Testing Form with CSRF element

Questions Components & MVC
,
1

Hi.

I tested a form with csrf elemnet, but failed.

  1. Get a page with $this->despach("/")
  2. Get returned html with $this->application->getResponse()->getContent();
  3. Extact csrf’s value using DOM
  4. Post form with 3)'s crsf key using despath("/",‘POST’,$data);

I succes 1-3, but failed to do 4).

It seem that I can’t do despatch twice within same testXXXX function.
The actual code is as follow.

Is there any way to test form with crsf ?

public function testLoginAction()
{
    //TEST GET, and catch CSRF key
    $this->dispatch('/home/login', 'GET'); //I can enter the loginAction using debgger.
    $this->assertResponseStatusCode(200);

    //GET CSRF key
    $html= $this->application->getResponse()->getContent();
    $dom = new DOMDocument();
    @$dom->loadHTML($html);
    $csrf = $dom->getElementById("id_csrf")->getAttribute("value");

    //POST with CSRF
    $param["email"] = "xxxxx@xxxxx.com";
    $param["password"] = "p@ssword";
    $param["security"] = $csrf;
    $param["lang"]="jp_JP";
    $param["submit"]="Login";
    $this->dispatch('/home/login', 'POST',$param);//I can't enter the loginAction using debgger. 
    $this->assertResponseStatusCode(200); //Success
    $this->assertRedirect(); //Failed
}
2

I haven’t used laminas-test for a long time, but you can check the reset method with the parameter $keepPersistence.

3

Thank you for your advice.
I could two despatches using $this->reset(true), and suppress csrf successfuly!