Loading includes/common.inc +1 −0 Original line number Diff line number Diff line Loading @@ -2696,6 +2696,7 @@ function drupal_deliver_html_page($page_callback_result) { if ($frame_options && is_null(drupal_get_http_header('X-Frame-Options'))) { drupal_add_http_header('X-Frame-Options', $frame_options); } drupal_add_http_header('X-Content-Type-Options', 'nosniff'); if (variable_get('block_interest_cohort', TRUE)) { $permissions_policy = drupal_get_http_header('Permissions-Policy'); Loading modules/simpletest/tests/bootstrap.test +22 −0 Original line number Diff line number Diff line Loading @@ -187,6 +187,7 @@ class BootstrapPageCacheTestCase extends DrupalWebTestCase { $this->assertEqual($this->drupalGetHeader('Cache-Control'), 'public, max-age=0', 'Cache-Control header was sent.'); $this->assertEqual($this->drupalGetHeader('Expires'), 'Sun, 19 Nov 1978 05:00:00 GMT', 'Expires header was sent.'); $this->assertEqual($this->drupalGetHeader('Foo'), 'bar', 'Custom header was sent.'); $this->assertEqual($this->drupalGetHeader('X-Content-Type-Options'), 'nosniff', 'X-Content-Type-Options header was sent.'); // Check replacing default headers. $this->drupalGet('system-test/set-header', array('query' => array('name' => 'Expires', 'value' => 'Fri, 19 Nov 2008 05:00:00 GMT'))); Loading Loading @@ -251,6 +252,27 @@ class BootstrapPageCacheTestCase extends DrupalWebTestCase { $this->drupalGet(''); $this->assertRaw('</html>', 'Page was delivered after compression mode is changed (compression support disabled).'); } /** * Test page cache headers. */ function testPageCacheHeaders() { variable_set('cache', 1); // First request should store a response in the page cache. $this->drupalGet('system-test/page-cache-headers'); // The test callback should remove the query string leaving the same path // as the previous request, which we'll try to retrieve from cache_page. $this->drupalGet('system-test/page-cache-headers', array('query' => array('return_headers' => 'TRUE'))); $headers = json_decode($this->drupalGetHeader('Page-Cache-Headers'), TRUE); if (is_null($headers)) { $this->fail('No headers were retrieved from the page cache.'); } else { $this->assertEqual($headers['X-Content-Type-Options'], 'nosniff', 'X-Content-Type-Options header retrieved from response in the page cache.'); } } } class BootstrapVariableTestCase extends DrupalWebTestCase { Loading modules/simpletest/tests/system_test.module +28 −0 Original line number Diff line number Diff line Loading @@ -148,6 +148,12 @@ function system_test_menu() { 'type' => MENU_CALLBACK, ); $items['system-test/page-cache-headers'] = array( 'page callback' => 'system_test_page_cache_headers', 'access arguments' => array('access content'), 'type' => MENU_CALLBACK, ); return $items; } Loading Loading @@ -230,6 +236,28 @@ function system_test_redirect_invalid_scheme() { exit; } /** * Menu callback to test headers stored in the page cache. */ function system_test_page_cache_headers() { if (!isset($_GET['return_headers'])) { return t('Content to store in the page cache if it is enabled.'); } global $base_root; // Remove the test query param but try to preserve any remaining query string. $url = parse_url($base_root . request_uri()); $query_parts = explode('&', $url['query']); $query_string = implode('&', array_diff($query_parts, array('return_headers=TRUE'))); $request_uri = $url['path'] . '?' . $query_string; $cache = cache_get($base_root . $request_uri, 'cache_page'); // If there are any headers stored in the cache, output them. if (isset($cache->data['headers'])) { drupal_add_http_header('Page-Cache-Headers', json_encode($cache->data['headers'])); return 'Headers from cache_page returned in the Page-Cache-Headers http response header.'; } return 'No headers retrieved from cache_page.'; } /** * Implements hook_modules_installed(). */ Loading Loading
includes/common.inc +1 −0 Original line number Diff line number Diff line Loading @@ -2696,6 +2696,7 @@ function drupal_deliver_html_page($page_callback_result) { if ($frame_options && is_null(drupal_get_http_header('X-Frame-Options'))) { drupal_add_http_header('X-Frame-Options', $frame_options); } drupal_add_http_header('X-Content-Type-Options', 'nosniff'); if (variable_get('block_interest_cohort', TRUE)) { $permissions_policy = drupal_get_http_header('Permissions-Policy'); Loading
modules/simpletest/tests/bootstrap.test +22 −0 Original line number Diff line number Diff line Loading @@ -187,6 +187,7 @@ class BootstrapPageCacheTestCase extends DrupalWebTestCase { $this->assertEqual($this->drupalGetHeader('Cache-Control'), 'public, max-age=0', 'Cache-Control header was sent.'); $this->assertEqual($this->drupalGetHeader('Expires'), 'Sun, 19 Nov 1978 05:00:00 GMT', 'Expires header was sent.'); $this->assertEqual($this->drupalGetHeader('Foo'), 'bar', 'Custom header was sent.'); $this->assertEqual($this->drupalGetHeader('X-Content-Type-Options'), 'nosniff', 'X-Content-Type-Options header was sent.'); // Check replacing default headers. $this->drupalGet('system-test/set-header', array('query' => array('name' => 'Expires', 'value' => 'Fri, 19 Nov 2008 05:00:00 GMT'))); Loading Loading @@ -251,6 +252,27 @@ class BootstrapPageCacheTestCase extends DrupalWebTestCase { $this->drupalGet(''); $this->assertRaw('</html>', 'Page was delivered after compression mode is changed (compression support disabled).'); } /** * Test page cache headers. */ function testPageCacheHeaders() { variable_set('cache', 1); // First request should store a response in the page cache. $this->drupalGet('system-test/page-cache-headers'); // The test callback should remove the query string leaving the same path // as the previous request, which we'll try to retrieve from cache_page. $this->drupalGet('system-test/page-cache-headers', array('query' => array('return_headers' => 'TRUE'))); $headers = json_decode($this->drupalGetHeader('Page-Cache-Headers'), TRUE); if (is_null($headers)) { $this->fail('No headers were retrieved from the page cache.'); } else { $this->assertEqual($headers['X-Content-Type-Options'], 'nosniff', 'X-Content-Type-Options header retrieved from response in the page cache.'); } } } class BootstrapVariableTestCase extends DrupalWebTestCase { Loading
modules/simpletest/tests/system_test.module +28 −0 Original line number Diff line number Diff line Loading @@ -148,6 +148,12 @@ function system_test_menu() { 'type' => MENU_CALLBACK, ); $items['system-test/page-cache-headers'] = array( 'page callback' => 'system_test_page_cache_headers', 'access arguments' => array('access content'), 'type' => MENU_CALLBACK, ); return $items; } Loading Loading @@ -230,6 +236,28 @@ function system_test_redirect_invalid_scheme() { exit; } /** * Menu callback to test headers stored in the page cache. */ function system_test_page_cache_headers() { if (!isset($_GET['return_headers'])) { return t('Content to store in the page cache if it is enabled.'); } global $base_root; // Remove the test query param but try to preserve any remaining query string. $url = parse_url($base_root . request_uri()); $query_parts = explode('&', $url['query']); $query_string = implode('&', array_diff($query_parts, array('return_headers=TRUE'))); $request_uri = $url['path'] . '?' . $query_string; $cache = cache_get($base_root . $request_uri, 'cache_page'); // If there are any headers stored in the cache, output them. if (isset($cache->data['headers'])) { drupal_add_http_header('Page-Cache-Headers', json_encode($cache->data['headers'])); return 'Headers from cache_page returned in the Page-Cache-Headers http response header.'; } return 'No headers retrieved from cache_page.'; } /** * Implements hook_modules_installed(). */ Loading
