summaryrefslogtreecommitdiffstats
path: root/tests/Core/Controller/CSRFTokenControllerTest.php
diff options
context:
space:
mode:
Diffstat (limited to 'tests/Core/Controller/CSRFTokenControllerTest.php')
-rw-r--r--tests/Core/Controller/CSRFTokenControllerTest.php13
1 files changed, 12 insertions, 1 deletions
diff --git a/tests/Core/Controller/CSRFTokenControllerTest.php b/tests/Core/Controller/CSRFTokenControllerTest.php
index 74eebf61749..a02f84832e5 100644
--- a/tests/Core/Controller/CSRFTokenControllerTest.php
+++ b/tests/Core/Controller/CSRFTokenControllerTest.php
@@ -54,7 +54,9 @@ class CSRFTokenControllerTest extends TestCase {
$this->tokenManager);
}
- public function testGetToken() {
+ public function testGetToken(): void {
+ $this->request->method('passesStrictCookieCheck')->willReturn(true);
+
$token = $this->createMock(CsrfToken::class);
$this->tokenManager->method('getToken')->willReturn($token);
$token->method('getEncryptedValue')->willReturn('toktok123');
@@ -68,4 +70,13 @@ class CSRFTokenControllerTest extends TestCase {
], $response->getData());
}
+ public function testGetTokenNoStrictSameSiteCookie(): void {
+ $this->request->method('passesStrictCookieCheck')->willReturn(false);
+
+ $response = $this->controller->index();
+
+ $this->assertInstanceOf(JSONResponse::class, $response);
+ $this->assertSame(Http::STATUS_FORBIDDEN, $response->getStatus());
+ }
+
}