You are here

public function SecKitTestCaseTest::testXframeOptionsIsAllowFrom in Security Kit 8

Same name and namespace in other branches
  1. 2.x tests/src/Functional/SecKitTestCaseTest.php \Drupal\Tests\seckit\Functional\SecKitTestCaseTest::testXframeOptionsIsAllowFrom()

Tests set to ALLOW-FROM X-Frame-Options HTTP response header.

File

tests/src/Functional/SecKitTestCaseTest.php, line 471

Class

SecKitTestCaseTest
Functional tests for Security Kit.

Namespace

Drupal\Tests\seckit\Functional

Code

public function testXframeOptionsIsAllowFrom() {
  $form['seckit_clickjacking[x_frame]'] = SeckitInterface::X_FRAME_ALLOW_FROM;
  $form['seckit_clickjacking[x_frame_allow_from]'] = 'http://www.google.com';
  $this
    ->drupalPostForm('admin/config/system/seckit', $form, t('Save configuration'));
  $this
    ->assertSession()
    ->responseHeaderEquals('X-Frame-Options', 'ALLOW-FROM http://www.google.com');
}