aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller
diff options
context:
space:
mode:
authorMike Dillon <mike@embody.org>2011-09-10 09:51:55 -0700
committerMike Dillon <mike@embody.org>2011-09-10 09:51:55 -0700
commit538fb18dead05760e76587fd53f04ae03dd2ab63 (patch)
treeba0bb4dd31264b53aec7e8ff4ffaa5d218f8147b /actionpack/test/controller
parent7fb99e5743d88c04357e09960d112376428a6faa (diff)
downloadrails-538fb18dead05760e76587fd53f04ae03dd2ab63.tar.gz
rails-538fb18dead05760e76587fd53f04ae03dd2ab63.tar.bz2
rails-538fb18dead05760e76587fd53f04ae03dd2ab63.zip
Add test for warning and CHANGELOG entry
Diffstat (limited to 'actionpack/test/controller')
-rw-r--r--actionpack/test/controller/request_forgery_protection_test.rb16
1 files changed, 16 insertions, 0 deletions
diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb
index d94db7f5fb..7a0b724387 100644
--- a/actionpack/test/controller/request_forgery_protection_test.rb
+++ b/actionpack/test/controller/request_forgery_protection_test.rb
@@ -1,6 +1,7 @@
require 'abstract_unit'
require 'digest/sha1'
require 'active_support/core_ext/string/strip'
+require "active_support/log_subscriber/test_helper"
# common controller actions
module RequestForgeryProtectionActions
@@ -157,6 +158,21 @@ module RequestForgeryProtectionTests
assert_not_blocked { put :index }
end
+ def test_should_warn_on_missing_csrf_token
+ old_logger = ActionController::Base.logger
+ logger = ActiveSupport::LogSubscriber::TestHelper::MockLogger.new
+ ActionController::Base.logger = logger
+
+ begin
+ assert_blocked { post :index }
+
+ assert_equal 1, logger.logged(:warn).size
+ assert_match(/CSRF token authenticity/, logger.logged(:warn).last)
+ rescue
+ ActionController::Base.logger = old_logger
+ end
+ end
+
def assert_blocked
session[:something_like_user_id] = 1
yield
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 16:03:46 +0000