bachy
@@ -167,10 +167,17 @@ class ImageStylesPathAndUrlTestCase extends DrupalWebTestCase {
|
||||
$this->_testImageStyleUrlAndPath('private', FALSE);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test image_style_url() with a file URL that has an extra slash in it.
|
||||
*/
|
||||
function testImageStyleUrlExtraSlash() {
|
||||
$this->_testImageStyleUrlAndPath('public', TRUE, TRUE);
|
||||
}
|
||||
|
||||
/**
|
||||
* Test image_style_url().
|
||||
*/
|
||||
function _testImageStyleUrlAndPath($scheme, $clean_url = TRUE) {
|
||||
function _testImageStyleUrlAndPath($scheme, $clean_url = TRUE, $extra_slash = FALSE) {
|
||||
// Make the default scheme neither "public" nor "private" to verify the
|
||||
// functions work for other than the default scheme.
|
||||
variable_set('file_default_scheme', 'temporary');
|
||||
@@ -196,6 +203,15 @@ class ImageStylesPathAndUrlTestCase extends DrupalWebTestCase {
|
||||
$this->assertFalse(file_exists($generated_uri), t('Generated file does not exist.'));
|
||||
$generate_url = image_style_url($this->style_name, $original_uri);
|
||||
|
||||
// Ensure that the tests still pass when the file is generated by accessing
|
||||
// a poorly constructed (but still valid) file URL that has an extra slash
|
||||
// in it.
|
||||
if ($extra_slash) {
|
||||
$modified_uri = str_replace('://', ':///', $original_uri);
|
||||
$this->assertNotEqual($original_uri, $modified_uri, 'An extra slash was added to the generated file URI.');
|
||||
$generate_url = image_style_url($this->style_name, $modified_uri);
|
||||
}
|
||||
|
||||
if (!$clean_url) {
|
||||
$this->assertTrue(strpos($generate_url, '?q=') !== FALSE, 'When using non-clean URLS, the system path contains the query string.');
|
||||
}
|
||||
@@ -224,6 +240,12 @@ class ImageStylesPathAndUrlTestCase extends DrupalWebTestCase {
|
||||
$this->drupalGet($generate_url);
|
||||
$this->assertResponse(200, t('Image was generated at the URL.'));
|
||||
|
||||
// Make sure that access is denied for existing style files if we do not
|
||||
// have access.
|
||||
variable_del('image_module_test_file_download');
|
||||
$this->drupalGet($generate_url);
|
||||
$this->assertResponse(403, 'Confirmed that access is denied for the private image style.');
|
||||
|
||||
// Repeat this with a different file that we do not have access to and
|
||||
// make sure that access is denied.
|
||||
$file_noaccess = array_shift($files);
|
||||
@@ -805,7 +827,6 @@ class ImageFieldDisplayTestCase extends ImageFieldTestCase {
|
||||
// Only verify HTTP headers when using private scheme and the headers are
|
||||
// sent by Drupal.
|
||||
$this->assertEqual($this->drupalGetHeader('Content-Type'), 'image/png', t('Content-Type header was sent.'));
|
||||
$this->assertEqual($this->drupalGetHeader('Content-Disposition'), 'inline; filename="' . $test_image->filename . '"', t('Content-Disposition header was sent.'));
|
||||
$this->assertEqual($this->drupalGetHeader('Cache-Control'), 'private', t('Cache-Control header was sent.'));
|
||||
|
||||
// Log out and try to access the file.
|
||||
|
||||
Reference in New Issue
Block a user