Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Convert \Drupal\system\Tests\Session\SessionHttpsTest to PHPUnit.
This test has some history and deserves its own issue, see #2265099: Cleanup SessionHttpsTest and fix redirect to non-existing URL after POST requests
Scope:
- \Drupal\system\Tests\Session\SessionHttpsTest
Comment | File | Size | Author |
---|---|---|---|
#16 | 3011079-16.patch | 21.35 KB | Lendude |
#16 | interdiff-3011079-15-16.txt | 819 bytes | Lendude |
#15 | 3011079-2-14.patch | 21.35 KB | alexpott |
#15 | 13-14-interdiff.txt | 1.41 KB | alexpott |
#13 | 3011079-2-13.patch | 21.07 KB | alexpott |
Comments
Comment #2
LendudeThis doesn't work at all, but it might be a first step.
Comment #4
idebr CreditAttribution: idebr at ezCompany commentedComment #5
scott_euser CreditAttribution: scott_euser as a volunteer and at Soapbox Communications Ltd commentedGetting this a bit further but I cannot get the mock session value to fill in with my ddev environment setup for tests, so may need someone else to continue on further test fails.
Comment #6
scott_euser CreditAttribution: scott_euser as a volunteer and at Soapbox Communications Ltd commentedFixed patch to include the removal of the old file; thanks for spotting @dawehner
Setting the interdiff from the original so it's a useful interdiff.
Comment #8
scott_euser CreditAttribution: scott_euser as a volunteer and at Soapbox Communications Ltd commentedUpdated with codesniffer results
Comment #11
dawehner🔧 How about using something like
$this->session->getPage()->findField('form_build_id')
Comment #12
alexpottHere's a passing conversion. We need to disable redirects whilst logging in because otherwise it'll try to redirect us to a https site which might not work. The original test was preventing redirects too but we have to change how we do that because of the Goutte/Mink/BrowserKit architecture. There's also a bit of fun with Guzzle and BrowserKit CookieJar's which are different. For example, BrowserKit's CookieJar does not allow the secure attribute to be set when the cookies domain is not https so we have to test for that using the CookieJar guzzle fills up.
No interdiff because this is the first fully working conversion and all the changes need review. I've tried to only refactor what is necessary / makes things a bit easier. It would be possible to refactor loginHttps() and loginHttp() to share more code and thereby make maintaining this in the future a bit simpler but I don't think we should do that here.
Comment #13
alexpottAhh the docs are now out-of-date. Update them.
Comment #14
jibran#12 looks good. Yeah, I agree code is not DRY but the conversion seems alright.
Comment #15
alexpottI don;'t understand having the concurrent secure sessions unless we make some assertions so I've added some. This is a little bit of scope creep I guess but there must have been a reason for adding this and I want to make sure that the assumptions the test is making are still correct so I've added some assertions against those assumptions.
Comment #16
Lendude@alexpott nice!
The only thing I can find is that these are not in alphabetical order, so quick cleanup for that, but since that is just a cosmetic change I'm going to RTBC this too.
Comment #17
catchCommitted a51a8f5 and pushed to 8.7.x. Thanks!