ResponseTest.php 8.3 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291
  1. <?php
  2. /**
  3. * ownCloud - App Framework
  4. *
  5. * @author Bernhard Posselt
  6. * @copyright 2012 Bernhard Posselt <dev@bernhard-posselt.com>
  7. *
  8. * This library is free software; you can redistribute it and/or
  9. * modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE
  10. * License as published by the Free Software Foundation; either
  11. * version 3 of the License, or any later version.
  12. *
  13. * This library is distributed in the hope that it will be useful,
  14. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  15. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  16. * GNU AFFERO GENERAL PUBLIC LICENSE for more details.
  17. *
  18. * You should have received a copy of the GNU Affero General Public
  19. * License along with this library. If not, see <http://www.gnu.org/licenses/>.
  20. *
  21. */
  22. namespace Test\AppFramework\Http;
  23. use OCP\AppFramework\Http;
  24. use OCP\AppFramework\Http\Response;
  25. use OCP\AppFramework\Utility\ITimeFactory;
  26. class ResponseTest extends \Test\TestCase {
  27. /**
  28. * @var \OCP\AppFramework\Http\Response
  29. */
  30. private $childResponse;
  31. protected function setUp(): void {
  32. parent::setUp();
  33. $this->childResponse = new Response();
  34. }
  35. public function testAddHeader() {
  36. $this->childResponse->addHeader(' hello ', 'world');
  37. $headers = $this->childResponse->getHeaders();
  38. $this->assertEquals('world', $headers['hello']);
  39. }
  40. public function testSetHeaders() {
  41. $expected = [
  42. 'Last-Modified' => 1,
  43. 'ETag' => 3,
  44. 'Something-Else' => 'hi',
  45. 'X-Robots-Tag' => 'noindex, nofollow',
  46. ];
  47. $this->childResponse->setHeaders($expected);
  48. $headers = $this->childResponse->getHeaders();
  49. $expected['Content-Security-Policy'] = "default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'";
  50. $expected['Feature-Policy'] = "autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'";
  51. $this->assertEquals($expected, $headers);
  52. }
  53. public function testOverwriteCsp() {
  54. $expected = [
  55. 'Content-Security-Policy' => "default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self' 'unsafe-inline';style-src 'self' 'unsafe-inline';img-src 'self';font-src 'self' data:;connect-src 'self';media-src 'self'",
  56. ];
  57. $policy = new Http\ContentSecurityPolicy();
  58. $policy->allowInlineScript(true);
  59. $this->childResponse->setContentSecurityPolicy($policy);
  60. $headers = $this->childResponse->getHeaders();
  61. $this->assertEquals(array_merge($expected, $headers), $headers);
  62. }
  63. public function testGetCsp() {
  64. $policy = new Http\ContentSecurityPolicy();
  65. $policy->allowInlineScript(true);
  66. $this->childResponse->setContentSecurityPolicy($policy);
  67. $this->assertEquals($policy, $this->childResponse->getContentSecurityPolicy());
  68. }
  69. public function testGetCspEmpty() {
  70. $this->assertEquals(new Http\EmptyContentSecurityPolicy(), $this->childResponse->getContentSecurityPolicy());
  71. }
  72. public function testAddHeaderValueNullDeletesIt() {
  73. $this->childResponse->addHeader('hello', 'world');
  74. $this->childResponse->addHeader('hello', null);
  75. $this->assertEquals(5, count($this->childResponse->getHeaders()));
  76. }
  77. public function testCacheHeadersAreDisabledByDefault() {
  78. $headers = $this->childResponse->getHeaders();
  79. $this->assertEquals('no-cache, no-store, must-revalidate', $headers['Cache-Control']);
  80. }
  81. public function testAddCookie() {
  82. $this->childResponse->addCookie('foo', 'bar');
  83. $this->childResponse->addCookie('bar', 'foo', new \DateTime('1970-01-01'));
  84. $expectedResponse = [
  85. 'foo' => [
  86. 'value' => 'bar',
  87. 'expireDate' => null,
  88. 'sameSite' => 'Lax',
  89. ],
  90. 'bar' => [
  91. 'value' => 'foo',
  92. 'expireDate' => new \DateTime('1970-01-01'),
  93. 'sameSite' => 'Lax',
  94. ]
  95. ];
  96. $this->assertEquals($expectedResponse, $this->childResponse->getCookies());
  97. }
  98. public function testSetCookies() {
  99. $expected = [
  100. 'foo' => [
  101. 'value' => 'bar',
  102. 'expireDate' => null,
  103. ],
  104. 'bar' => [
  105. 'value' => 'foo',
  106. 'expireDate' => new \DateTime('1970-01-01')
  107. ]
  108. ];
  109. $this->childResponse->setCookies($expected);
  110. $cookies = $this->childResponse->getCookies();
  111. $this->assertEquals($expected, $cookies);
  112. }
  113. public function testInvalidateCookie() {
  114. $this->childResponse->addCookie('foo', 'bar');
  115. $this->childResponse->invalidateCookie('foo');
  116. $expected = [
  117. 'foo' => [
  118. 'value' => 'expired',
  119. 'expireDate' => new \DateTime('1971-01-01'),
  120. 'sameSite' => 'Lax',
  121. ]
  122. ];
  123. $cookies = $this->childResponse->getCookies();
  124. $this->assertEquals($expected, $cookies);
  125. }
  126. public function testInvalidateCookies() {
  127. $this->childResponse->addCookie('foo', 'bar');
  128. $this->childResponse->addCookie('bar', 'foo');
  129. $expected = [
  130. 'foo' => [
  131. 'value' => 'bar',
  132. 'expireDate' => null,
  133. 'sameSite' => 'Lax',
  134. ],
  135. 'bar' => [
  136. 'value' => 'foo',
  137. 'expireDate' => null,
  138. 'sameSite' => 'Lax',
  139. ]
  140. ];
  141. $cookies = $this->childResponse->getCookies();
  142. $this->assertEquals($expected, $cookies);
  143. $this->childResponse->invalidateCookies(['foo', 'bar']);
  144. $expected = [
  145. 'foo' => [
  146. 'value' => 'expired',
  147. 'expireDate' => new \DateTime('1971-01-01'),
  148. 'sameSite' => 'Lax',
  149. ],
  150. 'bar' => [
  151. 'value' => 'expired',
  152. 'expireDate' => new \DateTime('1971-01-01'),
  153. 'sameSite' => 'Lax',
  154. ]
  155. ];
  156. $cookies = $this->childResponse->getCookies();
  157. $this->assertEquals($expected, $cookies);
  158. }
  159. public function testRenderReturnNullByDefault() {
  160. $this->assertEquals(null, $this->childResponse->render());
  161. }
  162. public function testGetStatus() {
  163. $default = $this->childResponse->getStatus();
  164. $this->childResponse->setStatus(Http::STATUS_NOT_FOUND);
  165. $this->assertEquals(Http::STATUS_OK, $default);
  166. $this->assertEquals(Http::STATUS_NOT_FOUND, $this->childResponse->getStatus());
  167. }
  168. public function testGetEtag() {
  169. $this->childResponse->setEtag('hi');
  170. $this->assertSame('hi', $this->childResponse->getEtag());
  171. }
  172. public function testGetLastModified() {
  173. $lastModified = new \DateTime('now', new \DateTimeZone('GMT'));
  174. $lastModified->setTimestamp(1);
  175. $this->childResponse->setLastModified($lastModified);
  176. $this->assertEquals($lastModified, $this->childResponse->getLastModified());
  177. }
  178. public function testCacheSecondsZero() {
  179. $this->childResponse->cacheFor(0);
  180. $headers = $this->childResponse->getHeaders();
  181. $this->assertEquals('no-cache, no-store, must-revalidate', $headers['Cache-Control']);
  182. $this->assertFalse(isset($headers['Pragma']));
  183. $this->assertFalse(isset($headers['Expires']));
  184. }
  185. public function testCacheSeconds() {
  186. $time = $this->createMock(ITimeFactory::class);
  187. $time->method('getTime')
  188. ->willReturn(1234567);
  189. $this->overwriteService(ITimeFactory::class, $time);
  190. $this->childResponse->cacheFor(33);
  191. $headers = $this->childResponse->getHeaders();
  192. $this->assertEquals('private, max-age=33, must-revalidate', $headers['Cache-Control']);
  193. $this->assertEquals('private', $headers['Pragma']);
  194. $this->assertEquals('Thu, 15 Jan 1970 06:56:40 +0000', $headers['Expires']);
  195. }
  196. public function testEtagLastModifiedHeaders() {
  197. $lastModified = new \DateTime('now', new \DateTimeZone('GMT'));
  198. $lastModified->setTimestamp(1);
  199. $this->childResponse->setLastModified($lastModified);
  200. $headers = $this->childResponse->getHeaders();
  201. $this->assertEquals('Thu, 01 Jan 1970 00:00:01 +0000', $headers['Last-Modified']);
  202. }
  203. public function testChainability() {
  204. $lastModified = new \DateTime('now', new \DateTimeZone('GMT'));
  205. $lastModified->setTimestamp(1);
  206. $this->childResponse->setEtag('hi')
  207. ->setStatus(Http::STATUS_NOT_FOUND)
  208. ->setLastModified($lastModified)
  209. ->cacheFor(33)
  210. ->addHeader('hello', 'world');
  211. $headers = $this->childResponse->getHeaders();
  212. $this->assertEquals('world', $headers['hello']);
  213. $this->assertEquals(Http::STATUS_NOT_FOUND, $this->childResponse->getStatus());
  214. $this->assertEquals('hi', $this->childResponse->getEtag());
  215. $this->assertEquals('Thu, 01 Jan 1970 00:00:01 +0000', $headers['Last-Modified']);
  216. $this->assertEquals('private, max-age=33, must-revalidate',
  217. $headers['Cache-Control']);
  218. }
  219. public function testThrottle() {
  220. $this->assertFalse($this->childResponse->isThrottled());
  221. $this->childResponse->throttle();
  222. $this->assertTrue($this->childResponse->isThrottled());
  223. }
  224. public function testGetThrottleMetadata() {
  225. $this->childResponse->throttle(['foo' => 'bar']);
  226. $this->assertSame(['foo' => 'bar'], $this->childResponse->getThrottleMetadata());
  227. }
  228. }