diff options
| author | Andrew White <pixeltrix@users.noreply.github.com> | 2017-03-30 10:29:33 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-03-30 10:29:33 +0100 |
| commit | 93982de132f5e3fdcd7794d697a6566bd98da393 (patch) | |
| tree | 29931ab5884d351069ca1970934814b61a2801c2 /actionpack/test/controller/metal_test.rb | |
| parent | f6eeb4e6e578a5fd3113f24ce55831edaf8e1116 (diff) | |
| parent | 9d695743dee0eb57cedd1f0e7a9dc1a16ef0b530 (diff) | |
| download | rails-93982de132f5e3fdcd7794d697a6566bd98da393.tar.gz rails-93982de132f5e3fdcd7794d697a6566bd98da393.tar.bz2 rails-93982de132f5e3fdcd7794d697a6566bd98da393.zip | |
Merge pull request #28606 from maclover7/jm-fix-25820
Do not include default response headers for AC::Metal
Diffstat (limited to 'actionpack/test/controller/metal_test.rb')
| -rw-r--r-- | actionpack/test/controller/metal_test.rb | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/actionpack/test/controller/metal_test.rb b/actionpack/test/controller/metal_test.rb new file mode 100644 index 0000000000..e16452ed6f --- /dev/null +++ b/actionpack/test/controller/metal_test.rb @@ -0,0 +1,30 @@ +require "abstract_unit" + +class MetalControllerInstanceTests < ActiveSupport::TestCase + class SimpleController < ActionController::Metal + def hello + self.response_body = "hello" + end + end + + def test_response_has_default_headers + original_default_headers = ActionDispatch::Response.default_headers + + ActionDispatch::Response.default_headers = { + "X-Frame-Options" => "DENY", + "X-Content-Type-Options" => "nosniff", + "X-XSS-Protection" => "1;" + } + + response_headers = SimpleController.action("hello").call( + "REQUEST_METHOD" => "GET", + "rack.input" => -> {} + )[1] + + refute response_headers.key?("X-Frame-Options") + refute response_headers.key?("X-Content-Type-Options") + refute response_headers.key?("X-XSS-Protection") + ensure + ActionDispatch::Response.default_headers = original_default_headers + end +end |