/**
  * Tests isUrlAllowed() function for various urls and configuration
  */
 public function testisURLallowed()
 {
     csrfprotector::$config['verifyGetFor'] = array('http://test/delete*', 'https://test/*');
     $_SERVER['PHP_SELF'] = '/nodelete.php';
     $this->assertTrue(csrfprotector::isURLallowed());
     $_SERVER['PHP_SELF'] = '/index.php';
     $this->assertTrue(csrfprotector::isURLallowed('http://test/index.php'));
     $_SERVER['PHP_SELF'] = '/delete.php';
     $this->assertFalse(csrfprotector::isURLallowed('http://test/delete.php'));
     $_SERVER['PHP_SELF'] = '/delete_user.php';
     $this->assertFalse(csrfprotector::isURLallowed('http://test/delete_users.php'));
     $_SERVER['REQUEST_SCHEME'] = 'https';
     $_SERVER['PHP_SELF'] = '/index.php';
     $this->assertFalse(csrfprotector::isURLallowed('https://test/index.php'));
     $_SERVER['PHP_SELF'] = '/delete_user.php';
     $this->assertFalse(csrfprotector::isURLallowed('https://test/delete_users.php'));
 }
 /**
  * Tests isUrlAllowed() function for various urls and configuration
  */
 public function testisURLallowed()
 {
     csrfprotector::$config['verifyGetFor'] = array('http://test/delete*', 'https://test/*');
     $this->assertTrue(csrfprotector::isURLallowed('http"//test/nodelete.php'));
     $this->assertTrue(csrfprotector::isURLallowed('http://test/index.php'));
     $this->assertFalse(csrfprotector::isURLallowed('http://test/delete.php'));
     $this->assertFalse(csrfprotector::isURLallowed('http://test/delete_users.php'));
     $this->assertFalse(csrfprotector::isURLallowed('https://test/index.php'));
     $this->assertFalse(csrfprotector::isURLallowed('https://test/delete_users.php'));
 }