From 519e48d19710ff64b4e670f07fbaf2863b88c502 Mon Sep 17 00:00:00 2001
From: Master Yoda <jim_parry@bcit.ca>
Date: Mon, 12 Nov 2018 22:13:24 -0800
Subject: [PATCH] Add Response send testing

---
 system/HTTP/Response.php                    |   2 +-
 tests/system/HTTP/ResponseSendTest.php      | 100 ++++++++++++++++++++
 tests/system/Test/TestCaseEmissionsTest.php |  25 ++---
 3 files changed, 109 insertions(+), 18 deletions(-)
 create mode 100644 tests/system/HTTP/ResponseSendTest.php

diff --git a/system/HTTP/Response.php b/system/HTTP/Response.php
index 568f5a28e040..6efff26df73b 100644
--- a/system/HTTP/Response.php
+++ b/system/HTTP/Response.php
@@ -667,7 +667,7 @@ public function sendHeaders()
 
 		// Per spec, MUST be sent with each request, if possible.
 		// http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html
-		if (isset($this->headers['Date']))
+		if (! isset($this->headers['Date']))
 		{
 			$this->setDate(\DateTime::createFromFormat('U', time()));
 		}
diff --git a/tests/system/HTTP/ResponseSendTest.php b/tests/system/HTTP/ResponseSendTest.php
new file mode 100644
index 000000000000..b428ddc34c19
--- /dev/null
+++ b/tests/system/HTTP/ResponseSendTest.php
@@ -0,0 +1,100 @@
+<?php
+namespace CodeIgniter\HTTP;
+
+use CodeIgniter\HTTP\Response;
+use Config\App;
+
+/**
+ * This test suite has been created separately from
+ * TestCaseTest because it messes with output
+ * buffering from PHPUnit, and the individual
+ * test cases need to be run as separate processes.
+ */
+class ResponseSendTest extends \CIUnitTestCase
+{
+
+	/**
+	 * These need to be run as a separate process, since phpunit
+	 * has already captured the "normal" output, and we will get
+	 * a "Cannot modify headers" message if we try to change
+	 * headers or cookies now.
+	 *
+	 * Furthermore, these tests needs to flush the output buffering
+	 * that might be in progress, and start our own output buffer
+	 * capture.
+	 *
+	 * The tests includes a basic sanity check, to make sure that
+	 * the body we thought would be sent actually was.
+	 */
+
+	//--------------------------------------------------------------------
+	/**
+	 * @runInSeparateProcess
+	 * @preserveGlobalState  disabled
+	 */
+	public function testHeadersMissingDate()
+	{
+		$response = new Response(new App());
+		$response->pretend(false);
+
+		$body = 'Hello';
+		$response->setBody($body);
+
+		$response->setCookie('foo', 'bar');
+		$this->assertTrue($response->hasCookie('foo'));
+		$this->assertTrue($response->hasCookie('foo', 'bar'));
+
+		// Drop the date header, to make sure it gets put back in
+		$response->removeHeader('Date');
+
+		// send it
+		ob_start();
+		$response->send();
+
+		$buffer = ob_clean();
+		if (ob_get_level() > 0)
+		{
+			ob_end_clean();
+		}
+
+		// and what actually got sent?
+		$this->assertHeaderEmitted('Date:');
+	}
+
+	//--------------------------------------------------------------------
+	/**
+	 * This test does not test that CSP is handled properly -
+	 * it makes sure that sending gives CSP a chance to do its thing.
+	 *
+	 * @runInSeparateProcess
+	 * @preserveGlobalState  disabled
+	 */
+	public function testHeadersWithCSP()
+	{
+		$config             = new App();
+		$config->CSPEnabled = true;
+		$response           = new Response($config);
+		$response->pretend(false);
+
+		$body = 'Hello';
+		$response->setBody($body);
+
+		$response->setCookie('foo', 'bar');
+		$this->assertTrue($response->hasCookie('foo'));
+		$this->assertTrue($response->hasCookie('foo', 'bar'));
+
+		// send it
+		ob_start();
+		$response->send();
+
+		$buffer = ob_clean();
+		if (ob_get_level() > 0)
+		{
+			ob_end_clean();
+		}
+
+		// and what actually got sent?; test both ways
+		$this->assertHeaderEmitted('Content-Security-Policy:');
+	}
+
+}
diff --git a/tests/system/Test/TestCaseEmissionsTest.php b/tests/system/Test/TestCaseEmissionsTest.php
index 0f7d193a951b..a97b64c26414 100644
--- a/tests/system/Test/TestCaseEmissionsTest.php
+++ b/tests/system/Test/TestCaseEmissionsTest.php
@@ -13,20 +13,22 @@
 class TestCaseEmissionsTest extends \CIUnitTestCase
 {
 
-	//--------------------------------------------------------------------
 	/**
-	 * This needs to be run as a separate process, since phpunit
+	 * These need to be run as a separate process, since phpunit
 	 * has already captured the "normal" output, and we will get
 	 * a "Cannot modify headers" message if we try to change
 	 * headers or cookies now.
 	 *
-	 * Furthermore, this test needs to flush the output buffering
+	 * Furthermore, these tests needs to flush the output buffering
 	 * that might be in progress, and start our own output buffer
 	 * capture.
 	 *
-	 * This test includes a basic sanity check, to make sure that
+	 * The tests includes a basic sanity check, to make sure that
 	 * the body we thought would be sent actually was.
-	 *
+	 */
+
+	//--------------------------------------------------------------------
+	/**
 	 * @runInSeparateProcess
 	 * @preserveGlobalState  disabled
 	 */
@@ -57,19 +59,8 @@ public function testHeadersEmitted()
 		$this->assertHeaderEmitted('set-cookie: FOO=bar', true);
 	}
 
+	//--------------------------------------------------------------------
 	/**
-	 * This needs to be run as a separate process, since phpunit
-	 * has already captured the "normal" output, and we will get
-	 * a "Cannot modify headers" message if we try to change
-	 * headers or cookies now.
-	 *
-	 * Furthermore, this test needs to flush the output buffering
-	 * that might be in progress, and start our own output buffer
-	 * capture.
-	 *
-	 * This test includes a basic sanity check, to make sure that
-	 * the body we thought would be sent actually was.
-	 *
 	 * @runInSeparateProcess
 	 * @preserveGlobalState  disabled
 	 */