mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-07-31 13:40:20 +02:00
Code Issues Releases Wiki Activity

Remove deprecated CSRF wildcard path match

Browse Source
This commit is contained in:
Alexander Skvortsov
2021-01-19 19:09:06 -05:00
parent fbdc36dfbd
commit c887093e67
3 changed files with 1 additions and 65 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
framework/core/tests/integration/extenders/CsrfTest.php
View File

@@ -41,38 +41,8 @@ class CsrfTest extends TestCase
/**
* @test
* @deprecated
*/
public function create_user_post_doesnt_need_csrf_token_if_whitelisted()
{
$this->extend(
(new Extend\Csrf)
->exemptPath('/api/users')
);
$response = $this->send(
$this->request('POST', '/api/users', [
'json' => [
'data' => [
'attributes' => $this->testUser
]
],
])
);
$this->assertEquals(201, $response->getStatusCode());
$user = User::where('username', $this->testUser['username'])->firstOrFail();
$this->assertEquals(0, $user->is_email_confirmed);
$this->assertEquals($this->testUser['username'], $user->username);
$this->assertEquals($this->testUser['email'], $user->email);
}
/**
* @test
*/
public function create_user_post_doesnt_need_csrf_token_if_whitelisted_via_routename()
{
$this->extend(
(new Extend\Csrf)
@@ -97,22 +67,4 @@ class CsrfTest extends TestCase
$this->assertEquals($this->testUser['username'], $user->username);
$this->assertEquals($this->testUser['email'], $user->email);
}
/**
* @test
* @deprecated
*/
public function csrf_matches_wildcards_properly()
{
$this->extend(
(new Extend\Csrf)
->exemptPath('/api/fake/*/up')
);
$response = $this->send(
$this->request('POST', '/api/fake/route/i/made/up')
);
$this->assertEquals(404, $response->getStatusCode());
}
}