Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Open sidebar
project
drupal
Commits
15393165
Commit
15393165
authored
Feb 16, 2018
by
Gábor Hojtsy
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Issue
#2942769
by alexpott, Eli-T: Consolidate umami .htaccess files and testing
parent
c57b1901
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
46 additions
and
56 deletions
+46
-56
core/profiles/demo_umami/modules/demo_umami_content/default_content/.htaccess
...mami/modules/demo_umami_content/default_content/.htaccess
+0
-0
core/profiles/demo_umami/modules/demo_umami_content/default_content/images/.htaccess
...dules/demo_umami_content/default_content/images/.htaccess
+0
-12
core/profiles/demo_umami/modules/demo_umami_content/default_content/recipe_instructions/.htaccess
...ami_content/default_content/recipe_instructions/.htaccess
+0
-11
core/profiles/demo_umami/modules/demo_umami_content/tests/src/Functional/DefaultContentFilesAccessTest.php
...nt/tests/src/Functional/DefaultContentFilesAccessTest.php
+46
-0
core/profiles/demo_umami/tests/src/Functional/DemoUmamiProfileTest.php
.../demo_umami/tests/src/Functional/DemoUmamiProfileTest.php
+0
-33
No files found.
core/profiles/demo_umami/modules/demo_umami_content/default_content/
article_body/
.htaccess
→
core/profiles/demo_umami/modules/demo_umami_content/default_content/.htaccess
View file @
15393165
File moved
core/profiles/demo_umami/modules/demo_umami_content/default_content/images/.htaccess
deleted
100644 → 0
View file @
c57b1901
# Deny all requests from Apache 2.4+.
<
IfModule
mod_authz_core.c
>
Require
all
denied
</
IfModule
>
# Deny all requests from Apache 2.0-2.2.
<
IfModule
!mod_authz_core.c
>
Deny
from
all
</
IfModule
>
# Turn off all options we don't need.
Options
None
Options
+FollowSymLinks
core/profiles/demo_umami/modules/demo_umami_content/default_content/recipe_instructions/.htaccess
deleted
100644 → 0
View file @
c57b1901
# Deny all requests from Apache 2.4+.
<
IfModule
mod_authz_core.c
>
Require
all
denied
</
IfModule
>
# Deny all requests from Apache 2.0-2.2.
<
IfModule
!mod_authz_core.c
>
Deny
from
all
</
IfModule
>
# Turn off all options we don't need.
Options
-Indexes -ExecCGI -Includes -MultiViews
core/profiles/demo_umami/modules/demo_umami_content/tests/src/Functional/DefaultContentFilesAccessTest.php
0 → 100644
View file @
15393165
<?php
namespace
Drupal\Tests\demo_umami_content\Functional
;
use
Drupal\Tests\BrowserTestBase
;
/**
* Tests that files provided by demo_umami_content are not accessible.
*
* Note that this test only installs the testing profile because the Umami
* profile is not required for the test.
*
* @group demo_umami_content
*/
class
DefaultContentFilesAccessTest
extends
BrowserTestBase
{
/**
* Tests that sample images, recipes and articles are not accessible.
*/
public
function
testAccessDeniedToFiles
()
{
$file_name
=
'chocolate-brownie-umami.jpg'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/images/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
$file_name
=
'chocolate-brownie-umami.html'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/recipe_instructions/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
$file_name
=
'lets-hear-it-for-carrots.html'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/article_body/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
$file_name
=
'articles.csv'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
}
}
core/profiles/demo_umami/tests/src/Functional/DemoUmamiProfileTest.php
View file @
15393165
...
...
@@ -163,37 +163,4 @@ public function testDemonstrationWarningMessage() {
$web_assert
->
pageTextNotContains
(
'This installation is for demonstration purposes only.'
);
}
/**
* Tests that sample images are not accessible to the webserver.
*/
public
function
testAccessDeniedToSampleImages
()
{
$file_name
=
'chocolate-brownie-umami.jpg'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/images/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
}
/**
* Tests that sample recipes are not accessible to the webserver.
*/
public
function
testAccessDeniedToSampleRecipes
()
{
$file_name
=
'chocolate-brownie-umami.html'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/recipe_instructions/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
}
/**
* Tests that sample articles are not accessible to the webserver.
*/
public
function
testAccessDeniedToSampleArticles
()
{
$file_name
=
'lets-hear-it-for-carrots.html'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/article_body/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment