You are here

Home » API reference » Zircon Profile 8 » HtaccessTest.php » HtaccessTest

protected function HtaccessTest::getProtectedFiles in Zircon Profile 8

Same name and namespace in other branches
  1. 8.0 core/modules/system/src/Tests/System/HtaccessTest.php \Drupal\system\Tests\System\HtaccessTest::getProtectedFiles()

Get an array of file paths for access testing.

Return value

int[] An array keyed by file paths. Each value is the expected response code, for example, 200 or 403.

1 call to HtaccessTest::getProtectedFiles()
HtaccessTest::testFileAccess in core/modules/system/src/Tests/System/HtaccessTest.php
Iterates over protected files and calls assertNoFileAccess().

File

core/modules/system/src/Tests/System/HtaccessTest.php, line 33
Contains \Drupal\system\Tests\System\HtaccessTest.

Class

HtaccessTest
Tests .htaccess is working correctly.

Namespace

Drupal\system\Tests\System

Code

protected function getProtectedFiles() {
  $path = drupal_get_path('module', 'system') . '/tests/fixtures/HtaccessTest';

  // Tests the FilesMatch directive which denies access to certain file
  // extensions.
  $file_exts_to_deny = [
    'engine',
    'inc',
    'install',
    'make',
    'module',
    'module~',
    'module.bak',
    'module.orig',
    'module.save',
    'module.swo',
    'module.swp',
    'php~',
    'php.bak',
    'php.orig',
    'php.save',
    'php.swo',
    'php.swp',
    'profile',
    'po',
    'sh',
    'sql',
    'theme',
    'twig',
    'tpl.php',
    'xtmpl',
    'yml',
  ];
  foreach ($file_exts_to_deny as $file_ext) {
    $file_paths["{$path}/access_test.{$file_ext}"] = 403;
  }

  // Tests the .htaccess file in vendor and created by a Composer script.
  // Try and access a non PHP file in the vendor directory.
  // @see Drupal\\Core\\Composer\\Composer::ensureHtaccess
  $file_paths['vendor/composer/installed.json'] = 403;

  // Tests the rewrite conditions and rule that denies access to php files.
  $file_paths['core/lib/Drupal.php'] = 403;
  $file_paths['vendor/autoload.php'] = 403;
  $file_paths['autoload.php'] = 403;

  // Test extensions that should be permitted.
  $file_exts_to_allow = [
    'php-info.txt',
  ];
  foreach ($file_exts_to_allow as $file_ext) {
    $file_paths["{$path}/access_test.{$file_ext}"] = 200;
  }
  return $file_paths;
}