Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in
Toggle navigation
Menu
Open sidebar
project
drupal
Commits
a9c2c2dc
Commit
a9c2c2dc
authored
Feb 28, 2015
by
alexpott
Browse files
Issue
#2431283
by willzyx, David_Rothstein: Cron CSRF vulnerability
parent
8d4e4121
Changes
3
Hide whitespace changes
Inline
Side-by-side
core/modules/locale/src/Tests/LocaleUpdateCronTest.php
View file @
a9c2c2dc
...
...
@@ -102,7 +102,7 @@ public function testUpdateCron() {
sleep
(
1
);
// Test: Execute cron and check if tasks are executed correctly.
// Run cron to process the tasks in the queue.
$this
->
drupalGet
(
'admin/reports/status/run-cron'
);
$this
->
cronRun
(
);
drupal_static_reset
(
'locale_translation_get_file_history'
);
$history
=
locale_translation_get_file_history
();
...
...
core/modules/system/src/Tests/System/CronRunTest.php
View file @
a9c2c2dc
...
...
@@ -106,4 +106,20 @@ function testCronUI() {
// the time will start at 1 January 1970.
$this
->
assertNoText
(
'years'
);
}
/**
* Ensure that the manual cron run is working.
*/
public
function
testManualCron
()
{
$admin_user
=
$this
->
drupalCreateUser
(
array
(
'administer site configuration'
));
$this
->
drupalLogin
(
$admin_user
);
$this
->
drupalGet
(
'admin/reports/status/run-cron'
);
$this
->
assertResponse
(
403
);
$this
->
drupalGet
(
'admin/reports/status'
);
$this
->
clickLink
(
t
(
'run cron manually'
));
$this
->
assertResponse
(
200
);
$this
->
assertText
(
t
(
'Cron ran successfully.'
));
}
}
core/modules/system/system.routing.yml
View file @
a9c2c2dc
...
...
@@ -219,6 +219,7 @@ system.run_cron:
_controller
:
'
\Drupal\system\CronController::runManually'
requirements
:
_permission
:
'
administer
site
configuration'
_csrf_token
:
'
TRUE'
entity.date_format.collection
:
path
:
'
/admin/config/regional/date-time'
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment