diff options
| author | Santiago Pastorino <santiago@wyeworks.com> | 2011-04-04 21:52:37 -0300 |
|---|---|---|
| committer | Santiago Pastorino <santiago@wyeworks.com> | 2011-04-05 10:41:34 -0300 |
| commit | d7a5638dfbe68d0a92958c0e81f44054ddd7d291 (patch) | |
| tree | ccb7b61eda2edd448f7cb648716dcb757f8a10be /actionpack/test/controller/flash_test.rb | |
| parent | a9b4b5da7c216e4464eeb9dbd0a39ea258d64325 (diff) | |
| download | rails-d7a5638dfbe68d0a92958c0e81f44054ddd7d291.tar.gz rails-d7a5638dfbe68d0a92958c0e81f44054ddd7d291.tar.bz2 rails-d7a5638dfbe68d0a92958c0e81f44054ddd7d291.zip | |
raise if someone tries to modify the flash when it was already streamed back to the client or converted to HTTP headers
Diffstat (limited to 'actionpack/test/controller/flash_test.rb')
| -rw-r--r-- | actionpack/test/controller/flash_test.rb | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/actionpack/test/controller/flash_test.rb b/actionpack/test/controller/flash_test.rb index 3569a2f213..a9c4f34275 100644 --- a/actionpack/test/controller/flash_test.rb +++ b/actionpack/test/controller/flash_test.rb @@ -214,11 +214,20 @@ class FlashIntegrationTest < ActionDispatch::IntegrationTest SessionSecret = 'b3c631c314c0bbca50c1b2843150fe33' class TestController < ActionController::Base + def dont_set_flash + head :ok + end + def set_flash flash["that"] = "hello" head :ok end + def set_flash_now + flash.now["that"] = "hello" + head :ok + end + def use_flash render :inline => "flash: #{flash["that"]}" end @@ -245,6 +254,47 @@ class FlashIntegrationTest < ActionDispatch::IntegrationTest end end + def test_setting_flash_raises_after_stream_back_to_client + with_test_route_set do + env = { 'action_dispatch.request.flash_hash' => ActionDispatch::Flash::FlashHash.new } + get '/set_flash', nil, env + assert_raise(ActionDispatch::ClosedError) { + @request.flash['alert'] = 'alert' + } + end + end + + def test_setting_flash_raises_after_stream_back_to_client_even_with_an_empty_flash + with_test_route_set do + env = { 'action_dispatch.request.flash_hash' => ActionDispatch::Flash::FlashHash.new } + get '/dont_set_flash', nil, env + assert_raise(ActionDispatch::ClosedError) { + @request.flash['alert'] = 'alert' + } + end + end + + def test_setting_flash_now_raises_after_stream_back_to_client + with_test_route_set do + env = { 'action_dispatch.request.flash_hash' => ActionDispatch::Flash::FlashHash.new } + get '/set_flash_now', nil, env + assert_raise(ActionDispatch::ClosedError) { + @request.flash.now['alert'] = 'alert' + } + end + end + + def test_setting_flash_now_raises_after_stream_back_to_client_even_with_an_empty_flash + with_test_route_set do + env = { 'action_dispatch.request.flash_hash' => ActionDispatch::Flash::FlashHash.new } + get '/dont_set_flash', nil, env + assert_raise(ActionDispatch::ClosedError) { + @request.flash.now['alert'] = 'alert' + } + end + end + + private # Overwrite get to send SessionSecret in env hash |