Skip to content

Comments

refactor: fix Security test fail by itself#9969

Merged
paulbalandan merged 1 commit intocodeigniter4:developfrom
paulbalandan:fix-security
Feb 21, 2026
Merged

refactor: fix Security test fail by itself#9969
paulbalandan merged 1 commit intocodeigniter4:developfrom
paulbalandan:fix-security

Conversation

@paulbalandan
Copy link
Member

@paulbalandan paulbalandan commented Feb 20, 2026

Description
Running SecurityTest by itself leads to failures, which means it is not isolated enough and dependent on other tests.

vendor/bin/phpunit --filter SecurityTest
PHPUnit 11.5.55 by Sebastian Bergmann and contributors.

Runtime:       PHP 8.5.3 with Xdebug 3.5.1
Configuration: /Users/paul/Workspace/CodeIgniter4/phpunit.xml.dist

........E.E.E......FFF.......                                                                                                       29 / 29 (100%)

Time: 00:02.360, Memory: 82.00 MB

There were 3 errors:

1) CodeIgniter\Security\SecurityTest::testCSRFVerifyHeaderReturnsSelfOnMatch
CodeIgniter\Security\Exceptions\SecurityException: The action you requested is not allowed.

/Users/paul/Workspace/CodeIgniter4/system/Security/Security.php:263
/Users/paul/Workspace/CodeIgniter4/tests/system/Security/SecurityTest.php:170

2) CodeIgniter\Security\SecurityTest::testCSRFVerifyJsonReturnsSelfOnMatch
CodeIgniter\Security\Exceptions\SecurityException: The action you requested is not allowed.

/Users/paul/Workspace/CodeIgniter4/system/Security/Security.php:263
/Users/paul/Workspace/CodeIgniter4/tests/system/Security/SecurityTest.php:206

3) CodeIgniter\Security\SecurityTest::testCSRFVerifyPutBodyReturnsSelfOnMatch
CodeIgniter\Security\Exceptions\SecurityException: The action you requested is not allowed.

/Users/paul/Workspace/CodeIgniter4/system/Security/Security.php:263
/Users/paul/Workspace/CodeIgniter4/tests/system/Security/SecurityTest.php:242

--

There were 3 failures:

1) CodeIgniter\Security\SecurityTest::testGetPostedTokenReturnsTokenFromHeader
Failed asserting that null is identical to '8b9218a55906f9dcc1dc263dce7f005a'.

/Users/paul/Workspace/CodeIgniter4/tests/system/Security/SecurityTest.php:346

2) CodeIgniter\Security\SecurityTest::testGetPostedTokenReturnsTokenFromJsonBody
Failed asserting that null is identical to '8b9218a55906f9dcc1dc263dce7f005a'.

/Users/paul/Workspace/CodeIgniter4/tests/system/Security/SecurityTest.php:355

3) CodeIgniter\Security\SecurityTest::testGetPostedTokenReturnsTokenFromFormBody
Failed asserting that null is identical to '8b9218a55906f9dcc1dc263dce7f005a'.

/Users/paul/Workspace/CodeIgniter4/tests/system/Security/SecurityTest.php:364

ERRORS!
Tests: 29, Assertions: 34, Errors: 3, Failures: 3.

Generating code coverage report in Clover XML format ... done [00:00.463]

Generating code coverage report in HTML format ... done [00:03.204]

Ref: #9968

Checklist:

  • Securely signed commits
  • Component(s) with PHPDoc blocks, only if necessary or adds value (without duplication)
  • Unit testing, with >80% coverage
  • User guide updated
  • Conforms to style guide

@paulbalandan paulbalandan added the refactor Pull requests that refactor code label Feb 20, 2026
@paulbalandan paulbalandan mentioned this pull request Feb 20, 2026
Open
39 tasks
@paulbalandan paulbalandan merged commit a87043b into codeigniter4:develop Feb 21, 2026
49 checks passed
@paulbalandan paulbalandan deleted the fix-security branch February 21, 2026 10:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@michalsn michalsn michalsn approved these changes

Assignees

No one assigned

Labels

refactor Pull requests that refactor code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@paulbalandan @michalsn