diff options
Diffstat (limited to 'build/integration/features/webdav-related.feature')
| -rw-r--r-- | build/integration/features/webdav-related.feature | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/build/integration/features/webdav-related.feature b/build/integration/features/webdav-related.feature index c424f77afd5..0d2cefa8b80 100644 --- a/build/integration/features/webdav-related.feature +++ b/build/integration/features/webdav-related.feature @@ -62,9 +62,46 @@ Feature: sharing |X-XSS-Protection|1; mode=block| And Downloaded content should start with "Welcome to your ownCloud account!" + Scenario: Doing a GET with a web login should work without CSRF token on the nwe backend + Given Logging in using web as "admin" + When Sending a "GET" to "/remote.php/dav/files/admin/welcome.txt" without requesttoken + Then Downloaded content should start with "Welcome to your ownCloud account!" + Then the HTTP status code should be "200" + Scenario: Doing a GET with a web login should work with CSRF token on the new backend + Given Logging in using web as "admin" + When Sending a "GET" to "/remote.php/dav/files/admin/welcome.txt" with requesttoken + Then Downloaded content should start with "Welcome to your ownCloud account!" + Then the HTTP status code should be "200" + Scenario: Doing a PROPFIND with a web login should not work without CSRF token on the new backend + Given Logging in using web as "admin" + When Sending a "PROPFIND" to "/remote.php/dav/files/admin/welcome.txt" without requesttoken + Then the HTTP status code should be "401" + Scenario: Doing a PROPFIND with a web login should work with CSRF token on the new backend + Given Logging in using web as "admin" + When Sending a "PROPFIND" to "/remote.php/dav/files/admin/welcome.txt" with requesttoken + Then the HTTP status code should be "207" + Scenario: Doing a GET with a web login should work without CSRF token on the old backend + Given Logging in using web as "admin" + When Sending a "GET" to "/remote.php/webdav/welcome.txt" without requesttoken + Then Downloaded content should start with "Welcome to your ownCloud account!" + Then the HTTP status code should be "200" + Scenario: Doing a GET with a web login should work with CSRF token on the old backend + Given Logging in using web as "admin" + When Sending a "GET" to "/remote.php/webdav/welcome.txt" with requesttoken + Then Downloaded content should start with "Welcome to your ownCloud account!" + Then the HTTP status code should be "200" + Scenario: Doing a PROPFIND with a web login should not work without CSRF token on the old backend + Given Logging in using web as "admin" + When Sending a "PROPFIND" to "/remote.php/webdav/welcome.txt" without requesttoken + Then the HTTP status code should be "401" + + Scenario: Doing a PROPFIND with a web login should work with CSRF token on the old backend + Given Logging in using web as "admin" + When Sending a "PROPFIND" to "/remote.php/webdav/welcome.txt" with requesttoken + Then the HTTP status code should be "207" |