aboutsummaryrefslogtreecommitdiffstats
path: root/apps/settings/tests/SetupChecks
diff options
context:
space:
mode:
Diffstat (limited to 'apps/settings/tests/SetupChecks')
-rw-r--r--apps/settings/tests/SetupChecks/DataDirectoryProtectedTest.php4
-rw-r--r--apps/settings/tests/SetupChecks/ForwardedForHeadersTest.php4
-rw-r--r--apps/settings/tests/SetupChecks/LoggingLevelTest.php2
-rw-r--r--apps/settings/tests/SetupChecks/SecurityHeadersTest.php15
-rw-r--r--apps/settings/tests/SetupChecks/WellKnownUrlsTest.php2
5 files changed, 7 insertions, 20 deletions
diff --git a/apps/settings/tests/SetupChecks/DataDirectoryProtectedTest.php b/apps/settings/tests/SetupChecks/DataDirectoryProtectedTest.php
index a48c6296aff..c20c78c6e16 100644
--- a/apps/settings/tests/SetupChecks/DataDirectoryProtectedTest.php
+++ b/apps/settings/tests/SetupChecks/DataDirectoryProtectedTest.php
@@ -54,9 +54,7 @@ class DataDirectoryProtectedTest extends TestCase {
->getMock();
}
- /**
- * @dataProvider dataTestStatusCode
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataTestStatusCode')]
public function testStatusCode(array $status, string $expected, bool $hasBody): void {
$responses = array_map(function ($state) use ($hasBody) {
$response = $this->createMock(IResponse::class);
diff --git a/apps/settings/tests/SetupChecks/ForwardedForHeadersTest.php b/apps/settings/tests/SetupChecks/ForwardedForHeadersTest.php
index b57eb852d80..9b4878b45cc 100644
--- a/apps/settings/tests/SetupChecks/ForwardedForHeadersTest.php
+++ b/apps/settings/tests/SetupChecks/ForwardedForHeadersTest.php
@@ -43,9 +43,7 @@ class ForwardedForHeadersTest extends TestCase {
);
}
- /**
- * @dataProvider dataForwardedForHeadersWorking
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataForwardedForHeadersWorking')]
public function testForwardedForHeadersWorking(array $trustedProxies, string $remoteAddrNotForwarded, string $remoteAddr, string $result): void {
$this->config->expects($this->once())
->method('getSystemValue')
diff --git a/apps/settings/tests/SetupChecks/LoggingLevelTest.php b/apps/settings/tests/SetupChecks/LoggingLevelTest.php
index 9d588a4e486..67224e11e3a 100644
--- a/apps/settings/tests/SetupChecks/LoggingLevelTest.php
+++ b/apps/settings/tests/SetupChecks/LoggingLevelTest.php
@@ -59,7 +59,7 @@ class LoggingLevelTest extends TestCase {
];
}
- /** @dataProvider dataRun */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataRun')]
public function testRun(string|int $value, string $expected): void {
$this->urlGenerator->method('linkToDocs')->willReturn('admin-logging');
diff --git a/apps/settings/tests/SetupChecks/SecurityHeadersTest.php b/apps/settings/tests/SetupChecks/SecurityHeadersTest.php
index e7d87775485..1f75907d427 100644
--- a/apps/settings/tests/SetupChecks/SecurityHeadersTest.php
+++ b/apps/settings/tests/SetupChecks/SecurityHeadersTest.php
@@ -84,7 +84,7 @@ class SecurityHeadersTest extends TestCase {
$result = $this->setupcheck->run();
$this->assertEquals(
- "Some headers are not set correctly on your instance\n- The `X-Content-Type-Options` HTTP header is not set to `nosniff`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.\n- The `X-XSS-Protection` HTTP header does not contain `1; mode=block`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.\n",
+ "Some headers are not set correctly on your instance\n- The `X-Content-Type-Options` HTTP header is not set to `nosniff`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.\n",
$result->getDescription()
);
$this->assertEquals(SetupResult::WARNING, $result->getSeverity());
@@ -94,7 +94,6 @@ class SecurityHeadersTest extends TestCase {
return [
// description => modifiedHeaders
'basic' => [[]],
- 'extra-xss-protection' => [['X-XSS-Protection' => '1; mode=block; report=https://example.com']],
'no-space-in-x-robots' => [['X-Robots-Tag' => 'noindex,nofollow']],
'strict-origin-when-cross-origin' => [['Referrer-Policy' => 'strict-origin-when-cross-origin']],
'referrer-no-referrer-when-downgrade' => [['Referrer-Policy' => 'no-referrer-when-downgrade']],
@@ -107,13 +106,10 @@ class SecurityHeadersTest extends TestCase {
];
}
- /**
- * @dataProvider dataSuccess
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataSuccess')]
public function testSuccess(array $headers): void {
$headers = array_merge(
[
- 'X-XSS-Protection' => '1; mode=block',
'X-Content-Type-Options' => 'nosniff',
'X-Robots-Tag' => 'noindex, nofollow',
'X-Frame-Options' => 'SAMEORIGIN',
@@ -140,8 +136,6 @@ class SecurityHeadersTest extends TestCase {
return [
// description => modifiedHeaders
'x-robots-none' => [['X-Robots-Tag' => 'none'], "- The `X-Robots-Tag` HTTP header is not set to `noindex,nofollow`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.\n"],
- 'xss-protection-1' => [['X-XSS-Protection' => '1'], "- The `X-XSS-Protection` HTTP header does not contain `1; mode=block`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.\n"],
- 'xss-protection-0' => [['X-XSS-Protection' => '0'], "- The `X-XSS-Protection` HTTP header does not contain `1; mode=block`. This is a potential security or privacy risk, as it is recommended to adjust this setting accordingly.\n"],
'referrer-origin' => [['Referrer-Policy' => 'origin'], "- The `Referrer-Policy` HTTP header is not set to `no-referrer`, `no-referrer-when-downgrade`, `strict-origin`, `strict-origin-when-cross-origin` or `same-origin`. This can leak referer information. See the {w3c-recommendation}.\n"],
'referrer-origin-when-cross-origin' => [['Referrer-Policy' => 'origin-when-cross-origin'], "- The `Referrer-Policy` HTTP header is not set to `no-referrer`, `no-referrer-when-downgrade`, `strict-origin`, `strict-origin-when-cross-origin` or `same-origin`. This can leak referer information. See the {w3c-recommendation}.\n"],
'referrer-unsafe-url' => [['Referrer-Policy' => 'unsafe-url'], "- The `Referrer-Policy` HTTP header is not set to `no-referrer`, `no-referrer-when-downgrade`, `strict-origin`, `strict-origin-when-cross-origin` or `same-origin`. This can leak referer information. See the {w3c-recommendation}.\n"],
@@ -151,13 +145,10 @@ class SecurityHeadersTest extends TestCase {
];
}
- /**
- * @dataProvider dataFailure
- */
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataFailure')]
public function testFailure(array $headers, string $msg): void {
$headers = array_merge(
[
- 'X-XSS-Protection' => '1; mode=block',
'X-Content-Type-Options' => 'nosniff',
'X-Robots-Tag' => 'noindex, nofollow',
'X-Frame-Options' => 'SAMEORIGIN',
diff --git a/apps/settings/tests/SetupChecks/WellKnownUrlsTest.php b/apps/settings/tests/SetupChecks/WellKnownUrlsTest.php
index 14473a540ba..d55835d66fc 100644
--- a/apps/settings/tests/SetupChecks/WellKnownUrlsTest.php
+++ b/apps/settings/tests/SetupChecks/WellKnownUrlsTest.php
@@ -96,8 +96,8 @@ class WellKnownUrlsTest extends TestCase {
/**
* Test responses
- * @dataProvider dataTestResponses
*/
+ #[\PHPUnit\Framework\Attributes\DataProvider('dataTestResponses')]
public function testResponses($responses, string $expectedSeverity): void {
$this->config
->expects($this->once())
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-22 08:53:34 +0000