Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Open sidebar
project
drupal
Commits
554e251d
Commit
554e251d
authored
Feb 16, 2018
by
alexpott
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Revert "Issue
#2942769
by alexpott, Eli-T: Consolidate umami .htaccess files and testing"
This reverts commit
15393165
.
parent
0414f401
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
with
56 additions
and
46 deletions
+56
-46
core/profiles/demo_umami/modules/demo_umami_content/default_content/article_body/.htaccess
...demo_umami_content/default_content/article_body/.htaccess
+0
-0
core/profiles/demo_umami/modules/demo_umami_content/default_content/images/.htaccess
...dules/demo_umami_content/default_content/images/.htaccess
+12
-0
core/profiles/demo_umami/modules/demo_umami_content/default_content/recipe_instructions/.htaccess
...ami_content/default_content/recipe_instructions/.htaccess
+11
-0
core/profiles/demo_umami/modules/demo_umami_content/tests/src/Functional/DefaultContentFilesAccessTest.php
...nt/tests/src/Functional/DefaultContentFilesAccessTest.php
+0
-46
core/profiles/demo_umami/tests/src/Functional/DemoUmamiProfileTest.php
.../demo_umami/tests/src/Functional/DemoUmamiProfileTest.php
+33
-0
No files found.
core/profiles/demo_umami/modules/demo_umami_content/default_content/.htaccess
→
core/profiles/demo_umami/modules/demo_umami_content/default_content/
article_body/
.htaccess
View file @
554e251d
File moved
core/profiles/demo_umami/modules/demo_umami_content/default_content/images/.htaccess
0 → 100644
View file @
554e251d
# Deny all requests from Apache 2.4+.
<
IfModule
mod_authz_core.c
>
Require
all
denied
</
IfModule
>
# Deny all requests from Apache 2.0-2.2.
<
IfModule
!mod_authz_core.c
>
Deny
from
all
</
IfModule
>
# Turn off all options we don't need.
Options
None
Options
+FollowSymLinks
core/profiles/demo_umami/modules/demo_umami_content/default_content/recipe_instructions/.htaccess
0 → 100644
View file @
554e251d
# Deny all requests from Apache 2.4+.
<
IfModule
mod_authz_core.c
>
Require
all
denied
</
IfModule
>
# Deny all requests from Apache 2.0-2.2.
<
IfModule
!mod_authz_core.c
>
Deny
from
all
</
IfModule
>
# Turn off all options we don't need.
Options
-Indexes -ExecCGI -Includes -MultiViews
core/profiles/demo_umami/modules/demo_umami_content/tests/src/Functional/DefaultContentFilesAccessTest.php
deleted
100644 → 0
View file @
0414f401
<?php
namespace
Drupal\Tests\demo_umami_content\Functional
;
use
Drupal\Tests\BrowserTestBase
;
/**
* Tests that files provided by demo_umami_content are not accessible.
*
* Note that this test only installs the testing profile because the Umami
* profile is not required for the test.
*
* @group demo_umami_content
*/
class
DefaultContentFilesAccessTest
extends
BrowserTestBase
{
/**
* Tests that sample images, recipes and articles are not accessible.
*/
public
function
testAccessDeniedToFiles
()
{
$file_name
=
'chocolate-brownie-umami.jpg'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/images/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
$file_name
=
'chocolate-brownie-umami.html'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/recipe_instructions/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
$file_name
=
'lets-hear-it-for-carrots.html'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/article_body/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
$file_name
=
'articles.csv'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
}
}
core/profiles/demo_umami/tests/src/Functional/DemoUmamiProfileTest.php
View file @
554e251d
...
...
@@ -163,4 +163,37 @@ public function testDemonstrationWarningMessage() {
$web_assert
->
pageTextNotContains
(
'This installation is for demonstration purposes only.'
);
}
/**
* Tests that sample images are not accessible to the webserver.
*/
public
function
testAccessDeniedToSampleImages
()
{
$file_name
=
'chocolate-brownie-umami.jpg'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/images/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
}
/**
* Tests that sample recipes are not accessible to the webserver.
*/
public
function
testAccessDeniedToSampleRecipes
()
{
$file_name
=
'chocolate-brownie-umami.html'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/recipe_instructions/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
}
/**
* Tests that sample articles are not accessible to the webserver.
*/
public
function
testAccessDeniedToSampleArticles
()
{
$file_name
=
'lets-hear-it-for-carrots.html'
;
$file_path
=
'/'
.
drupal_get_path
(
'module'
,
'demo_umami_content'
)
.
'/default_content/article_body/'
.
$file_name
;
$this
->
assertTrue
(
file_exists
(
DRUPAL_ROOT
.
$file_path
));
$this
->
drupalGet
(
$file_path
);
$this
->
assertSession
()
->
statusCodeEquals
(
403
);
}
}
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment