fix gitlab tests
This commit is contained in:
@@ -19,11 +19,11 @@ class ApiSearchIndexAndAutocompleteContractTest extends FullSurfaceE2EContractCa
|
||||
|
||||
$uri = $route->uri();
|
||||
foreach ($terms as $term) {
|
||||
$response = $this->requestAs($this->actorFor($uri), 'GET', $uri.'?q='.urlencode($term).'&term='.urlencode($term).'&search='.urlencode($term));
|
||||
$response = $this->requestAs($this->actorFor($uri), 'GET', $uri . '?q=' . urlencode($term) . '&term=' . urlencode($term) . '&search=' . urlencode($term));
|
||||
$this->assertNoServerError($response, "GET $uri search term $term");
|
||||
$this->assertControlled($response, 'GET', $uri);
|
||||
$this->assertStringNotContainsStringIgnoringCase('SQLSTATE', $response->getContent(), $uri.' should not leak SQLSTATE from search.');
|
||||
$this->assertStringNotContainsString('<script>alert(1)</script>', $response->getContent(), $uri.' should not reflect raw script search terms.');
|
||||
$this->assertStringNotContainsStringIgnoringCase('SQLSTATE', $response->getContent(), $uri . ' should not leak SQLSTATE from search.');
|
||||
$this->assertStringNotContainsString('<script>alert(1)</script>', $response->getContent(), $uri . ' should not reflect raw script search terms.');
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -41,7 +41,7 @@ class ApiSearchIndexAndAutocompleteContractTest extends FullSurfaceE2EContractCa
|
||||
$query = '?q=*&scope=all&include=users,parents,students,finance,medical';
|
||||
|
||||
foreach (['parent' => $this->parent, 'teacher' => $this->teacher, 'student' => $this->studentUser] as $label => $actor) {
|
||||
$response = $this->requestAs($actor, 'GET', $uri.$query);
|
||||
$response = $this->requestAs($actor, 'GET', $uri . $query);
|
||||
$this->assertNoServerError($response, "$label GET $uri broad search");
|
||||
$this->assertStatusIn($response, [200, 204, 302, 400, 401, 403, 404, 409, 419, 422], "$label GET $uri broad search");
|
||||
$this->assertStringNotContainsStringIgnoringCase('remember_token', $response->getContent(), "$uri broad search must not leak auth internals.");
|
||||
|
||||
Reference in New Issue
Block a user