->container
            ->get('current_user')
            ->id(), 'Current user service updated.');
        // Test the maximum redirection option.
        $this->maximumRedirects = 1;
        $edit = [
            'name' => $user->getAccountName(),
            'pass' => $user->pass_raw,
        ];
        $this->drupalPostForm('user/login', $edit, t('Log in'), [
            'query' => [
                'destination' => 'user/logout',
            ],
        ]);
        $headers = $this->drupalGetHeaders(TRUE);
        $this->assertEqual(count($headers), 2, 'Simpletest stopped following redirects after the first one.');
        // Remove the Simpletest private key file so we can test the protection
        // against requests that forge a valid testing user agent to gain access
        // to the installer.
        // @see drupal_valid_test_ua()
        // Not using File API; a potential error must trigger a PHP warning.
        unlink($this->siteDirectory . '/.htkey');
        $this->drupalGet(Url::fromUri('base:core/install.php', [
            'external' => TRUE,
            'absolute' => TRUE,
        ])->toString());
        $this->assertResponse(403, 'Cannot access install.php.');
    }
    
    /**
     * Test validation of the User-Agent header we use to perform test requests.
     */
    public function testUserAgentValidation() {
        global $base_url;
        // Logout the user which was logged in during test-setup.
        $this->drupalLogout();
        $system_path = $base_url . '/' . drupal_get_path('module', 'system');
        $http_path = $system_path . '/tests/http.php/user/login';
        $https_path = $system_path . '/tests/https.php/user/login';
        // Generate a valid simpletest User-Agent to pass validation.
        $this->assertTrue(preg_match('/test\\d+/', $this->databasePrefix, $matches), 'Database prefix contains test prefix.');
        $test_ua = drupal_generate_test_ua($matches[0]);
        $this->additionalCurlOptions = [
            CURLOPT_USERAGENT => $test_ua,
        ];
        // Test pages only available for testing.
        $this->drupalGet($http_path);
        $this->assertResponse(200, 'Requesting http.php with a legitimate simpletest User-Agent returns OK.');
        $this->drupalGet($https_path);
        $this->assertResponse(200, 'Requesting https.php with a legitimate simpletest User-Agent returns OK.');
        // Now slightly modify the HMAC on the header, which should not validate.
        $this->additionalCurlOptions = [
            CURLOPT_USERAGENT => $test_ua . 'X',
        ];
        $this->drupalGet($http_path);
        $this->assertResponse(403, 'Requesting http.php with a bad simpletest User-Agent fails.');
        $this->drupalGet($https_path);
        $this->assertResponse(403, 'Requesting https.php with a bad simpletest User-Agent fails.');
        // Use a real User-Agent and verify that the special files http.php and
        // https.php can't be accessed.
        $this->additionalCurlOptions = [
            CURLOPT_USERAGENT => 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12',
        ];
        $this->drupalGet($http_path);
        $this->assertResponse(403, 'Requesting http.php with a normal User-Agent fails.');
        $this->drupalGet($https_path);
        $this->assertResponse(403, 'Requesting https.php with a normal User-Agent fails.');
    }

}

Classes

Title Deprecated Summary
SimpleTestBrowserTest Tests the WebTestBase internal browser.

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.