Page MenuHomeIn-Portal Phabricator

INP-1913 - Allow sending custom HTTP headers
AcceptedPublic

Authored by alex on Fri, May 30, 5:42 AM.

Details

Reviewers
erik
Test Plan
  1. perform clean install (main tab)
  2. go to the Admin Console login screen
  3. confirm that these response headers are present (using the Web Browser Developer Tools):
    • X-Content-Type-Options: nosniff
    • X-Frame-Options: sameorigin
  4. repeat the previous 2 steps, but for the Front-End (separate tab)
  5. login to Admin Console (main tab)
  6. go to the ConfigurationWebsiteAdvanced section
  7. confirm that Extra HTTP Headers system setting:
    • is present
    • has as multi-line value
    • has X-Content-Type-Options: nosniff line present
    • has X-Frame-Options: sameorigin line present
  8. replace contents of the Extra HTTP Headers system setting with X-Redirect-By: In-Portal and save changes
  9. confirm that page response now contains X-Redirect-By: In-Portal header instead of the X-Content-Type-Options: nosniff and X-Frame-Options: sameorigin headers
  10. confirm, that for Front-End as well (separate tab)
  11. go to the ConfigurationWebsiteSite Domains section
  12. create a site domain that will match the visited domain on the Front-End
  13. confirm that a Extra HTTP Headers field is present and is empty
  14. confirm that on Front-End (separate tab) the headers from the Extra HTTP Headers system setting are being sent
  15. change the site domain (main tab) and put X-Redirect-By: My-Site-Domain value into the Extra HTTP Headers field
  16. visit the Front-End (separate tab)
  17. confirm that Extra HTTP Headers set on site domain level override ones that are set via a system setting
  18. repeat all the above steps for In-Portal website, that was just upgraded

Diff Detail

Repository
rINP In-Portal
Branch
/in-portal/branches/5.2.x
Lint
Lint ErrorsExcuse: Unrealted.
SeverityLocationCodeMessage
Errorcore/kernel/application.php:1242PHPCS.E.CodingStandard.Commenting.InlineComment.InvalidEndCharCodingStandard.Commenting.InlineComment.InvalidEndChar
Errorcore/kernel/application.php:1242PHPCS.E.CodingStandard.Commenting.InlineComment.NotCapitalCodingStandard.Commenting.InlineComment.NotCapital
Errorcore/units/site_domains/site_domains_config.php:102PHPCS.E.CodingStandard.Arrays.Array.SpaceAfterKeywordCodingStandard.Arrays.Array.SpaceAfterKeyword
Errorcore/units/site_domains/site_domains_config.php:102PHPCS.E.Generic.PHP.LowerCaseKeyword.FoundGeneric.PHP.LowerCaseKeyword.Found
Unit
No Unit Test Coverage
Build Status
Buildable 11094
Build 3794: arc lint + arc unit

Event Timeline

alex created this revision.Fri, May 30, 5:42 AM
alex requested review of this revision.Fri, May 30, 5:42 AM
alex edited the test plan for this revision. (Show Details)Fri, May 30, 5:44 AM
erik requested changes to this revision.Fri, May 30, 7:07 AM

All test plan passed.

Missing la_fld_ExtraHTTPHeaders label.

This revision now requires changes to proceed.Fri, May 30, 7:07 AM
alex updated this revision to Diff 1348.Fri, May 30, 7:12 AM

Added missing la_fld_ExtraHTTPHeaders phrase.

erik accepted this revision.Fri, May 30, 7:51 AM
This revision is now accepted and ready to land.Fri, May 30, 7:51 AM