You are here

public function SecKitTestCaseTest::testJsCssNoscript in Security Kit 8

Same name and namespace in other branches
  1. 2.x tests/src/Functional/SecKitTestCaseTest.php \Drupal\Tests\seckit\Functional\SecKitTestCaseTest::testJsCssNoscript()

Tests JS + CSS + Noscript protection.

File

tests/src/Functional/SecKitTestCaseTest.php, line 481

Class

SecKitTestCaseTest
Functional tests for Security Kit.

Namespace

Drupal\Tests\seckit\Functional

Code

public function testJsCssNoscript() {
  $form['seckit_clickjacking[js_css_noscript]'] = TRUE;
  $form['seckit_clickjacking[noscript_message]'] = 'Sorry, your JavaScript is disabled.';
  $this
    ->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
  $config = \Drupal::config('seckit.settings');
  $noscript_message = $config
    ->get('seckit_clickjacking.noscript_message');

  // @TODO this was duplicated from the Event subscriber, move to function
  // in .module file?
  $noscript_message = $noscript_message ? $noscript_message : $config
    ->get('seckit_clickjacking.noscript_message');
  $path = base_path() . drupal_get_path('module', 'seckit');
  $code = <<<EOT
        <script type="text/javascript" src="{<span class="php-variable">$path</span>}/js/seckit.document_write.js"></script>
        <link type="text/css" rel="stylesheet" id="seckit-clickjacking-no-body" media="all" href="{<span class="php-variable">$path</span>}/css/seckit.no_body.css" />
        <!-- stop SecKit protection -->
        <noscript>
        <link type="text/css" rel="stylesheet" id="seckit-clickjacking-noscript-tag" media="all" href="{<span class="php-variable">$path</span>}/css/seckit.noscript_tag.css" />
        <div id="seckit-noscript-tag">
          {<span class="php-variable">$noscript_message</span>}
        </div>
        </noscript>
EOT;
  $this
    ->assertSession()
    ->responseContains($code, t('JavaScript + CSS + Noscript protection is loaded.'));
}