Use 400 Bad Request errors for invalid CSRF everywhere

2025-07-27 17:28:39 +00:00 · 2025-03-23 22:12:08 +01:00 · 2025-03-23 22:12:08 +01:00 · 677b2986bc
commit 677b2986bc
parent 5ea5115a72
4 changed files with 11 additions and 10 deletions
--- a/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php
+++ b/tests/Wallabag/ApiBundle/Controller/DeveloperControllerTest.php
@ -105,7 +105,7 @@ class DeveloperControllerTest extends WallabagCoreTestCase

        $this->logInAs('bob');
        $client->request('POST', '/developer/client/delete/' . $adminApiClient->getId());
-        $this->assertSame(403, $client->getResponse()->getStatusCode());
+        $this->assertSame(400, $client->getResponse()->getStatusCode());

        // Try to remove the admin's client with the good user
        $this->logInAs('admin');