Projet

Général

Profil

Révision 134c7813

Ajouté par Mathieu Schiano Di Schiabica il y a environ 8 ans

Update to 7.43

Voir les différences:

drupal7/modules/simpletest/tests/xmlrpc.test
246 246 
    $this->assertEqual($removed, 'system.methodSignature', 'Hiding builting system.methodSignature with hook_xmlrpc_alter works');
247 247 
  }
248 248 

  		




  
  249
  
    
  /**


  		




  
  250
  
    
   * Test limits on system.multicall that can prevent brute-force attacks.


  		




  
  251
  
    
   */


  		




  
  252
  
    
  function testMulticallLimit() {


  		




  
  253
  
    
    $url = url(NULL, array('absolute' => TRUE)) . 'xmlrpc.php';


  		




  
  254
  
    
    $multicall_args = array();


  		




  
  255
  
    
    $num_method_calls = 10;


  		




  
  256
  
    
    for ($i = 0; $i < $num_method_calls; $i++) {


  		




  
  257
  
    
      $struct = array('i' => $i);


  		




  
  258
  
    
      $multicall_args[] = array('methodName' => 'validator1.echoStructTest', 'params' => array($struct));


  		




  
  259
  
    
    }


  		




  
  260
  
    
    // Test limits of 1, 5, 9, 13.


  		




  
  261
  
    
    for ($limit = 1; $limit < $num_method_calls + 4; $limit += 4) {


  		




  
  262
  
    
      variable_set('xmlrpc_multicall_duplicate_method_limit', $limit);


  		




  
  263
  
    
      $results = xmlrpc($url, array('system.multicall' => array($multicall_args)));


  		




  
  264
  
    
      $this->assertEqual($num_method_calls, count($results));


  		




  
  265
  
    
      for ($i = 0; $i < min($limit, $num_method_calls); $i++) {


  		




  
  266
  
    
        $x = array_shift($results);


  		




  
  267
  
    
        $this->assertTrue(empty($x->is_error), "Result $i is not an error");


  		




  
  268
  
    
        $this->assertEqual($multicall_args[$i]['params'][0], $x);


  		




  
  269
  
    
      }


  		




  
  270
  
    
      for (; $i < $num_method_calls; $i++) {


  		




  
  271
  
    
        $x = array_shift($results);


  		




  
  272
  
    
        $this->assertFalse(empty($x->is_error), "Result $i is an error");


  		




  
  273
  
    
        $this->assertEqual(-156579, $x->code);


  		




  
  274
  
    
      }


  		




  
  275
  
    
    }


  		




  
  276
  
    
    variable_set('xmlrpc_multicall_duplicate_method_limit', -1);


  		




  
  277
  
    
    $results = xmlrpc($url, array('system.multicall' => array($multicall_args)));


  		




  
  278
  
    
    $this->assertEqual($num_method_calls, count($results));


  		




  
  279
  
    
    foreach ($results as $i => $x) {


  		




  
  280
  
    
      $this->assertTrue(empty($x->is_error), "Result $i is not an error");


  		




  
  281
  
    
    }


  		




  
  282
  
    
  }


  		




  249
  283
  
    
}


  		












Formats disponibles :  Unified diff