function BrowserTestBaseTest::testHtkey

Same name in other branches
  1. 8.9.x core/tests/Drupal/FunctionalTests/BrowserTestBaseTest.php \Drupal\FunctionalTests\BrowserTestBaseTest::testHtkey()
  2. 10 core/tests/Drupal/FunctionalTests/BrowserTestBaseTest.php \Drupal\FunctionalTests\BrowserTestBaseTest::testHtKey()
  3. 11.x core/tests/Drupal/FunctionalTests/BrowserTestBaseTest.php \Drupal\FunctionalTests\BrowserTestBaseTest::testHtKey()

Tests the protections provided by .htkey.

File

core/tests/Drupal/FunctionalTests/BrowserTestBaseTest.php, line 825

Class

BrowserTestBaseTest
Tests BrowserTestBase functionality.

Namespace

Drupal\FunctionalTests

Code

public function testHtkey() {
    // Remove the Simpletest private key file so we can test the protection
    // against requests that forge a valid testing user agent to gain access
    // to the installer.
    // @see drupal_valid_test_ua()
    // Not using File API; a potential error must trigger a PHP warning.
    $install_url = Url::fromUri('base:core/install.php', [
        'external' => TRUE,
        'absolute' => TRUE,
    ])->toString();
    $this->drupalGet($install_url);
    $this->assertSession()
        ->statusCodeEquals(200);
    unlink($this->siteDirectory . '/.htkey');
    $this->drupalGet($install_url);
    $this->assertSession()
        ->statusCodeEquals(403);
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.