CodeExplorer
You are a developer and looking for Shopware projects?
Apply Now!
sessionReset example
$session_handler = $this->container->get('session_handler.write_safe');
$this->assertTrue($session_handler->isSessionWritable(), 'session_handler->isSessionWritable() initially returns TRUE.');
$session_handler->setSessionWritable(FALSE);
$this->assertFalse($session_handler->isSessionWritable(), '$session_handler->isSessionWritable() returns FALSE after disabling.');
$session_handler->setSessionWritable(TRUE);
$this->assertTrue($session_handler->isSessionWritable(), '$session_handler->isSessionWritable() returns TRUE after enabling.');
// Test session hardening code from SA-2008-044. $user = $this->drupalCreateUser();
// Enable sessions. $this->sessionReset();
// Make sure the session cookie is set as HttpOnly. We can only test this in // the header, with the test setup // \GuzzleHttp\Cookie\SetCookie::getHttpOnly() always returns FALSE. // Start a new session by setting a message. $this->drupalGet('session-test/set-message');
$this->assertSessionCookie(TRUE);
// Verify that the session cookie is set as HttpOnly. $this->assertSession()->responseHeaderMatches('Set-Cookie', '/HttpOnly/i');
// Verify that the session is regenerated if a module calls exit
$this->assertTrue($session_handler->isSessionWritable(), 'session_handler->isSessionWritable() initially returns TRUE.');
$session_handler->setSessionWritable(FALSE);
$this->assertFalse($session_handler->isSessionWritable(), '$session_handler->isSessionWritable() returns FALSE after disabling.');
$session_handler->setSessionWritable(TRUE);
$this->assertTrue($session_handler->isSessionWritable(), '$session_handler->isSessionWritable() returns TRUE after enabling.');
// Test session hardening code from SA-2008-044. $user = $this->drupalCreateUser();
// Enable sessions. $this->sessionReset();
// Make sure the session cookie is set as HttpOnly. We can only test this in // the header, with the test setup // \GuzzleHttp\Cookie\SetCookie::getHttpOnly() always returns FALSE. // Start a new session by setting a message. $this->drupalGet('session-test/set-message');
$this->assertSessionCookie(TRUE);
// Verify that the session cookie is set as HttpOnly. $this->assertSession()->responseHeaderMatches('Set-Cookie', '/HttpOnly/i');
// Verify that the session is regenerated if a module calls exit