功能测试失败,csrf_protection = true
在用户注册的功能测试中:当csrf_protection: true注册失败时,即使注册在dev中成功。测试成功时,csrf_protection: false。(应用程序使用PUGXMultiUserBundle)。我尝试过清除测试缓存等,将$this->client->getResponse()->getContent()转储到文件中,显示所有字段的注册表单,但密码已完成。通过调试测试,可以看到提交的_token字段,但在进入Client.php行public function request($method, $uri, array $parameters = array(), array $files = array(), array $server = array(), $content = null, $changeHistory = true)之前,该字段似乎已从Client.php中删除。
现在,我已经在csrf_protection: false中设置了config_test.yml --这不是最好的解决方案!
RegistrationFunctionalTest
namespace Truckee\UserBundle\Tests\Controller;
use Liip\FunctionalTestBundle\Test\WebTestCase;
class RegistrationFunctionalTest extends WebTestCase
{
private $volunteerValues;
private $client;
public function setup()
{
$classes = array(
'Truckee\MatchingBundle\DataFixtures\SampleData\LoadFocusSkillData',
'Truckee\MatchingBundle\DataFixtures\SampleData\LoadTemplateData',
);
$this->loadFixtures($classes);
$this->client = static::createClient();
$this->volunteerValues = array(
'fos_user_registration_form' => array(
'email' => 'hvolunteer@bogus.info',
'username' => 'hvolunteer',
'firstName' => 'Harry',
'lastName' => 'Volunteer',
'plainPassword' => array(
'first' => '123Abcd',
'second' => '123Abcd',
),
'focuses' => array('1'),
'skills' => array('14'),
)
);
}
public function submitVolunteerForm()
{
$crawler = $this->client->request('GET', '/register/volunteer');
$form = $crawler->selectButton('Save')->form();
$this->client->request($form->getMethod(), $form->getUri(), $this->volunteerValues);
}
public function testRegisterVolunteer()
{
$this->submitVolunteerForm();
$this->client->enableProfiler();
if ($profile = $this->client->getProfile()) {
$mailCollector = $this->client->getProfile()->getCollector('swiftmailer');
$this->assertEquals(1, $mailCollector->getMessageCount());
}
$crawler = $this->client->followRedirect();
$this->assertTrue($crawler->filter('html:contains("An email has been sent")')->count() > 0);
}
...
}显示_token的注册表格(片段)
<div class="row">
<div class="col-md-5">
{%if form._token is defined %}{{ form_widget(form._token) }}{% endif %}
{{ form_row(form.firstName) }}
{{ form_row(form.lastName) }}
</div>
</div>回答 1
Stack Overflow用户
发布于 2014-11-21 20:01:51
经过多次实验,我发现了自己的解决方案:将'intention' => 'registration',添加到用户表单类中!哈!
编辑:以上不是解决办法!
基本问题是使用数组方法(提交表单的$this->client->request($form->getMethod(), $form->getUri(), $this->volunteerValues);)。这样做不包括csrf令牌!相反,我这样做是为了允许使用表单的令牌字段:
public function submitVolunteerForm()
{
$crawler = $this->client->request('GET', '/register/volunteer');
$form = $crawler->selectButton('Save')->form();
$form['fos_user_registration_form[email]'] = 'hvolunteer@bogus.info';
$form['fos_user_registration_form[username]'] = 'hvolunteer';
$form['fos_user_registration_form[firstName]'] = 'Harry';
$form['fos_user_registration_form[lastName]'] = 'Volunteer';
$form['fos_user_registration_form[plainPassword][first]'] = '123Abcd';
$form['fos_user_registration_form[plainPassword][second]'] = '123Abcd';
$form['fos_user_registration_form[focuses]'] = [1];
$form['fos_user_registration_form[skills]'] = [14];
$crawler = $this->client->submit($form);
}https://stackoverflow.com/questions/27048618
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号