function SessionTestCase::testSameSiteCookieAttributeDisabledViaPhpIni in Drupal 7

Test disabling the samesite attribute on session cookies via php ini

File

modules/simpletest/tests/session.test, line 353: Provides SimpleTests for core session handling functionality.

Class

SessionTestCase: @file Provides SimpleTests for core session handling functionality.

Code

function testSameSiteCookieAttributeDisabledViaPhpIni() {
  if (\PHP_VERSION_ID < 70300) {

    // There is no session.cookie_samesite in earlier PHP versions.
    $this
      ->pass('This test is only for PHP 7.3 and later.');
    return;
  }
  $user = $this
    ->drupalCreateUser(array(
    'access content',
  ));

  // Send our own login POST so that we can pass a custom header to trigger
  // session_test.module to call ini_set('session.cookie_samesite', $value)
  $headers[] = 'X-Session-Cookie-Ini-Set: *EMPTY*';
  $edit = array(
    'name' => $user->name,
    'pass' => $user->pass_raw,
  );
  $this
    ->drupalPost('user', $edit, t('Log in'), array(), $headers);
  $this
    ->assertFalse(preg_match('/SameSite=/i', $this
    ->drupalGetHeader('Set-Cookie', TRUE)), 'Session cookie has no SameSite attribute (ini).');
}

You are here

function SessionTestCase::testSameSiteCookieAttributeDisabledViaPhpIni in Drupal 7

File

Class

Code

API Navigation