You are here

public function SecKitTestCase::testOriginDeny in Security Kit 6

Same name and namespace in other branches
  1. 7 seckit.test \SecKitTestCase::testOriginDeny()

Tests HTTP Origin denies request.

File

./seckit.test, line 234
Tests for Security Kit module.

Class

SecKitTestCase
Functional tests for Security Kit.

Code

public function testOriginDeny() {
  $form['seckit_csrf[origin]'] = TRUE;
  $this
    ->drupalPost('admin/settings/seckit', $form, t('Save configuration'));
  $this
    ->drupalPost('admin/settings/seckit', $form, t('Save configuration'), array(), array(
    'Origin: http://www.example.com',
  ));
  $this
    ->assertEqual(array(), $_POST, t('POST is empty.'));
  $this
    ->assertResponse(403, t('Request is denied.'));
}