createUser(['access content']); $this->drupalLogin($user); $this->drupalGet('/csrf_race/test'); $script = ''; // Delay the request processing of the first request by one second through // the request parameter, which will simulate the concurrent processing // of both requests. foreach ([1, 0] as $i) { $script .= <<baseUrl/csrf_race/get_csrf_token/$i", method: "GET", headers: { "Content-Type": "application/json" }, success: function(response) { jQuery('body').append("

"); jQuery('.csrf$i').html(response); }, error: function() { jQuery('body').append('Nothing'); } }); EOT; } $this->getSession()->getDriver()->executeScript($script); $token0 = $this->assertSession()->waitForElement('css', '.csrf0')->getHtml(); $token1 = $this->assertSession()->waitForElement('css', '.csrf1')->getHtml(); $this->assertNotNull($token0); $this->assertNotNull($token1); $this->assertEquals($token0, $token1); } }