diff options
| author | David Heinemeier Hansson <david@loudthinking.com> | 2007-11-28 00:29:43 +0000 |
|---|---|---|
| committer | David Heinemeier Hansson <david@loudthinking.com> | 2007-11-28 00:29:43 +0000 |
| commit | 45d679bcb881adf8782230ff3b14ebc3a8d20e7b (patch) | |
| tree | b479d3242bc818fa69698573f93a6f97f8be9806 | |
| parent | 4d177ae0d6d9f60c4000f45fb6f6df27317afbff (diff) | |
| download | rails-45d679bcb881adf8782230ff3b14ebc3a8d20e7b.tar.gz rails-45d679bcb881adf8782230ff3b14ebc3a8d20e7b.tar.bz2 rails-45d679bcb881adf8782230ff3b14ebc3a8d20e7b.zip | |
Added protection from trailing slashes on page caching (closes #10229) [devrieda]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8226 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
| -rw-r--r-- | actionpack/CHANGELOG | 2 | ||||
| -rw-r--r-- | actionpack/lib/action_controller/caching.rb | 2 | ||||
| -rw-r--r-- | actionpack/test/controller/caching_test.rb | 14 |
3 files changed, 17 insertions, 1 deletions
diff --git a/actionpack/CHANGELOG b/actionpack/CHANGELOG index f357945ed9..a42de8037e 100644 --- a/actionpack/CHANGELOG +++ b/actionpack/CHANGELOG @@ -1,5 +1,7 @@ *SVN* +* Added protection from trailing slashes on page caching #10229 [devrieda] + * Asset timestamps are appended, not prepended. Closes #10276 [mnaberez] * Minor inconsistency in description of render example. Closes #10029 [ScottSchram] diff --git a/actionpack/lib/action_controller/caching.rb b/actionpack/lib/action_controller/caching.rb index ce03a979f8..28426bd047 100644 --- a/actionpack/lib/action_controller/caching.rb +++ b/actionpack/lib/action_controller/caching.rb @@ -106,7 +106,7 @@ module ActionController #:nodoc: private def page_cache_file(path) - name = ((path.empty? || path == "/") ? "/index" : URI.unescape(path)) + name = (path.empty? || path == "/") ? "/index" : URI.unescape(path.chomp('/')) name << page_cache_extension unless (name.split('/').last || name).include? '.' return name end diff --git a/actionpack/test/controller/caching_test.rb b/actionpack/test/controller/caching_test.rb index 828b2fbf26..d6982fbc86 100644 --- a/actionpack/test/controller/caching_test.rb +++ b/actionpack/test/controller/caching_test.rb @@ -35,6 +35,10 @@ class PageCachingTestController < ActionController::Base expire_page("/index.html") head :ok end + + def trailing_slash + render :text => "Sneak attack" + end end class PageCachingTest < Test::Unit::TestCase @@ -91,6 +95,16 @@ class PageCachingTest < Test::Unit::TestCase get :expire_custom_path assert !File.exist?("#{FILE_STORE_PATH}/index.html") end + + def test_should_cache_without_trailing_slash_on_url + @controller.class.cache_page 'cached content', '/page_caching_test/trailing_slash' + assert File.exist?("#{FILE_STORE_PATH}/page_caching_test/trailing_slash.html") + end + + def test_should_cache_with_trailing_slash_on_url + @controller.class.cache_page 'cached content', '/page_caching_test/trailing_slash/' + assert File.exist?("#{FILE_STORE_PATH}/page_caching_test/trailing_slash.html") + end uses_mocha("should_cache_ok_at_custom_path") do def test_should_cache_ok_at_custom_path |