silverstripe /
cwp-core
@@ -14,67 +14,67 @@ |
||
| 14 | 14 | |
| 15 | 15 | class AtomFeedTest extends SapphireTest |
| 16 | 16 | { |
| 17 | - protected static $original_host; |
|
| 17 | + protected static $original_host; |
|
| 18 | 18 | |
| 19 | - public function testAtomFeed() |
|
| 20 | - { |
|
| 21 | - $list = new ArrayList(); |
|
| 22 | - $list->push(new ItemA()); |
|
| 23 | - $list->push(new ItemB()); |
|
| 24 | - $list->push(new ItemC()); |
|
| 19 | + public function testAtomFeed() |
|
| 20 | + { |
|
| 21 | + $list = new ArrayList(); |
|
| 22 | + $list->push(new ItemA()); |
|
| 23 | + $list->push(new ItemB()); |
|
| 24 | + $list->push(new ItemC()); |
|
| 25 | 25 | |
| 26 | - $atomFeed = new CwpAtomFeed( |
|
| 27 | - $list, |
|
| 28 | - "http://www.example.com", |
|
| 29 | - "Test Atom Feed", |
|
| 30 | - "Test Atom Feed Description" |
|
| 31 | - ); |
|
| 32 | - $content = $atomFeed->outputToBrowser(); |
|
| 26 | + $atomFeed = new CwpAtomFeed( |
|
| 27 | + $list, |
|
| 28 | + "http://www.example.com", |
|
| 29 | + "Test Atom Feed", |
|
| 30 | + "Test Atom Feed Description" |
|
| 31 | + ); |
|
| 32 | + $content = $atomFeed->outputToBrowser(); |
|
| 33 | 33 | |
| 34 | - //Debug::message($content); |
|
| 35 | - $this->assertContains('<link href="http://www.example.org/item-a/" />', $content); |
|
| 36 | - $this->assertContains('<link href="http://www.example.com/item-b.html" />', $content); |
|
| 37 | - $this->assertContains('<link href="http://www.example.com/item-c.html" />', $content); |
|
| 34 | + //Debug::message($content); |
|
| 35 | + $this->assertContains('<link href="http://www.example.org/item-a/" />', $content); |
|
| 36 | + $this->assertContains('<link href="http://www.example.com/item-b.html" />', $content); |
|
| 37 | + $this->assertContains('<link href="http://www.example.com/item-c.html" />', $content); |
|
| 38 | 38 | |
| 39 | - $this->assertContains('<title type="html">ItemA</title>', $content); |
|
| 40 | - $this->assertContains('<title type="html">ItemB</title>', $content); |
|
| 41 | - $this->assertContains('<title type="html">ItemC</title>', $content); |
|
| 39 | + $this->assertContains('<title type="html">ItemA</title>', $content); |
|
| 40 | + $this->assertContains('<title type="html">ItemB</title>', $content); |
|
| 41 | + $this->assertContains('<title type="html">ItemC</title>', $content); |
|
| 42 | 42 | |
| 43 | - $this->assertContains("\tItemA Content\n", $content); |
|
| 44 | - $this->assertContains("\tItemB Content\n", $content); |
|
| 45 | - $this->assertContains("\tItemC Content\n", $content); |
|
| 46 | - } |
|
| 43 | + $this->assertContains("\tItemA Content\n", $content); |
|
| 44 | + $this->assertContains("\tItemB Content\n", $content); |
|
| 45 | + $this->assertContains("\tItemC Content\n", $content); |
|
| 46 | + } |
|
| 47 | 47 | |
| 48 | - public function testRenderWithTemplate() |
|
| 49 | - { |
|
| 50 | - $atomFeed = new CwpAtomFeed(new ArrayList(), "", "", ""); |
|
| 51 | - $content = $atomFeed->outputToBrowser(); |
|
| 52 | - // test we have switched from a RSS feed test template tot he AtomFeed template |
|
| 53 | - $this->assertNotContains('<title>Test Custom Template</title>', $content); |
|
| 54 | - } |
|
| 48 | + public function testRenderWithTemplate() |
|
| 49 | + { |
|
| 50 | + $atomFeed = new CwpAtomFeed(new ArrayList(), "", "", ""); |
|
| 51 | + $content = $atomFeed->outputToBrowser(); |
|
| 52 | + // test we have switched from a RSS feed test template tot he AtomFeed template |
|
| 53 | + $this->assertNotContains('<title>Test Custom Template</title>', $content); |
|
| 54 | + } |
|
| 55 | 55 | |
| 56 | - public function testLinkToFeed() |
|
| 57 | - { |
|
| 58 | - $link = AtomTagsStub::linkToFeed('atomLinkUrl', 'Atom feed of this blog'); |
|
| 59 | - $this->assertContains('atomLinkUrl', $link); |
|
| 60 | - $this->assertContains('Atom feed of this blog', $link); |
|
| 61 | - $this->assertContains('application/atom+xml', $link); |
|
| 62 | - } |
|
| 56 | + public function testLinkToFeed() |
|
| 57 | + { |
|
| 58 | + $link = AtomTagsStub::linkToFeed('atomLinkUrl', 'Atom feed of this blog'); |
|
| 59 | + $this->assertContains('atomLinkUrl', $link); |
|
| 60 | + $this->assertContains('Atom feed of this blog', $link); |
|
| 61 | + $this->assertContains('application/atom+xml', $link); |
|
| 62 | + } |
|
| 63 | 63 | |
| 64 | - protected function setUp() |
|
| 65 | - { |
|
| 66 | - parent::setUp(); |
|
| 67 | - Config::modify()->set(Director::class, 'alternate_base_url', '/'); |
|
| 68 | - if (!self::$original_host) { |
|
| 69 | - self::$original_host = $_SERVER['HTTP_HOST']; |
|
| 70 | - } |
|
| 71 | - $_SERVER['HTTP_HOST'] = 'www.example.org'; |
|
| 72 | - } |
|
| 64 | + protected function setUp() |
|
| 65 | + { |
|
| 66 | + parent::setUp(); |
|
| 67 | + Config::modify()->set(Director::class, 'alternate_base_url', '/'); |
|
| 68 | + if (!self::$original_host) { |
|
| 69 | + self::$original_host = $_SERVER['HTTP_HOST']; |
|
| 70 | + } |
|
| 71 | + $_SERVER['HTTP_HOST'] = 'www.example.org'; |
|
| 72 | + } |
|
| 73 | 73 | |
| 74 | - protected function tearDown() |
|
| 75 | - { |
|
| 76 | - parent::tearDown(); |
|
| 77 | - Config::modify()->set(Director::class, 'alternate_base_url', null); |
|
| 78 | - $_SERVER['HTTP_HOST'] = self::$original_host; |
|
| 79 | - } |
|
| 74 | + protected function tearDown() |
|
| 75 | + { |
|
| 76 | + parent::tearDown(); |
|
| 77 | + Config::modify()->set(Director::class, 'alternate_base_url', null); |
|
| 78 | + $_SERVER['HTTP_HOST'] = self::$original_host; |
|
| 79 | + } |
|
| 80 | 80 | } |
@@ -7,35 +7,35 @@ |
||
| 7 | 7 | |
| 8 | 8 | class RichLinksExtensionTest extends SapphireTest |
| 9 | 9 | { |
| 10 | - public function testContentLinkInjections() |
|
| 11 | - { |
|
| 12 | - $field = new DBText(); |
|
| 10 | + public function testContentLinkInjections() |
|
| 11 | + { |
|
| 12 | + $field = new DBText(); |
|
| 13 | 13 | |
| 14 | - // External links injection. |
|
| 15 | - $field->setValue('<a href="http://newzealand.govt.nz">New Zealand Government</a>'); |
|
| 16 | - $this->assertEquals( |
|
| 17 | - $field->RichLinks(), |
|
| 18 | - '<a class="external" rel="external" title="Open external link" ' |
|
| 19 | - . 'href="http://newzealand.govt.nz">New Zealand Government' |
|
| 20 | - .'<span class="nonvisual-indicator">(external link)</span></a>', |
|
| 21 | - 'Injects attributes to external link without target.' |
|
| 22 | - ); |
|
| 14 | + // External links injection. |
|
| 15 | + $field->setValue('<a href="http://newzealand.govt.nz">New Zealand Government</a>'); |
|
| 16 | + $this->assertEquals( |
|
| 17 | + $field->RichLinks(), |
|
| 18 | + '<a class="external" rel="external" title="Open external link" ' |
|
| 19 | + . 'href="http://newzealand.govt.nz">New Zealand Government' |
|
| 20 | + .'<span class="nonvisual-indicator">(external link)</span></a>', |
|
| 21 | + 'Injects attributes to external link without target.' |
|
| 22 | + ); |
|
| 23 | 23 | |
| 24 | - $field->setValue('<a href="http://newzealand.govt.nz" target="_blank">New Zealand Government</a>'); |
|
| 25 | - $this->assertEquals( |
|
| 26 | - $field->RichLinks(), |
|
| 27 | - '<a class="external" rel="external" title="Open external link" ' |
|
| 28 | - . 'href="http://newzealand.govt.nz" target="_blank">New Zealand Government' |
|
| 29 | - .'<span class="nonvisual-indicator">(external link)</span></a>', |
|
| 30 | - 'Injects attributes to external link with target, while keeping the existing attributes.' |
|
| 31 | - ); |
|
| 24 | + $field->setValue('<a href="http://newzealand.govt.nz" target="_blank">New Zealand Government</a>'); |
|
| 25 | + $this->assertEquals( |
|
| 26 | + $field->RichLinks(), |
|
| 27 | + '<a class="external" rel="external" title="Open external link" ' |
|
| 28 | + . 'href="http://newzealand.govt.nz" target="_blank">New Zealand Government' |
|
| 29 | + .'<span class="nonvisual-indicator">(external link)</span></a>', |
|
| 30 | + 'Injects attributes to external link with target, while keeping the existing attributes.' |
|
| 31 | + ); |
|
| 32 | 32 | |
| 33 | - // Check the normal links are not affected. |
|
| 34 | - $field->setValue('<a href="[sitetree_link,id=1]">Internal</a>'); |
|
| 35 | - $this->assertEquals( |
|
| 36 | - $field->RichLinks(), |
|
| 37 | - '<a href="[sitetree_link,id=1]">Internal</a>', |
|
| 38 | - 'Regular link is not modified.' |
|
| 39 | - ); |
|
| 40 | - } |
|
| 33 | + // Check the normal links are not affected. |
|
| 34 | + $field->setValue('<a href="[sitetree_link,id=1]">Internal</a>'); |
|
| 35 | + $this->assertEquals( |
|
| 36 | + $field->RichLinks(), |
|
| 37 | + '<a href="[sitetree_link,id=1]">Internal</a>', |
|
| 38 | + 'Regular link is not modified.' |
|
| 39 | + ); |
|
| 40 | + } |
|
| 41 | 41 | } |
@@ -11,11 +11,11 @@ |
||
| 11 | 11 | */ |
| 12 | 12 | class AtomTagsStub implements TestOnly |
| 13 | 13 | { |
| 14 | - public static function linkToFeed($url, $title = null) |
|
| 15 | - { |
|
| 16 | - $link = '<link rel="alternate" type="application/atom+xml" title="' . $title . |
|
| 17 | - '" href="' . $url . '" />'; |
|
| 18 | - CwpAtomFeed::linkToFeed($url, $title); |
|
| 19 | - return $link; |
|
| 20 | - } |
|
| 14 | + public static function linkToFeed($url, $title = null) |
|
| 15 | + { |
|
| 16 | + $link = '<link rel="alternate" type="application/atom+xml" title="' . $title . |
|
| 17 | + '" href="' . $url . '" />'; |
|
| 18 | + CwpAtomFeed::linkToFeed($url, $title); |
|
| 19 | + return $link; |
|
| 20 | + } |
|
| 21 | 21 | } |
@@ -7,33 +7,33 @@ |
||
| 7 | 7 | |
| 8 | 8 | class ItemC extends ViewableData implements TestOnly |
| 9 | 9 | { |
| 10 | - // ItemC tests fields - Title has casting, Content doesn't. |
|
| 11 | - private static $casting = [ |
|
| 12 | - 'Title' => 'Varchar', |
|
| 13 | - 'AltContent' => 'Text', |
|
| 14 | - ]; |
|
| 15 | - |
|
| 16 | - public $Title = 'ItemC'; |
|
| 17 | - |
|
| 18 | - public function Title() |
|
| 19 | - { |
|
| 20 | - return "ItemC"; |
|
| 21 | - } |
|
| 22 | - |
|
| 23 | - public function Content() |
|
| 24 | - { |
|
| 25 | - return "ItemC Content"; |
|
| 26 | - } |
|
| 27 | - |
|
| 28 | - public $AltContent = "ItemC AltContent"; |
|
| 29 | - |
|
| 30 | - public function Link() |
|
| 31 | - { |
|
| 32 | - return "item-c.html"; |
|
| 33 | - } |
|
| 34 | - |
|
| 35 | - public function AbsoluteLink() |
|
| 36 | - { |
|
| 37 | - return "http://www.example.com/item-c.html"; |
|
| 38 | - } |
|
| 10 | + // ItemC tests fields - Title has casting, Content doesn't. |
|
| 11 | + private static $casting = [ |
|
| 12 | + 'Title' => 'Varchar', |
|
| 13 | + 'AltContent' => 'Text', |
|
| 14 | + ]; |
|
| 15 | + |
|
| 16 | + public $Title = 'ItemC'; |
|
| 17 | + |
|
| 18 | + public function Title() |
|
| 19 | + { |
|
| 20 | + return "ItemC"; |
|
| 21 | + } |
|
| 22 | + |
|
| 23 | + public function Content() |
|
| 24 | + { |
|
| 25 | + return "ItemC Content"; |
|
| 26 | + } |
|
| 27 | + |
|
| 28 | + public $AltContent = "ItemC AltContent"; |
|
| 29 | + |
|
| 30 | + public function Link() |
|
| 31 | + { |
|
| 32 | + return "item-c.html"; |
|
| 33 | + } |
|
| 34 | + |
|
| 35 | + public function AbsoluteLink() |
|
| 36 | + { |
|
| 37 | + return "http://www.example.com/item-c.html"; |
|
| 38 | + } |
|
| 39 | 39 | } |
@@ -7,26 +7,26 @@ |
||
| 7 | 7 | |
| 8 | 8 | class ItemB extends ViewableData implements TestOnly |
| 9 | 9 | { |
| 10 | - // ItemB tests without $casting |
|
| 11 | - public $Title = 'ItemB'; |
|
| 10 | + // ItemB tests without $casting |
|
| 11 | + public $Title = 'ItemB'; |
|
| 12 | 12 | |
| 13 | - public function Title() |
|
| 14 | - { |
|
| 15 | - return "ItemB"; |
|
| 16 | - } |
|
| 13 | + public function Title() |
|
| 14 | + { |
|
| 15 | + return "ItemB"; |
|
| 16 | + } |
|
| 17 | 17 | |
| 18 | - public function AbsoluteLink() |
|
| 19 | - { |
|
| 20 | - return "http://www.example.com/item-b.html"; |
|
| 21 | - } |
|
| 18 | + public function AbsoluteLink() |
|
| 19 | + { |
|
| 20 | + return "http://www.example.com/item-b.html"; |
|
| 21 | + } |
|
| 22 | 22 | |
| 23 | - public function Content() |
|
| 24 | - { |
|
| 25 | - return "ItemB Content"; |
|
| 26 | - } |
|
| 23 | + public function Content() |
|
| 24 | + { |
|
| 25 | + return "ItemB Content"; |
|
| 26 | + } |
|
| 27 | 27 | |
| 28 | - public function AltContent() |
|
| 29 | - { |
|
| 30 | - return "ItemB AltContent"; |
|
| 31 | - } |
|
| 28 | + public function AltContent() |
|
| 29 | + { |
|
| 30 | + return "ItemB AltContent"; |
|
| 31 | + } |
|
| 32 | 32 | } |
@@ -8,32 +8,32 @@ |
||
| 8 | 8 | |
| 9 | 9 | class ItemA extends ViewableData implements TestOnly |
| 10 | 10 | { |
| 11 | - // Atom-feed items must have $casting/$db information. |
|
| 12 | - private static $casting = [ |
|
| 13 | - 'Title' => 'Varchar', |
|
| 14 | - 'Content' => 'Text', |
|
| 15 | - 'AltContent' => 'Text', |
|
| 16 | - ]; |
|
| 17 | - |
|
| 18 | - public $Title = 'ItemA'; |
|
| 19 | - |
|
| 20 | - public function Title() |
|
| 21 | - { |
|
| 22 | - return "ItemA"; |
|
| 23 | - } |
|
| 24 | - |
|
| 25 | - public function Content() |
|
| 26 | - { |
|
| 27 | - return "ItemA Content"; |
|
| 28 | - } |
|
| 29 | - |
|
| 30 | - public function AltContent() |
|
| 31 | - { |
|
| 32 | - return "ItemA AltContent"; |
|
| 33 | - } |
|
| 34 | - |
|
| 35 | - public function Link($action = null) |
|
| 36 | - { |
|
| 37 | - return Controller::join_links("item-a/", $action); |
|
| 38 | - } |
|
| 11 | + // Atom-feed items must have $casting/$db information. |
|
| 12 | + private static $casting = [ |
|
| 13 | + 'Title' => 'Varchar', |
|
| 14 | + 'Content' => 'Text', |
|
| 15 | + 'AltContent' => 'Text', |
|
| 16 | + ]; |
|
| 17 | + |
|
| 18 | + public $Title = 'ItemA'; |
|
| 19 | + |
|
| 20 | + public function Title() |
|
| 21 | + { |
|
| 22 | + return "ItemA"; |
|
| 23 | + } |
|
| 24 | + |
|
| 25 | + public function Content() |
|
| 26 | + { |
|
| 27 | + return "ItemA Content"; |
|
| 28 | + } |
|
| 29 | + |
|
| 30 | + public function AltContent() |
|
| 31 | + { |
|
| 32 | + return "ItemA AltContent"; |
|
| 33 | + } |
|
| 34 | + |
|
| 35 | + public function Link($action = null) |
|
| 36 | + { |
|
| 37 | + return Controller::join_links("item-a/", $action); |
|
| 38 | + } |
|
| 39 | 39 | } |
@@ -93,7 +93,7 @@ |
||
| 93 | 93 | */ |
| 94 | 94 | protected function runMiddleware() |
| 95 | 95 | { |
| 96 | - $this->middleware->process($this->request, function () { |
|
| 96 | + $this->middleware->process($this->request, function() { |
|
| 97 | 97 | // no op |
| 98 | 98 | }); |
| 99 | 99 | } |
@@ -10,120 +10,120 @@ |
||
| 10 | 10 | |
| 11 | 11 | class InitialisationMiddlewareTest extends FunctionalTest |
| 12 | 12 | { |
| 13 | - /** |
|
| 14 | - * @var HTTPRequest |
|
| 15 | - */ |
|
| 16 | - protected $request; |
|
| 17 | - |
|
| 18 | - /** |
|
| 19 | - * @var InitialisationMiddleware |
|
| 20 | - */ |
|
| 21 | - protected $middleware; |
|
| 22 | - |
|
| 23 | - protected $usesDatabase = true; |
|
| 24 | - |
|
| 25 | - protected function setUp() |
|
| 26 | - { |
|
| 27 | - parent::setUp(); |
|
| 28 | - |
|
| 29 | - $this->request = new HTTPRequest('GET', '/'); |
|
| 30 | - $this->middleware = new InitialisationMiddleware(); |
|
| 31 | - |
|
| 32 | - Environment::setEnv('SS_OUTBOUND_PROXY', ''); |
|
| 33 | - Environment::setEnv('SS_OUTBOUND_PROXY_PORT', ''); |
|
| 34 | - putenv('NO_PROXY='); |
|
| 35 | - } |
|
| 36 | - |
|
| 37 | - public function testDoNotConfigureProxyIfNoEnvironmentVarsAreSet() |
|
| 38 | - { |
|
| 39 | - $this->runMiddleware(); |
|
| 40 | - |
|
| 41 | - $this->assertEmpty( |
|
| 42 | - Environment::getEnv('http_proxy'), |
|
| 43 | - 'Proxy information is not set if no outbound proxy is configured' |
|
| 44 | - ); |
|
| 45 | - } |
|
| 46 | - |
|
| 47 | - public function testConfigureEgressProxyWhenVarsAreSet() |
|
| 48 | - { |
|
| 49 | - Environment::setEnv('SS_OUTBOUND_PROXY', 'http://example.com'); |
|
| 50 | - Environment::setEnv('SS_OUTBOUND_PROXY_PORT', '8024'); |
|
| 51 | - |
|
| 52 | - $this->runMiddleware(); |
|
| 53 | - |
|
| 54 | - $this->assertEquals( |
|
| 55 | - 'http://example.com:8024', |
|
| 56 | - Environment::getEnv('http_proxy'), |
|
| 57 | - 'Proxy is configured with proxy and port' |
|
| 58 | - ); |
|
| 59 | - } |
|
| 60 | - |
|
| 61 | - public function testDoNotConfigureProxyDomainExclusionsWhenNoneAreDefined() |
|
| 62 | - { |
|
| 63 | - Config::modify()->remove(InitialisationMiddleware::class, 'egress_proxy_exclude_domains'); |
|
| 64 | - |
|
| 65 | - $this->runMiddleware(); |
|
| 66 | - |
|
| 67 | - $this->assertSame( |
|
| 68 | - '', |
|
| 69 | - Environment::getEnv('NO_PROXY'), |
|
| 70 | - 'No domain exclusions are set when none are defined' |
|
| 71 | - ); |
|
| 72 | - } |
|
| 73 | - |
|
| 74 | - public function testConfigureEgressProxyDomainExclusions() |
|
| 75 | - { |
|
| 76 | - Config::modify()->set( |
|
| 77 | - InitialisationMiddleware::class, |
|
| 78 | - 'egress_proxy_exclude_domains', |
|
| 79 | - 'example.com' |
|
| 80 | - ); |
|
| 81 | - |
|
| 82 | - putenv('NO_PROXY=foo.com,bar.com'); |
|
| 83 | - $this->runMiddleware(); |
|
| 84 | - |
|
| 85 | - $this->assertSame( |
|
| 86 | - 'foo.com,bar.com,example.com', |
|
| 87 | - Environment::getEnv('NO_PROXY'), |
|
| 88 | - 'Domain exclusions are combined with existing values and configuration settings' |
|
| 89 | - ); |
|
| 90 | - } |
|
| 91 | - |
|
| 92 | - public function testSecurityHeadersAddedByDefault() |
|
| 93 | - { |
|
| 94 | - $response = $this->get('Security/login'); |
|
| 95 | - $this->assertArrayHasKey('x-xss-protection', $response->getHeaders()); |
|
| 96 | - $this->assertSame('1; mode=block', $response->getHeader('x-xss-protection')); |
|
| 97 | - } |
|
| 98 | - |
|
| 99 | - public function testXSSProtectionHeaderNotAdded() |
|
| 100 | - { |
|
| 101 | - Config::modify()->set(InitialisationMiddleware::class, 'xss_protection_enabled', false); |
|
| 102 | - $response = $this->get('Security/login'); |
|
| 103 | - $this->assertArrayNotHasKey('x-xss-protection', $response->getHeaders()); |
|
| 104 | - } |
|
| 105 | - |
|
| 106 | - public function testHstsNotAddedByDefault() |
|
| 107 | - { |
|
| 108 | - Config::modify()->remove(InitialisationMiddleware::class, 'strict_transport_security'); |
|
| 109 | - $response = $this->get('Security/login'); |
|
| 110 | - $this->assertArrayNotHasKey('strict-transport-security', $response->getHeaders()); |
|
| 111 | - } |
|
| 112 | - |
|
| 113 | - public function testHstsAddedWhenConfigured() |
|
| 114 | - { |
|
| 115 | - Config::modify()->update(InitialisationMiddleware::class, 'strict_transport_security', 'max-age=1'); |
|
| 116 | - $response = $this->get('Security/login'); |
|
| 117 | - $this->assertArrayHasKey('strict-transport-security', $response->getHeaders()); |
|
| 118 | - } |
|
| 119 | - |
|
| 120 | - /** |
|
| 121 | - * Runs the middleware with a stubbed delegate |
|
| 122 | - */ |
|
| 123 | - protected function runMiddleware() |
|
| 124 | - { |
|
| 125 | - $this->middleware->process($this->request, function () { |
|
| 126 | - // no op |
|
| 127 | - }); |
|
| 128 | - } |
|
| 13 | + /** |
|
| 14 | + * @var HTTPRequest |
|
| 15 | + */ |
|
| 16 | + protected $request; |
|
| 17 | + |
|
| 18 | + /** |
|
| 19 | + * @var InitialisationMiddleware |
|
| 20 | + */ |
|
| 21 | + protected $middleware; |
|
| 22 | + |
|
| 23 | + protected $usesDatabase = true; |
|
| 24 | + |
|
| 25 | + protected function setUp() |
|
| 26 | + { |
|
| 27 | + parent::setUp(); |
|
| 28 | + |
|
| 29 | + $this->request = new HTTPRequest('GET', '/'); |
|
| 30 | + $this->middleware = new InitialisationMiddleware(); |
|
| 31 | + |
|
| 32 | + Environment::setEnv('SS_OUTBOUND_PROXY', ''); |
|
| 33 | + Environment::setEnv('SS_OUTBOUND_PROXY_PORT', ''); |
|
| 34 | + putenv('NO_PROXY='); |
|
| 35 | + } |
|
| 36 | + |
|
| 37 | + public function testDoNotConfigureProxyIfNoEnvironmentVarsAreSet() |
|
| 38 | + { |
|
| 39 | + $this->runMiddleware(); |
|
| 40 | + |
|
| 41 | + $this->assertEmpty( |
|
| 42 | + Environment::getEnv('http_proxy'), |
|
| 43 | + 'Proxy information is not set if no outbound proxy is configured' |
|
| 44 | + ); |
|
| 45 | + } |
|
| 46 | + |
|
| 47 | + public function testConfigureEgressProxyWhenVarsAreSet() |
|
| 48 | + { |
|
| 49 | + Environment::setEnv('SS_OUTBOUND_PROXY', 'http://example.com'); |
|
| 50 | + Environment::setEnv('SS_OUTBOUND_PROXY_PORT', '8024'); |
|
| 51 | + |
|
| 52 | + $this->runMiddleware(); |
|
| 53 | + |
|
| 54 | + $this->assertEquals( |
|
| 55 | + 'http://example.com:8024', |
|
| 56 | + Environment::getEnv('http_proxy'), |
|
| 57 | + 'Proxy is configured with proxy and port' |
|
| 58 | + ); |
|
| 59 | + } |
|
| 60 | + |
|
| 61 | + public function testDoNotConfigureProxyDomainExclusionsWhenNoneAreDefined() |
|
| 62 | + { |
|
| 63 | + Config::modify()->remove(InitialisationMiddleware::class, 'egress_proxy_exclude_domains'); |
|
| 64 | + |
|
| 65 | + $this->runMiddleware(); |
|
| 66 | + |
|
| 67 | + $this->assertSame( |
|
| 68 | + '', |
|
| 69 | + Environment::getEnv('NO_PROXY'), |
|
| 70 | + 'No domain exclusions are set when none are defined' |
|
| 71 | + ); |
|
| 72 | + } |
|
| 73 | + |
|
| 74 | + public function testConfigureEgressProxyDomainExclusions() |
|
| 75 | + { |
|
| 76 | + Config::modify()->set( |
|
| 77 | + InitialisationMiddleware::class, |
|
| 78 | + 'egress_proxy_exclude_domains', |
|
| 79 | + 'example.com' |
|
| 80 | + ); |
|
| 81 | + |
|
| 82 | + putenv('NO_PROXY=foo.com,bar.com'); |
|
| 83 | + $this->runMiddleware(); |
|
| 84 | + |
|
| 85 | + $this->assertSame( |
|
| 86 | + 'foo.com,bar.com,example.com', |
|
| 87 | + Environment::getEnv('NO_PROXY'), |
|
| 88 | + 'Domain exclusions are combined with existing values and configuration settings' |
|
| 89 | + ); |
|
| 90 | + } |
|
| 91 | + |
|
| 92 | + public function testSecurityHeadersAddedByDefault() |
|
| 93 | + { |
|
| 94 | + $response = $this->get('Security/login'); |
|
| 95 | + $this->assertArrayHasKey('x-xss-protection', $response->getHeaders()); |
|
| 96 | + $this->assertSame('1; mode=block', $response->getHeader('x-xss-protection')); |
|
| 97 | + } |
|
| 98 | + |
|
| 99 | + public function testXSSProtectionHeaderNotAdded() |
|
| 100 | + { |
|
| 101 | + Config::modify()->set(InitialisationMiddleware::class, 'xss_protection_enabled', false); |
|
| 102 | + $response = $this->get('Security/login'); |
|
| 103 | + $this->assertArrayNotHasKey('x-xss-protection', $response->getHeaders()); |
|
| 104 | + } |
|
| 105 | + |
|
| 106 | + public function testHstsNotAddedByDefault() |
|
| 107 | + { |
|
| 108 | + Config::modify()->remove(InitialisationMiddleware::class, 'strict_transport_security'); |
|
| 109 | + $response = $this->get('Security/login'); |
|
| 110 | + $this->assertArrayNotHasKey('strict-transport-security', $response->getHeaders()); |
|
| 111 | + } |
|
| 112 | + |
|
| 113 | + public function testHstsAddedWhenConfigured() |
|
| 114 | + { |
|
| 115 | + Config::modify()->update(InitialisationMiddleware::class, 'strict_transport_security', 'max-age=1'); |
|
| 116 | + $response = $this->get('Security/login'); |
|
| 117 | + $this->assertArrayHasKey('strict-transport-security', $response->getHeaders()); |
|
| 118 | + } |
|
| 119 | + |
|
| 120 | + /** |
|
| 121 | + * Runs the middleware with a stubbed delegate |
|
| 122 | + */ |
|
| 123 | + protected function runMiddleware() |
|
| 124 | + { |
|
| 125 | + $this->middleware->process($this->request, function () { |
|
| 126 | + // no op |
|
| 127 | + }); |
|
| 128 | + } |
|
| 129 | 129 | } |
@@ -13,13 +13,13 @@ |
||
| 13 | 13 | class CustomHtmlEditorFieldToolbar extends Extension |
| 14 | 14 | { |
| 15 | 15 | |
| 16 | - /** |
|
| 17 | - * @param Form $form |
|
| 18 | - * @return void |
|
| 19 | - */ |
|
| 20 | - public function updateMediaForm(Form $form) |
|
| 21 | - { |
|
| 22 | - Requirements::add_i18n_javascript('cwp/cwp-core:javascript/lang'); |
|
| 23 | - Requirements::javascript('cwp/cwp-core:javascript/CustomHtmlEditorFieldToolbar.js'); |
|
| 24 | - } |
|
| 16 | + /** |
|
| 17 | + * @param Form $form |
|
| 18 | + * @return void |
|
| 19 | + */ |
|
| 20 | + public function updateMediaForm(Form $form) |
|
| 21 | + { |
|
| 22 | + Requirements::add_i18n_javascript('cwp/cwp-core:javascript/lang'); |
|
| 23 | + Requirements::javascript('cwp/cwp-core:javascript/CustomHtmlEditorFieldToolbar.js'); |
|
| 24 | + } |
|
| 25 | 25 | } |
@@ -7,20 +7,20 @@ |
||
| 7 | 7 | class CwpHtmlEditorConfig extends DataExtension |
| 8 | 8 | { |
| 9 | 9 | |
| 10 | - /** |
|
| 11 | - * @return string |
|
| 12 | - * |
|
| 13 | - * Override the default HtmlEditorConfig from 'cms' to 'cwp' defined in cwp-core/_config.php |
|
| 14 | - * However if the group has a custom editor configuration set, use that instead. |
|
| 15 | - */ |
|
| 16 | - public function getHtmlEditorConfig() |
|
| 17 | - { |
|
| 18 | - $originalConfig = $this->owner->getField("HtmlEditorConfig"); |
|
| 10 | + /** |
|
| 11 | + * @return string |
|
| 12 | + * |
|
| 13 | + * Override the default HtmlEditorConfig from 'cms' to 'cwp' defined in cwp-core/_config.php |
|
| 14 | + * However if the group has a custom editor configuration set, use that instead. |
|
| 15 | + */ |
|
| 16 | + public function getHtmlEditorConfig() |
|
| 17 | + { |
|
| 18 | + $originalConfig = $this->owner->getField("HtmlEditorConfig"); |
|
| 19 | 19 | |
| 20 | - if ($originalConfig) { |
|
| 21 | - return $originalConfig; |
|
| 22 | - } |
|
| 20 | + if ($originalConfig) { |
|
| 21 | + return $originalConfig; |
|
| 22 | + } |
|
| 23 | 23 | |
| 24 | - return 'cwp'; |
|
| 25 | - } |
|
| 24 | + return 'cwp'; |
|
| 25 | + } |
|
| 26 | 26 | } |
