Mercurial > hg > isophonics-drupal-site

comparison core/modules/rest/tests/src/Functional/CookieResourceTestTrait.php @ 12:7a779792577d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Update Drupal core to v8.4.5 (via Composer)
author Chris Cannam
date Fri, 23 Feb 2018 15:52:07 +0000
parents 4c8ae668cc8c
children 1fec387a4317
comparison
equal deleted inserted replaced
11:bfffd8d7479a 12:7a779792577d
107 // @see https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html 107 // @see https://www.w3.org/Protocols/rfc2616/rfc2616-sec9.html
108 if (in_array($method, ['HEAD', 'GET', 'OPTIONS', 'TRACE'])) { 108 if (in_array($method, ['HEAD', 'GET', 'OPTIONS', 'TRACE'])) {
109 return; 109 return;
110 } 110 }
111 111
112
113 unset($request_options[RequestOptions::HEADERS]['X-CSRF-Token']); 112 unset($request_options[RequestOptions::HEADERS]['X-CSRF-Token']);
114
115 113
116 // DX: 403 when missing X-CSRF-Token request header. 114 // DX: 403 when missing X-CSRF-Token request header.
117 $response = $this->request($method, $url, $request_options); 115 $response = $this->request($method, $url, $request_options);
118 $this->assertResourceErrorResponse(403, 'X-CSRF-Token request header is missing', $response); 116 $this->assertResourceErrorResponse(403, 'X-CSRF-Token request header is missing', $response);
119 117
120
121 $request_options[RequestOptions::HEADERS]['X-CSRF-Token'] = 'this-is-not-the-token-you-are-looking-for'; 118 $request_options[RequestOptions::HEADERS]['X-CSRF-Token'] = 'this-is-not-the-token-you-are-looking-for';
122
123 119
124 // DX: 403 when invalid X-CSRF-Token request header. 120 // DX: 403 when invalid X-CSRF-Token request header.
125 $response = $this->request($method, $url, $request_options); 121 $response = $this->request($method, $url, $request_options);
126 $this->assertResourceErrorResponse(403, 'X-CSRF-Token request header is invalid', $response); 122 $this->assertResourceErrorResponse(403, 'X-CSRF-Token request header is invalid', $response);
127 123
128
129 $request_options[RequestOptions::HEADERS]['X-CSRF-Token'] = $this->csrfToken; 124 $request_options[RequestOptions::HEADERS]['X-CSRF-Token'] = $this->csrfToken;
130 } 125 }
131 126
132 } 127 }