Chris@4: <?php
Chris@4: 
Chris@4: namespace Drupal\Tests\media\Unit;
Chris@4: 
Chris@4: use Drupal\Core\PrivateKey;
Chris@4: use Drupal\Core\Routing\RequestContext;
Chris@4: use Drupal\media\IFrameUrlHelper;
Chris@4: use Drupal\Tests\UnitTestCase;
Chris@4: 
Chris@4: /**
Chris@4:  * @coversDefaultClass \Drupal\media\IFrameUrlHelper
Chris@4:  *
Chris@4:  * @group media
Chris@4:  */
Chris@4: class IFrameUrlHelperTest extends UnitTestCase {
Chris@4: 
Chris@4:   /**
Chris@4:    * Data provider for testIsSecure().
Chris@4:    *
Chris@4:    * @see ::testIsSecure()
Chris@4:    *
Chris@4:    * @return array
Chris@4:    */
Chris@4:   public function providerIsSecure() {
Chris@4:     return [
Chris@4:       'no domain' => [
Chris@4:         '/path/to/media.php',
Chris@4:         'http://www.example.com/',
Chris@4:         FALSE,
Chris@4:       ],
Chris@4:       'no base URL domain' => [
Chris@4:         'http://www.example.com/media.php',
Chris@4:         '/invalid/base/url',
Chris@4:         FALSE,
Chris@4:       ],
Chris@4:       'same domain' => [
Chris@4:         'http://www.example.com/media.php',
Chris@4:         'http://www.example.com/',
Chris@4:         FALSE,
Chris@4:       ],
Chris@4:       'different domain' => [
Chris@4:         'http://www.example.com/media.php',
Chris@4:         'http://www.example-assets.com/',
Chris@4:         TRUE,
Chris@4:       ],
Chris@4:       'same subdomain' => [
Chris@4:         'http://foo.example.com/media.php',
Chris@4:         'http://foo.example.com/',
Chris@4:         FALSE,
Chris@4:       ],
Chris@4:       'different subdomain' => [
Chris@4:         'http://assets.example.com/media.php',
Chris@4:         'http://foo.example.com/',
Chris@4:         TRUE,
Chris@4:       ],
Chris@4:       'subdomain and top-level domain' => [
Chris@4:         'http://assets.example.com/media.php',
Chris@4:         'http://example.com/',
Chris@4:         TRUE,
Chris@4:       ],
Chris@4:     ];
Chris@4:   }
Chris@4: 
Chris@4:   /**
Chris@4:    * Tests that isSecure() behaves properly.
Chris@4:    *
Chris@4:    * @param string $url
Chris@4:    *   The URL to test for security.
Chris@4:    * @param string $base_url
Chris@4:    *   The base URL to compare $url against.
Chris@4:    * @param bool $secure
Chris@4:    *   The expected result of isSecure().
Chris@4:    *
Chris@4:    * @covers ::isSecure
Chris@4:    *
Chris@4:    * @dataProvider providerIsSecure
Chris@4:    */
Chris@4:   public function testIsSecure($url, $base_url, $secure) {
Chris@4:     $request_context = $this->prophesize(RequestContext::class);
Chris@4:     $request_context->getCompleteBaseUrl()->willReturn($base_url);
Chris@4:     $url_helper = new IFrameUrlHelper(
Chris@4:       $request_context->reveal(),
Chris@4:       $this->prophesize(PrivateKey::class)->reveal()
Chris@4:     );
Chris@4: 
Chris@4:     $this->assertSame($secure, $url_helper->isSecure($url));
Chris@4:   }
Chris@4: 
Chris@4: }