From 426d20a60afbeefac2fba8e75dad97c0dcc2d42a Mon Sep 17 00:00:00 2001 From: Peter Wilson Date: Fri, 7 Oct 2022 02:49:24 +0000 Subject: [PATCH] Build/Test tools: Add tests for `wp_nonce_url()`. Props pbearne, costdev. See #55652. Fixes #54870. git-svn-id: https://develop.svn.wordpress.org/trunk@54407 602fd350-edb4-49c9-b593-d223f7449a82 --- tests/phpunit/tests/functions/wpNonceUrl.php | 145 +++++++++++++++++++ 1 file changed, 145 insertions(+) create mode 100644 tests/phpunit/tests/functions/wpNonceUrl.php diff --git a/tests/phpunit/tests/functions/wpNonceUrl.php b/tests/phpunit/tests/functions/wpNonceUrl.php new file mode 100644 index 0000000000..f98b3a3fe8 --- /dev/null +++ b/tests/phpunit/tests/functions/wpNonceUrl.php @@ -0,0 +1,145 @@ +assertStringContainsString( + $url_with_name, + $actual, + 'The URL did not contain the action URL and the nonce name' + ); + + $this->assertNotFalse( + wp_verify_nonce( $nonce, $action ), + 'The nonce is invalid' + ); + } + + /** + * Data provider for test_should_append_nonce_name_and_value(). + * + * @return array + */ + public function data_should_append_nonce_name_and_value() { + return array( + 'http:// and default action/name' => array( + 'actionurl' => 'http://example.org/', + ), + 'http:// and a custom nonce action' => array( + 'actionurl' => 'http://example.org/', + 'action' => 'my_action', + ), + 'http:// and a custom nonce name' => array( + 'actionurl' => 'http://example.org/', + 'action' => -1, + 'name' => 'my_nonce', + ), + 'http:// and a custom nonce action and name' => array( + 'actionurl' => 'http://example.org/', + 'action' => 'my_action', + 'name' => 'my_nonce', + ), + 'https:// and default action/name' => array( + 'actionurl' => 'https://example.org/', + ), + 'https:// and a custom nonce action' => array( + 'actionurl' => 'https://example.org/', + 'action' => 'my_action', + ), + 'https:// and a custom nonce name' => array( + 'actionurl' => 'https://example.org/', + 'action' => -1, + 'name' => 'my_nonce', + ), + 'https:// and a custom nonce action and name' => array( + 'actionurl' => 'https://example.org/', + 'action' => 'my_action', + 'name' => 'my_nonce', + ), + '/ and default nonce action/name' => array( + 'actionurl' => '/', + ), + '/ and a custom nonce action' => array( + 'actionurl' => '/', + 'action' => 'my_action', + ), + '/ and a custom nonce name' => array( + 'actionurl' => '/', + 'action' => -1, + 'name' => 'my_nonce', + ), + '/ and a custom nonce action and name' => array( + 'actionurl' => '/', + 'action' => 'my_action', + 'name' => 'my_nonce', + ), + ); + } + + /** + * Tests that wp_nonce_url() handles existing query args. + * + * @ticket 54870 + * + * @dataProvider data_should_handle_existing_query_args + * + * @param string $actionurl URL to add nonce action. + * @param string $expected The expected result. + */ + public function test_should_handle_existing_query_args( $actionurl, $expected ) { + $actual = wp_nonce_url( $actionurl ); + + $this->assertStringStartsWith( + $expected, + $actual, + 'The nonced URL did not start with the expected value.' + ); + + $this->assertSame( + strlen( $expected ) + 10, + strlen( $actual ), + 'The nonced URL was not the expected length.' + ); + } + + /** + * Data provider for test_should_handle_existing_query_args(). + * + * @return array + */ + public function data_should_handle_existing_query_args() { + return array( + 'one query arg' => array( + 'actionurl' => 'http://example.org/?hello=world', + 'expected' => 'http://example.org/?hello=world&_wpnonce=', + ), + 'two query args' => array( + 'actionurl' => 'http://example.org/?hello=world&howdy=admin', + 'expected' => 'http://example.org/?hello=world&howdy=admin&_wpnonce=', + ), + 'two query args and &' => array( + 'actionurl' => 'http://example.org/?hello=world&howdy=admin', + 'expected' => 'http://example.org/?hello=world&howdy=admin&_wpnonce=', + ), + ); + } +}