MediaWiki  1.23.15
ApiMainTest.php
Go to the documentation of this file.
1 <?php
2 
10 class ApiMainTest extends ApiTestCase {
11 
18  public function testApi() {
19  $api = new ApiMain(
20  new FauxRequest( array( 'action' => 'help', 'format' => 'xml' ) )
21  );
22  $api->execute();
23  $api->getPrinter()->setBufferResult( true );
24  $api->printResult( false );
25  $resp = $api->getPrinter()->getBuffer();
26 
27  libxml_use_internal_errors( true );
28  $sxe = simplexml_load_string( $resp );
29  $this->assertNotInternalType( "bool", $sxe );
30  $this->assertThat( $sxe, $this->isInstanceOf( "SimpleXMLElement" ) );
31  }
32 
36  public function testLacksSameOriginSecurity() {
37  // Basic test
38  $main = new ApiMain( new FauxRequest( array( 'action' => 'query', 'meta' => 'siteinfo' ) ) );
39  $this->assertFalse( $main->lacksSameOriginSecurity(), 'Basic test, should have security' );
40 
41  // JSONp
42  $main = new ApiMain(
43  new FauxRequest( array( 'action' => 'query', 'format' => 'xml', 'callback' => 'foo' ) )
44  );
45  $this->assertTrue( $main->lacksSameOriginSecurity(), 'JSONp, should lack security' );
46 
47  // Header
48  $request = new FauxRequest( array( 'action' => 'query', 'meta' => 'siteinfo' ) );
49  $request->setHeader( 'TrEaT-As-UnTrUsTeD', '' ); // With falsey value!
50  $main = new ApiMain( $request );
51  $this->assertTrue( $main->lacksSameOriginSecurity(), 'Header supplied, should lack security' );
52 
53  // Hook
54  $this->mergeMwGlobalArrayValue( 'wgHooks', array(
55  'RequestHasSameOriginSecurity' => array( function () { return false; } )
56  ) );
57  $main = new ApiMain( new FauxRequest( array( 'action' => 'query', 'meta' => 'siteinfo' ) ) );
58  $this->assertTrue( $main->lacksSameOriginSecurity(), 'Hook, should lack security' );
59  }
60 }
ApiMain
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:41
FauxRequest
WebRequest clone which takes values from a provided array.
Definition: WebRequest.php:1275
$request
do that in ParserLimitReportFormat instead use this to modify the parameters of the image and a DIV can begin in one section and end in another Make sure your code can handle that case gracefully See the EditSectionClearerLink extension for an example zero but section is usually empty its values are the globals values my talk my contributions etc etc otherwise the built in rate limiting checks are if enabled also a ContextSource error or success you ll probably need to make sure the header is varied on WebRequest $request
Definition: hooks.txt:1961
php
skin txt MediaWiki includes four core it has been set as the default in MediaWiki since the replacing Monobook it had been been the default skin since before being replaced by Vector largely rewritten in while keeping its appearance Several legacy skins were removed in the as the burden of supporting them became too heavy to bear Those in etc for skin dependent CSS etc for skin dependent JavaScript These can also be customised on a per user by etc This feature has led to a wide variety of user styles becoming that gallery is a good place to ending in php
Definition: skin.txt:62
MediaWikiTestCase\mergeMwGlobalArrayValue
mergeMwGlobalArrayValue( $name, $values)
Merges the given values into a MW global array variable.
Definition: MediaWikiTestCase.php:369
ApiMainTest\testApi
testApi()
Test that the API will accept a FauxRequest and execute.
Definition: ApiMainTest.php:18
ApiMainTest\testLacksSameOriginSecurity
testLacksSameOriginSecurity()
@covers ApiMain::lacksSameOriginSecurity
Definition: ApiMainTest.php:36
array
the array() calling protocol came about after MediaWiki 1.4rc1.
List of Api Query prop modules.
ApiMainTest
@group API @group Database @group medium
Definition: ApiMainTest.php:10
ApiTestCase
Definition: ApiTestCase.php:3