/** * @CORS * @expectedException \OC\AppFramework\Middleware\Security\SecurityException */ public function testCorsIgnoredIfWithCredentialsHeaderPresent() { $request = new Request(array('server' => array('HTTP_ORIGIN' => 'test'))); $this->reflector->reflect($this, __FUNCTION__); $middleware = new CORSMiddleware($request, $this->reflector); $response = new Response(); $response->addHeader('AcCess-control-Allow-Credentials ', 'TRUE'); $response = $middleware->afterController($this, __FUNCTION__, $response); }
/** * @CORS * @expectedException \OC\AppFramework\Middleware\Security\SecurityException */ public function testCorsIgnoredIfWithCredentialsHeaderPresent() { $request = new Request(['server' => ['HTTP_ORIGIN' => 'test']], $this->getMock('\\OCP\\Security\\ISecureRandom'), $this->getMock('\\OCP\\IConfig')); $this->reflector->reflect($this, __FUNCTION__); $middleware = new CORSMiddleware($request, $this->reflector); $response = new Response(); $response->addHeader('AcCess-control-Allow-Credentials ', 'TRUE'); $middleware->afterController($this, __FUNCTION__, $response); }
/** * @expectedException \Exception * @expectedExceptionMessage A regular exception */ public function testAfterExceptionWithRegularException() { $request = new Request(['server' => ['PHP_AUTH_USER' => 'user', 'PHP_AUTH_PW' => 'pass']], $this->getMock('\\OCP\\Security\\ISecureRandom'), $this->getMock('\\OCP\\IConfig')); $middleware = new CORSMiddleware($request, $this->reflector, $this->session); $middleware->afterException($this, __FUNCTION__, new \Exception('A regular exception')); }
/** * @CORS * @expectedException \OC\AppFramework\Middleware\Security\SecurityException */ public function testCORSShouldNotAllowCookieAuth() { $request = new Request( ['server' => [ 'PHP_AUTH_USER' => 'user', 'PHP_AUTH_PW' => 'pass' ]], $this->getMock('\OCP\Security\ISecureRandom'), $this->getMock('\OCP\IConfig') ); $this->session->expects($this->once()) ->method('logout'); $this->session->expects($this->once()) ->method('login') ->with($this->equalTo('user'), $this->equalTo('pass')) ->will($this->returnValue(false)); $this->reflector->reflect($this, __FUNCTION__); $middleware = new CORSMiddleware($request, $this->reflector, $this->session); $middleware->beforeController($this, __FUNCTION__, new Response()); }