sfForm::enableCSRFProtection(); $request = new myRequest($dispatcher); try { $request->checkCSRFProtection(); $t->fail('->checkCSRFProtection() throws a validator error if CSRF protection fails'); } catch (sfValidatorErrorSchema $error) { $t->pass('->checkCSRFProtection() throws a validator error if CSRF protection fails'); } $request = new myRequest($dispatcher); $request->setParameter('_csrf_token', '==TOKEN=='); try { $request->checkCSRFProtection(); $t->pass('->checkCSRFProtection() checks token from BaseForm'); } catch (sfValidatorErrorSchema $error) { $t->fail('->checkCSRFProtection() checks token from BaseForm'); } // ->getContentType() $t->diag('->getContentType()'); $request = new myRequest($dispatcher); $_SERVER['CONTENT_TYPE'] = 'text/html'; $t->is($request->getContentType(), 'text/html', '->getContentType() returns the content type'); $request = new myRequest($dispatcher); $_SERVER['CONTENT_TYPE'] = 'text/html; charset=UTF-8'; $t->is($request->getContentType(), 'text/html', '->getContentType() strips the charset information by default'); $t->is($request->getContentType(false), 'text/html; charset=UTF-8', '->getContentType() does not strip the charset information by defaultif you pass false as the first argument'); // ->getHost() $t->diag('->getHost()'); $request = new myRequest($dispatcher); $_SERVER['HTTP_X_FORWARDED_HOST'] = 'example1.com, example2.com, example3.com'; $t->is($request->getHost(), 'example3.com', '->getHost() returns the last forwarded host'); unset($_SERVER['HTTP_X_FORWARDED_HOST']);