diff options
author | Santiago Pastorino <santiago@wyeworks.com> | 2013-02-08 12:27:11 -0800 |
---|---|---|
committer | Santiago Pastorino <santiago@wyeworks.com> | 2013-02-08 12:27:11 -0800 |
commit | 86bfdbb509f005f7ac1198524fe3ce4036443e4c (patch) | |
tree | ec7c94db55a2f1962b44ed97d2180733c476042d /actionpack/test/controller | |
parent | 10d301e6ef8d98be39e0d2f6e9f6cfbfac576e4d (diff) | |
parent | 4127332a5f516188df7b35f3f8886723b8c4859d (diff) | |
download | rails-86bfdbb509f005f7ac1198524fe3ce4036443e4c.tar.gz rails-86bfdbb509f005f7ac1198524fe3ce4036443e4c.tar.bz2 rails-86bfdbb509f005f7ac1198524fe3ce4036443e4c.zip |
Merge pull request #9196 from AndreyChernyh/fix-cookies-with-null-session
Fix #9168 Initialize NullCookieJar with all options needed for KeyGenerator
Diffstat (limited to 'actionpack/test/controller')
-rw-r--r-- | actionpack/test/controller/request_forgery_protection_test.rb | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb index 7571192f97..c272e785c2 100644 --- a/actionpack/test/controller/request_forgery_protection_test.rb +++ b/actionpack/test/controller/request_forgery_protection_test.rb @@ -66,6 +66,19 @@ class RequestForgeryProtectionControllerUsingException < ActionController::Base protect_from_forgery :only => %w(index meta), :with => :exception end +class RequestForgeryProtectionControllerUsingNullSession < ActionController::Base + protect_from_forgery :with => :null_session + + def signed + cookies.signed[:foo] = 'bar' + render :nothing => true + end + + def encrypted + cookies.encrypted[:foo] = 'bar' + render :nothing => true + end +end class FreeCookieController < RequestForgeryProtectionControllerUsingResetSession self.allow_forgery_protection = false @@ -287,6 +300,28 @@ class RequestForgeryProtectionControllerUsingResetSessionTest < ActionController end end +class NullSessionDummyKeyGenerator + def generate_key(secret) + '03312270731a2ed0d11ed091c2338a06' + end +end + +class RequestForgeryProtectionControllerUsingNullSessionTest < ActionController::TestCase + def setup + @request.env[ActionDispatch::Cookies::GENERATOR_KEY] = NullSessionDummyKeyGenerator.new + end + + test 'should allow to set signed cookies' do + post :signed + assert_response :ok + end + + test 'should allow to set encrypted cookies' do + post :encrypted + assert_response :ok + end +end + class RequestForgeryProtectionControllerUsingExceptionTest < ActionController::TestCase include RequestForgeryProtectionTests def assert_blocked |