public function SecKitTestCaseTest::testOriginDeny in Security Kit 2.x

Same name and namespace in other branches

8 tests/src/Functional/SecKitTestCaseTest.php \Drupal\Tests\seckit\Functional\SecKitTestCaseTest::testOriginDeny()

Tests HTTP Origin denies request.

File

tests/src/Functional/SecKitTestCaseTest.php, line 432

Class

SecKitTestCaseTest: Functional tests for Security Kit.

Namespace

Drupal\Tests\seckit\Functional

Code

public function testOriginDeny() {
  $form['seckit_csrf[origin]'] = TRUE;
  $this
    ->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
  $this->originHeader = 'http://www.example.com';
  $this
    ->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
  $this
    ->assertEqual([], $_POST, t('POST is empty.'));
  $this
    ->assertSession()
    ->statusCodeEquals(403);
}

You are here

public function SecKitTestCaseTest::testOriginDeny in Security Kit 2.x

File

Class

Namespace

Code

API Navigation