Code Coverage for /Users/ericduran/Sites/drupal/drupal/core/modules/basic_auth/src/PageCache/DisallowBasicAuthRequests.php

	Code Coverage
	Classes and Traits			Functions and Methods				Lines
Total	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	CRAP	0.00% covered (danger)	0.00%	0 / 6
DisallowBasicAuthRequests	0.00% covered (danger)	0.00%	0 / 1	0.00% covered (danger)	0.00%	0 / 1	12	0.00% covered (danger)	0.00%	0 / 6
check				0.00% covered (danger)	0.00%	0 / 1	12	0.00% covered (danger)	0.00%	0 / 6

1	<?php
2
3	/**
4	* @file
5	* Contains \Drupal\basic_auth\PageCache\DisallowBasicAuthRequests.
6	*/
7
8	namespace Drupal\basic_auth\PageCache;
9
10	use Drupal\Core\PageCache\RequestPolicyInterface;
11	use Symfony\Component\HttpFoundation\Request;
12
13	/**
14	* Cache policy for pages served from basic auth.
15	*
16	* This policy disallows caching of requests that use basic_auth for security
17	* reasons. Otherwise responses for authenticated requests can get into the
18	* page cache and could be delivered to unprivileged users.
19	*/
20	class DisallowBasicAuthRequests implements RequestPolicyInterface {
21
22	/**
23	* {@inheritdoc}
24	*/
25	public function check(Request $request) {
26	$username = $request->headers->get('PHP_AUTH_USER');
27	$password = $request->headers->get('PHP_AUTH_PW');
28	if (isset($username) && isset($password)) {
29	return self::DENY;
30	}
31	}
32
33	}