public function startup(Event $event)
{
$controller = $event->subject();
$request = $controller->request;
$response = $controller->response;
$cookieName = $this->_config['cookieName'];
/* @var \Cake\Network\Request $request */
$cookieData = $request->cookie($cookieName);
if ($cookieData) {
$request->params['_csrfToken'] = $cookieData;
}
if ($request->is('requested')) {
return;
}
if ($request->is('get') && $cookieData === null) {
$this->_setCookie($request, $response);
}
if ($request->is(['put', 'post', 'delete', 'patch']) || !empty($request->data)) {
$this->_validateToken($request);
unset($request->data[$this->_config['field']]);
}
} /**
* Test that the configuration options work.
*
* @return void
* @triggers Controller.startup $controller
*/
public function testConfigurationValidate()
{
$_SERVER['REQUEST_METHOD'] = 'POST';
$controller = $this->getMock('Cake\\Controller\\Controller', ['redirect']);
$controller->request = new Request(['cookies' => ['csrfToken' => 'nope', 'token' => 'yes'], 'post' => ['_csrfToken' => 'no match', 'token' => 'yes']]);
$controller->response = new Response();
$component = new CsrfComponent($this->registry, ['cookieName' => 'token', 'field' => 'token', 'expiry' => 90]);
$event = new Event('Controller.startup', $controller);
$result = $component->startup($event);
$this->assertNull($result, 'Config settings should work.');
}
