Loading core/lib/Drupal/Core/EventSubscriber/CsrfExceptionSubscriber.php +1 −1 Original line number Diff line number Diff line Loading @@ -33,7 +33,7 @@ public function on403(ExceptionEvent $event): void { $request = $event->getRequest(); $routeMatch = RouteMatch::createFromRequest($request); $route = $routeMatch->getRouteObject(); if (!$route->hasRequirement('_csrf_token') || empty($route->getOption('_csrf_confirm_form_route'))) { if (is_null($route) || !$route->hasRequirement('_csrf_token') || empty($route->getOption('_csrf_confirm_form_route'))) { return; } $event->setResponse(new RedirectResponse(Url::fromRoute($route->getOption('_csrf_confirm_form_route'))->toString())); Loading core/tests/Drupal/Tests/Core/EventSubscriber/CsrfExceptionSubscriberTest.php 0 → 100644 +40 −0 Original line number Diff line number Diff line <?php declare(strict_types=1); namespace Drupal\Tests\Core\EventSubscriber; use Drupal\Core\EventSubscriber\CsrfExceptionSubscriber; use Drupal\Tests\UnitTestCase; use PHPUnit\Framework\Attributes\CoversClass; use PHPUnit\Framework\Attributes\Group; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpKernel\Event\ExceptionEvent; use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; use Symfony\Component\HttpKernel\HttpKernelInterface; /** * Tests Drupal\Core\EventSubscriber\CsrfExceptionSubscriber. */ #[CoversClass(CsrfExceptionSubscriber::class)] #[Group('EventSubscriber')] class CsrfExceptionSubscriberTest extends UnitTestCase { /** * Tests on403() with no matched route. */ public function testOn403WithNullRouteDoesNothing(): void { $subscriber = new CsrfExceptionSubscriber(); $request = new Request(); $kernel = $this->createStub(HttpKernelInterface::class); $exception = new AccessDeniedHttpException(); $event = new ExceptionEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST, $exception); $subscriber->on403($event); $this->assertNull($event->getResponse()); } } Loading
core/lib/Drupal/Core/EventSubscriber/CsrfExceptionSubscriber.php +1 −1 Original line number Diff line number Diff line Loading @@ -33,7 +33,7 @@ public function on403(ExceptionEvent $event): void { $request = $event->getRequest(); $routeMatch = RouteMatch::createFromRequest($request); $route = $routeMatch->getRouteObject(); if (!$route->hasRequirement('_csrf_token') || empty($route->getOption('_csrf_confirm_form_route'))) { if (is_null($route) || !$route->hasRequirement('_csrf_token') || empty($route->getOption('_csrf_confirm_form_route'))) { return; } $event->setResponse(new RedirectResponse(Url::fromRoute($route->getOption('_csrf_confirm_form_route'))->toString())); Loading
core/tests/Drupal/Tests/Core/EventSubscriber/CsrfExceptionSubscriberTest.php 0 → 100644 +40 −0 Original line number Diff line number Diff line <?php declare(strict_types=1); namespace Drupal\Tests\Core\EventSubscriber; use Drupal\Core\EventSubscriber\CsrfExceptionSubscriber; use Drupal\Tests\UnitTestCase; use PHPUnit\Framework\Attributes\CoversClass; use PHPUnit\Framework\Attributes\Group; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpKernel\Event\ExceptionEvent; use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; use Symfony\Component\HttpKernel\HttpKernelInterface; /** * Tests Drupal\Core\EventSubscriber\CsrfExceptionSubscriber. */ #[CoversClass(CsrfExceptionSubscriber::class)] #[Group('EventSubscriber')] class CsrfExceptionSubscriberTest extends UnitTestCase { /** * Tests on403() with no matched route. */ public function testOn403WithNullRouteDoesNothing(): void { $subscriber = new CsrfExceptionSubscriber(); $request = new Request(); $kernel = $this->createStub(HttpKernelInterface::class); $exception = new AccessDeniedHttpException(); $event = new ExceptionEvent($kernel, $request, HttpKernelInterface::MAIN_REQUEST, $exception); $subscriber->on403($event); $this->assertNull($event->getResponse()); } }
