only in patch2: unchanged: --- a/core/modules/user/src/Tests/UserPasswordResetTest.php +++ b/core/modules/user/src/Tests/UserPasswordResetTest.php @@ -7,7 +7,7 @@ namespace Drupal\user\Tests; -use Drupal\simpletest\WebTestBase; +use Drupal\system\Tests\Cache\PageCacheTagsTestBase; use Drupal\user\Entity\User; /** @@ -15,7 +15,7 @@ * * @group user */ -class UserPasswordResetTest extends WebTestBase { +class UserPasswordResetTest extends PageCacheTagsTestBase { /** * The profile to install as a basis for testing. @@ -92,6 +92,11 @@ function testUserPasswordReset() { $resetURL = $this->getResetURL(); $this->drupalGet($resetURL); + $this->assertFalse($this->drupalGetHeader('X-Drupal-Cache')); + + // Ensure the password reset URL is not cached. + $this->drupalGet($resetURL); + $this->assertFalse($this->drupalGetHeader('X-Drupal-Cache')); // Check the one-time login page. $this->assertText($this->account->getUsername(), 'One-time login page contains the correct username.');