3 # This file is part of Koha.
5 # Koha is free software; you can redistribute it and/or modify it
6 # under the terms of the GNU General Public License as published by
7 # the Free Software Foundation; either version 3 of the License, or
8 # (at your option) any later version.
10 # Koha is distributed in the hope that it will be useful, but
11 # WITHOUT ANY WARRANTY; without even the implied warranty of
12 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 # GNU General Public License for more details.
15 # You should have received a copy of the GNU General Public License
16 # along with Koha; if not, see <http://www.gnu.org/licenses>.
20 use Test::More tests => 8;
24 use File::Temp qw/tempfile/;
27 use C4::Auth qw( get_template_and_user );
32 use_ok('C4::Output', qw( output_html_with_http_headers output_and_exit_if_error parametrized_url ));
35 our $output_module = Test::MockModule->new('C4::Output');
37 my $query = CGI->new();
39 my $output = 'foobarbaz';
44 open STDOUT, '>', \$stdout;
45 output_html_with_http_headers $query, $cookie, $output, undef, { force_no_caching => 1 };
46 like($stdout, qr/Cache-control: no-cache, no-store, max-age=0/, 'force_no_caching sets Cache-control as desired');
47 like($stdout, qr/Expires: /, 'force_no_caching sets an Expires header');
50 open STDOUT, '>', \$stdout;
51 output_html_with_http_headers $query, $cookie, $output, undef, undef;
52 like($stdout, qr/Cache-control: no-cache[^,]/, 'not using force_no_caching sets Cache-control as desired');
53 unlike($stdout, qr/Expires: /, 'force_no_caching does not set an Expires header');
56 subtest 'parametrized_url' => sub {
59 my $url = 'https://somesite.com/search?q={TITLE}&author={AUTHOR}{SUFFIX}';
60 my $subs = { TITLE => '_title_', AUTHOR => undef, ISBN => '123456789' };
62 warning_is { $res = C4::Output::parametrized_url( $url, $subs ) }
63 q{}, 'No warning expected on undefined author';
64 is( $res, 'https://somesite.com/search?q=_title_&author=',
65 'Title replaced, author empty and SUFFIX removed' );
68 subtest 'output_with_http_headers() tests' => sub {
75 my $query = CGI->new();
77 my $output = 'foobarbaz';
79 open STDOUT, '>', \$stdout;
80 t::lib::Mocks::mock_preference('AccessControlAllowOrigin','');
81 output_html_with_http_headers $query, $cookie, $output, undef;
82 unlike($stdout, qr/Access-control-allow-origin/, 'No header set if no value on syspref');
85 open STDOUT, '>', \$stdout;
86 t::lib::Mocks::mock_preference('AccessControlAllowOrigin',undef);
87 output_html_with_http_headers $query, $cookie, $output, undef;
88 unlike($stdout, qr/Access-control-allow-origin/, 'No header set if no value on syspref');
91 open STDOUT, '>', \$stdout;
92 t::lib::Mocks::mock_preference('AccessControlAllowOrigin','*');
93 output_html_with_http_headers $query, $cookie, $output, undef;
94 like($stdout, qr/Access-control-allow-origin: \*/, 'Header set to *');
97 open STDOUT, '>', \$stdout;
98 t::lib::Mocks::mock_preference('AccessControlAllowOrigin','https://koha-community.org');
99 output_html_with_http_headers $query, $cookie, $output, undef;
100 like($stdout, qr/Access-control-allow-origin: https:\/\/koha-community\.org/, 'Header set to https://koha-community.org');
104 subtest 'output_and_exit_if_error() tests' => sub {
107 $output_module->mock(
110 my ( $query, $cookie, $template, $error ) = @_;
111 is( $error, 'wrong_csrf_token', 'Got right error message' );
115 t::lib::Mocks::mock_config( 'pluginsdir', [ C4::Context::temporary_directory ] );
116 my ( $fh, $fn ) = tempfile( SUFFIX => '.tt', UNLINK => 1, DIR => C4::Context::temporary_directory );
117 print $fh qq|[% blocking_error %]|;
120 my $query = CGI->new();
121 $query->param('csrf_token','');
122 my ( $template, $loggedinuser, $cookies ) = get_template_and_user(
124 template_name => $fn,
127 authnotrequired => 1,
130 # Next call triggers test in the mocked sub
131 output_and_exit_if_error($query, $cookie, $template, { check => 'csrf_token' });