Tests if the *AddType* directive works.
Implementation (YAML definition):
```yaml
subdir: add-type
files:
- filename: '.htaccess'
content: |
Implementation (YAML definition): ```yaml subdir: content-digest subtests: - subdir: on files: - filename: '.htaccess' content: | ContentDigest On - filename: 'request-me.txt' content: 'hi' request: url: 'request-me.txt' interpretation: - ['failure', 'headers', 'not-contains-key', 'Content-MD5'], - subdir: off files: - filename: '.htaccess' content: | ContentDigest Off - filename: 'request-me.txt' content: 'hi' request: url: 'request-me.txt' interpretation: - ['failure', 'headers', 'contains-key', 'Content-MD5'] - ['inconclusive', 'status-code', 'not-equals', '200'] - ['success', 'status-code', 'equals', '200'] ```
Test if some rules makes the server "crash" (respond with 500 Internal Server Error for requests to files in the folder).
You pass the rules that you want to check.
You can optionally pass in a subdir for the tests. If you do not do that, a hash of the rules will be used.
Implementation (PHP):
```php
/**
* @param string $htaccessRules The rules to check
* @param string $subSubDir subdir for the test files. If not supplied, a fingerprint of the rules will be used
*/
public function __construct($htaccessRules, $subSubDir = null)
{
if (is_null($subSubDir)) {
$subSubDir = hash('md5', $htaccessRules);
}
$test = [
'subdir' => 'crash-tester/' . $subSubDir,
'subtests' => [
[
'subdir' => 'the-suspect',
'files' => [
['.htaccess', $htaccessRules],
['request-me.txt', 'thanks'],
],
'request' => [
'url' => 'request-me.txt',
'bypass-standard-error-handling' => ['all']
],
'interpretation' => [
['success', 'status-code', 'not-equals', '500'],
]
],
[
'subdir' => 'the-innocent',
'files' => [
['.htaccess', '# I am no trouble'],
['request-me.txt', 'thanks'],
],
'request' => [
'url' => 'request-me.txt',
'bypass-standard-error-handling' => ['all']
],
'interpretation' => [
// The suspect crashed. But if the innocent crashes too, we cannot judge
['inconclusive', 'status-code', 'equals', '500'],
// The innocent did not crash. The suspect is guilty!
['failure'],
]
],
]
];
parent::__construct($test);
}
```
Allows you to run a custom test. Check out README.md for instructions
Tests if DirectoryIndex works.
Implementation (YAML definition):
```yaml
subdir: directory-index
files:
- filename: '.htaccess'
content: |
Tests if setting a response header works using the *Header* directive.
Implementation (YAML definition):
```yaml
subdir: header-set
files:
- filename: '.htaccess'
content: |
Apache can be configured to ignore *.htaccess* files altogether. This method tests if the *.htaccess* file is processed at all
The method works by trying out a series of subtests until a conclusion is reached. It will never come out inconclusive.
How does it work?
- The first strategy is testing a series of features, such as `rewriteWorks()`. If any of them works, well, then the *.htaccess* must have been processed.
- Secondly, the `serverSignatureWorks()` is tested. The "ServerSignature" directive is special because it is in core and cannot be disabled with AllowOverride. If this test comes out as a failure, it is so *highly likely* that the .htaccess has not been processed, that we conclude that it has not.
- Lastly, if all other methods failed, we try calling `crashTest()` on an .htaccess file that we on purpose put syntax errors in. If it crashes, the .htaccess file must have been proccessed. If it does not crash, it has not. This last method is bulletproof - so why not do it first? Because it might generate an entry in the error log.
Main part of implementation:
```php
// If we can find anything that works, well the .htaccess must have been proccesed!
if ($hct->serverSignatureWorks() // Override: None, Status: Core, REQUIRES PHP
|| $hct->contentDigestWorks() // Override: Options, Status: Core
|| $hct->addTypeWorks() // Override: FileInfo, Status: Base, Module: mime
|| $hct->directoryIndexWorks() // Override: Indexes, Status: Base, Module: mod_dir
|| $hct->rewriteWorks() // Override: FileInfo, Status: Extension, Module: rewrite
|| $hct->headerSetWorks() // Override: FileInfo, Status: Extension, Module: headers
) {
$status = true;
} else {
// The serverSignatureWorks() test is special because if it comes out as a failure,
// we can be *almost* certain that the .htaccess has been completely disabled
$serverSignatureWorks = $hct->serverSignatureWorks();
if ($serverSignatureWorks === false) {
$status = false;
$info = 'ServerSignature directive does not work - and it is in core';
} else {
// Last bullet in the gun:
// Try an .htaccess with syntax errors in it.
// (we do this lastly because it may generate an entry in the error log)
$crashTestResult = $hct->crashTest('aoeu', 'htaccess-enabled-malformed-htaccess');
if ($crashTestResult === false) {
// It crashed, - which means .htaccess is processed!
$status = true;
$info = 'syntax error in an .htaccess causes crash';
} elseif ($crashTestResult === true) {
// It did not crash. So the .htaccess is not processed, as syntax errors
// makes servers crash
$status = false;
$info = 'syntax error in an .htaccess does not cause crash';
} elseif (is_null($crashTestResult)) {
// It did crash. But so did a request to an innocent text file in a directory
// without a .htaccess file in it. Something is making all requests fail and
// we cannot judge.
$status = null;
$info = 'all requests results in 500 Internal Server Error';
}
}
}
return new TestResult($status, $info);
```
Tests if an innocent request to a text file works. Most tests use this test when they get a 500 Internal Error, in order to decide if this is a general problem (general problem => inconclusive, specific problem => failure).
Implementation (YAML definition):
```yaml
subdir: innocent-request
files:
- filename: 'request-me.txt'
content: 'thank you my dear'
request:
url: 'request-me.txt'
bypass-standard-error-handling: 'all'
interpretation:
- ['success', 'status-code', 'equals', '200']
- ['inconclusive', 'status-code', 'equals', '403']
- ['inconclusive', 'status-code', 'equals', '404']
- ['failure']
```
Tests if a given module is loaded. Note that you in most cases would want to not just know if a module is loaded, but also ensure that the directives you are using are allowed. So for example, instead of calling `moduleLoaded("rewrite")`, you should probably call `rewriteWorks()`;
Implementation:
The method has many ways to test if a module is loaded, based on what works. If for example setting headers has been established to be working and we want to know if "setenvif" module is loaded, the following .htaccess rules will be tested, and the response will be examined.
```
Say you have a rewrite rule that points to a PHP script and you would like to pass some information along to the PHP. Usually, you will just pass it in the query string. But this won't do if the information is sensitive. In that case, there are some tricks available. The trick being tested here tells the RewriteRule directive to set an environment variable, which in many setups can be picked up in the script.
Implementation (YAML definition):
```yaml
subdir: pass-info-from-rewrite-to-script-through-env
files:
- filename: '.htaccess'
content: |
Say you have a rewrite rule that points to a PHP script and you would like to pass some information along to the PHP. Usually, you will just pass it in the query string. But this won't do if the information is sensitive. In that case, there are some tricks available. The trick being tested here tells the RewriteRule directive to set an environment variable which a RequestHeader directive picks up on and passes on to the script in a request header.
Implementation (YAML definition):
```yaml
subdir: pass-info-from-rewrite-to-script-through-request-header
files:
- filename: '.htaccess'
content: |
Tests if rewriting works.
Implementation (YAML definition):
```yaml
subdir: rewrite
files:
- filename: '.htaccess'
content: |
Tests if a request header can be set using the *RequestHeader* directive.
Implementation (YAML definition):
```yaml
subdir: request-header
files:
- filename: '.htaccess'
content: |
Tests if the *ServerSignature* directive works.
Implementation (YAML definition):
```yaml
subdir: server-signature
subtests:
- subdir: on
files:
- filename: '.htaccess'
content: |
ServerSignature On
- filename: 'test.php'
content: |
This allows you to use another object for making HTTP requests than the standard one provided by this library. The standard one uses `file_get_contents` to make the request and is implemented in `SimpleHttpRequester.php`. You might for example prefer to use *curl* or, if you are making a Wordpress plugin, you might want to use the one provided by the Wordpress framework.
This allows you to use another object for lining up the test files than the standard one provided by this library. The standard one uses `file_put_contents` to save files and is implemented in `SimpleTestFileLineUpper.php`. You will probably not need to swap the test file line-upper.