opdavies/drupalcampbristol
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Move into nested docroot

Browse source
This commit is contained in:
Rob Davies 2017-02-13 15:31:17 +00:00
parent 83a0d3a149
commit c8b70abde9
13405 changed files with 0 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

395
web/vendor/asm89/stack-cors/test/Asm89/Stack/CorsTest.php vendored Executable file
View file

@ -0,0 +1,395 @@
<?php
namespace Asm89\Stack;
use PHPUnit_Framework_TestCase;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
class CorsTest extends PHPUnit_Framework_TestCase
{
/**
* @test
*/
public function it_does_not_modify_on_a_request_without_origin()
{
$app = $this->createStackedApp();
$unmodifiedResponse = new Response();
$response = $app->handle(new Request());
$this->assertEquals($unmodifiedResponse->headers, $response->headers);
}
/**
* @test
*/
public function it_returns_403_on_valid_actual_request_with_origin_not_allowed()
{
$app = $this->createStackedApp(array('allowedOrigins' => array('notlocalhost')));
$request = $this->createValidActualRequest();
$response = $app->handle($request);
$this->assertEquals(403, $response->getStatusCode());
}
/**
* @test
*/
public function it_returns_allow_origin_header_on_valid_actual_request()
{
$app = $this->createStackedApp();
$request = $this->createValidActualRequest();
$response = $app->handle($request);
$this->assertTrue($response->headers->has('Access-Control-Allow-Origin'));
$this->assertEquals('localhost', $response->headers->get('Access-Control-Allow-Origin'));
}
/**
* @test
*/
public function it_returns_allow_origin_header_on_allow_all_origin_request()
{
$app = $this->createStackedApp(array('allowedOrigins' => array('*')));
$request = new Request();
$request->headers->set('Origin', 'http://localhost');
$response = $app->handle($request);
$this->assertEquals(200, $response->getStatusCode());
$this->assertTrue($response->headers->has('Access-Control-Allow-Origin'));
$this->assertEquals('http://localhost', $response->headers->get('Access-Control-Allow-Origin'));
}
/**
* @test
*/
public function it_returns_allow_headers_header_on_allow_all_headers_request()
{
$app = $this->createStackedApp(array('allowedHeaders' => array('*')));
$request = $this->createValidPreflightRequest();
$request->headers->set('Access-Control-Request-Headers', 'Foo, BAR');
$response = $app->handle($request);
$this->assertEquals(200, $response->getStatusCode());
$this->assertEquals('FOO, BAR', $response->headers->get('Access-Control-Allow-Headers'));
}
/**
* @test
*/
public function it_does_not_return_allow_origin_header_on_valid_actual_request_with_origin_not_allowed()
{
$app = $this->createStackedApp(array('allowedOrigins' => array('notlocalhost')));
$request = $this->createValidActualRequest();
$response = $app->handle($request);
$this->assertFalse($response->headers->has('Access-Control-Allow-Origin'));
}
/**
* @test
*/
public function it_sets_allow_credentials_header_when_flag_is_set_on_valid_actual_request()
{
$app = $this->createStackedApp(array('supportsCredentials' => true));
$request = $this->createValidActualRequest();
$response = $app->handle($request);
$this->assertTrue($response->headers->has('Access-Control-Allow-Credentials'));
$this->assertEquals('true', $response->headers->get('Access-Control-Allow-Credentials'));
}
/**
* @test
*/
public function it_does_not_set_allow_credentials_header_when_flag_is_not_set_on_valid_actual_request()
{
$app = $this->createStackedApp();
$request = $this->createValidActualRequest();
$response = $app->handle($request);
$this->assertFalse($response->headers->has('Access-Control-Allow-Credentials'));
}
/**
* @test
*/
public function it_sets_exposed_headers_when_configured_on_actual_request()
{
$app = $this->createStackedApp(array('exposedHeaders' => array('x-exposed-header', 'x-another-exposed-header')));
$request = $this->createValidActualRequest();
$response = $app->handle($request);
$this->assertTrue($response->headers->has('Access-Control-Expose-Headers'));
$this->assertEquals('x-exposed-header, x-another-exposed-header', $response->headers->get('Access-Control-Expose-Headers'));
}
/**
* @test
* @see http://www.w3.org/TR/cors/index.html#resource-implementation
*/
public function it_adds_a_vary_header()
{
$app = $this->createStackedApp();
$request = $this->createValidActualRequest();
$response = $app->handle($request);
$this->assertTrue($response->headers->has('Vary'));
$this->assertEquals('Origin', $response->headers->get('Vary'));
}
/**
* @test
* @see http://www.w3.org/TR/cors/index.html#resource-implementation
*/
public function it_appends_an_existing_vary_header()
{
$app = $this->createStackedApp(array(), array('Vary' => 'Content-Type'));
$request = $this->createValidActualRequest();
$response = $app->handle($request);
$this->assertTrue($response->headers->has('Vary'));
$this->assertEquals('Content-Type, Origin', $response->headers->get('Vary'));
}
/**
* @test
*/
public function it_returns_access_control_headers_on_cors_request()
{
$app = $this->createStackedApp();
$request = new Request();
$request->headers->set('Origin', 'localhost');
$response = $app->handle($request);
$this->assertTrue($response->headers->has('Access-Control-Allow-Origin'));
$this->assertEquals('localhost', $response->headers->get('Access-Control-Allow-Origin'));
}
/**
* @test
*/
public function it_returns_access_control_headers_on_valid_preflight_request()
{
$app = $this->createStackedApp();
$request = $this->createValidPreflightRequest();
$response = $app->handle($request);
$this->assertTrue($response->headers->has('Access-Control-Allow-Origin'));
$this->assertEquals('localhost', $response->headers->get('Access-Control-Allow-Origin'));
}
/**
* @test
*/
public function it_returns_403_on_valid_preflight_request_with_origin_not_allowed()
{
$app = $this->createStackedApp(array('allowedOrigins' => array('notlocalhost')));
$request = $this->createValidPreflightRequest();
$response = $app->handle($request);
$this->assertEquals(403, $response->getStatusCode());
}
/**
* @test
*/
public function it_does_not_modify_request_with_origin_not_allowed()
{
$passedOptions = array(
'allowedOrigins' => array('notlocalhost'),
);
$service = new CorsService($passedOptions);
$request = $this->createValidActualRequest();
$response = new Response();
$service->addActualRequestHeaders($response, $request);
$this->assertEquals($response, new Response());
}
/**
* @test
*/
public function it_returns_405_on_valid_preflight_request_with_method_not_allowed()
{
$app = $this->createStackedApp(array('allowedMethods' => array('put')));
$request = $this->createValidPreflightRequest();
$response = $app->handle($request);
$this->assertEquals(405, $response->getStatusCode());
}
/**
* @test
*/
public function it_allow_methods_on_valid_preflight_request()
{
$app = $this->createStackedApp(array('allowedMethods' => array('get', 'put')));
$request = $this->createValidPreflightRequest();
$response = $app->handle($request);
$this->assertTrue($response->headers->has('Access-Control-Allow-Methods'));
// it will uppercase the methods
$this->assertEquals('GET, PUT', $response->headers->get('Access-Control-Allow-Methods'));
}
/**
* @test
*/
public function it_returns_valid_preflight_request_with_allow_methods_all()
{
$app = $this->createStackedApp(array('allowedMethods' => array('*')));
$request = $this->createValidPreflightRequest();
$response = $app->handle($request);
$this->assertTrue($response->headers->has('Access-Control-Allow-Methods'));
// it will return the Access-Control-Request-Method pass in the request
$this->assertEquals('GET', $response->headers->get('Access-Control-Allow-Methods'));
}
/**
* @test
*/
public function it_returns_403_on_valid_preflight_request_with_one_of_the_requested_headers_not_allowed()
{
$app = $this->createStackedApp();
$request = $this->createValidPreflightRequest();
$request->headers->set('Access-Control-Request-Headers', 'x-not-allowed-header');
$response = $app->handle($request);
$this->assertEquals(403, $response->getStatusCode());
}
/**
* @test
*/
public function it_returns_ok_on_valid_preflight_request_with_requested_headers_allowed()
{
$app = $this->createStackedApp();
$requestHeaders = 'X-Allowed-Header, x-other-allowed-header';
$request = $this->createValidPreflightRequest();
$request->headers->set('Access-Control-Request-Headers', $requestHeaders);
$response = $app->handle($request);
$this->assertEquals(200, $response->getStatusCode());
$this->assertTrue($response->headers->has('Access-Control-Allow-Headers'));
// the response will have the "allowedHeaders" value passed to Cors rather than the request one
$this->assertEquals('x-allowed-header, x-other-allowed-header', $response->headers->get('Access-Control-Allow-Headers'));
}
/**
* @test
*/
public function it_sets_allow_credentials_header_when_flag_is_set_on_valid_preflight_request()
{
$app = $this->createStackedApp(array('supportsCredentials' => true));
$request = $this->createValidPreflightRequest();
$response = $app->handle($request);
$this->assertTrue($response->headers->has('Access-Control-Allow-Credentials'));
$this->assertEquals('true', $response->headers->get('Access-Control-Allow-Credentials'));
}
/**
* @test
*/
public function it_does_not_set_allow_credentials_header_when_flag_is_not_set_on_valid_preflight_request()
{
$app = $this->createStackedApp();
$request = $this->createValidPreflightRequest();
$response = $app->handle($request);
$this->assertFalse($response->headers->has('Access-Control-Allow-Credentials'));
}
/**
* @test
*/
public function it_sets_max_age_when_set()
{
$app = $this->createStackedApp(array('maxAge' => 42));
$request = $this->createValidPreflightRequest();
$response = $app->handle($request);
$this->assertTrue($response->headers->has('Access-Control-Max-Age'));
$this->assertEquals(42, $response->headers->get('Access-Control-Max-Age'));
}
private function createValidActualRequest()
{
$request = new Request();
$request->headers->set('Origin', 'localhost');
return $request;
}
private function createValidPreflightRequest()
{
$request = new Request();
$request->headers->set('Origin', 'localhost');
$request->headers->set('Access-Control-Request-Method', 'get');
$request->setMethod('OPTIONS');
return $request;
}
private function createStackedApp(array $options = array(), array $responseHeaders = array())
{
$passedOptions = array_merge(array(
'allowedHeaders' => array('x-allowed-header', 'x-other-allowed-header'),
'allowedMethods' => array('delete', 'get', 'post', 'put'),
'allowedOrigins' => array('localhost'),
'exposedHeaders' => false,
'maxAge' => false,
'supportsCredentials' => false,
),
$options
);
return new Cors(new MockApp($responseHeaders), $passedOptions);
}
}
class MockApp implements HttpKernelInterface
{
private $responseHeaders;
public function __construct(array $responseHeaders)
{
$this->responseHeaders = $responseHeaders;
}
public function handle(Request $request, $type = HttpKernelInterface::MASTER_REQUEST, $catch = true)
{
$response = new Response();
$response->headers->add($this->responseHeaders);
return $response;
}
}

10
web/vendor/asm89/stack-cors/test/bootstrap.php vendored Normal file
View file

@ -0,0 +1,10 @@
<?php
if (file_exists($file = __DIR__.'/../vendor/autoload.php')) {
$loader = require_once $file;
$loader->add('Asm89\Stack', __DIR__);
$loader->add('Asm89\Stack', __DIR__ . '/../src');
} else {
throw new RuntimeException('Install dependencies to run test suite.');
}