You are here

public function FormTest::testGetFormsCsrfToken in Drupal 9

Same name and namespace in other branches
  1. 8 core/modules/system/tests/src/Functional/Form/FormTest.php \Drupal\Tests\system\Functional\Form\FormTest::testGetFormsCsrfToken()

CSRF tokens for GET forms should not be added by default.

File

core/modules/system/tests/src/Functional/Form/FormTest.php, line 330

Class

FormTest
Tests various form element validation mechanisms.

Namespace

Drupal\Tests\system\Functional\Form

Code

public function testGetFormsCsrfToken() {

  // We need to be logged in to have CSRF tokens.
  $account = $this
    ->createUser();
  $this
    ->drupalLogin($account);
  $this
    ->drupalGet(Url::fromRoute('form_test.get_form'));
  $this
    ->assertSession()
    ->responseNotContains('form_token');
}