public function SecKitTestCaseTest::testOriginDeny in Security Kit 8
Same name and namespace in other branches
- 2.x tests/src/Functional/SecKitTestCaseTest.php \Drupal\Tests\seckit\Functional\SecKitTestCaseTest::testOriginDeny()
Tests HTTP Origin denies request.
File
- tests/
src/ Functional/ SecKitTestCaseTest.php, line 432
Class
- SecKitTestCaseTest
- Functional tests for Security Kit.
Namespace
Drupal\Tests\seckit\FunctionalCode
public function testOriginDeny() {
$form['seckit_csrf[origin]'] = TRUE;
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this->originHeader = 'http://www.example.com';
$this
->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
$this
->assertEqual([], $_POST, t('POST is empty.'));
$this
->assertSession()
->statusCodeEquals(403);
}