function drupal_generate_test_ua

Generates a user agent string with a HMAC and timestamp for simpletest.

9 calls to drupal_generate_test_ua()
BrowserTestBaseUserAgentTest::prepareRequest in core/tests/Drupal/FunctionalTests/BrowserTestBaseUserAgentTest.php
Prepare for a request to testing site.
BrowserTestBaseUserAgentTest::testUserAgentValidation in core/tests/Drupal/FunctionalTests/BrowserTestBaseUserAgentTest.php
Tests validation of the User-Agent header we use to perform test requests.
PageCacheTest::getHeaders in core/modules/page_cache/tests/src/Functional/PageCacheTest.php
Retrieves only the headers for an absolute path.
PageCacheTest::getHeaders in core/modules/hal/tests/src/Functional/page_cache/PageCacheTest.php
Retrieves only the headers for an absolute path.
QuickStartTest::testQuickStartCommand in core/tests/Drupal/Tests/Core/Command/QuickStartTest.php
Tests the quick-start command.

... See full list

File

core/includes/bootstrap.inc, line 462

Code

function drupal_generate_test_ua($prefix) {
  static $key, $last_prefix;
  if (!isset($key) || $last_prefix != $prefix) {
    $last_prefix = $prefix;
    $test_db = new TestDatabase($prefix);
    $key_file = DRUPAL_ROOT . '/' . $test_db->getTestSitePath() . '/.htkey';
    // When issuing an outbound HTTP client request from within an inbound test
    // request, then the outbound request has to use the same User-Agent header
    // as the inbound request. A newly generated private key for the same test
    // prefix would invalidate all subsequent inbound requests.
    // @see \Drupal\Core\Test\HttpClientMiddleware\TestHttpClientMiddleware
    if (DRUPAL_TEST_IN_CHILD_SITE && $parent_prefix = drupal_valid_test_ua()) {
      if ($parent_prefix != $prefix) {
        throw new \RuntimeException("Malformed User-Agent: Expected '{$parent_prefix}' but got '{$prefix}'.");
      }
      // If the file is not readable, a PHP warning is expected in this case.
      $private_key = file_get_contents($key_file);
    }
    else {
      // Generate and save a new hash salt for a test run.
      // Consumed by drupal_valid_test_ua() before settings.php is loaded.
      $private_key = Crypt::randomBytesBase64(55);
      file_put_contents($key_file, $private_key);
    }
    // The file properties add more entropy not easily accessible to others.
    $key = $private_key . filectime(__FILE__) . fileinode(__FILE__);
  }
  // Generate a moderately secure HMAC based on the database credentials.
  $salt = uniqid('', TRUE);
  $check_string = $prefix . ':' . time() . ':' . $salt;
  return 'simple' . $check_string . ':' . Crypt::hmacBase64($check_string, $key);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.