Handle non-string authenticity tokens

Non-string authenticity tokens raised NoMethodError when decoding the masked token.
author: Ville Lautanala <lautis@gmail.com> 2015-02-12 22:24:45 +0200
committer: Ville Lautanala <lautis@gmail.com> 2015-02-12 22:24:45 +0200
commit: bf067b41e58409240a0370993069eb8820ca12a6 (patch)
tree: 36571121236d56e9649e3451890890df7e99aa32 /actionpack/test/controller
parent: fa63448420d3385dbd043aca22dba973b45b8bb2 (diff)
download: rails-bf067b41e58409240a0370993069eb8820ca12a6.tar.gz
rails-bf067b41e58409240a0370993069eb8820ca12a6.tar.bz2
rails-bf067b41e58409240a0370993069eb8820ca12a6.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb
index 88155bb404..8887f291cf 100644
--- a/actionpack/test/controller/request_forgery_protection_test.rb
+++ b/actionpack/test/controller/request_forgery_protection_test.rb
@@ -374,6 +374,13 @@ module RequestForgeryProtectionTests
     end
   end
 
+  def test_should_not_raise_error_if_token_is_not_a_string
+    @controller.unstub(:valid_authenticity_token?)
+    assert_blocked do
+      patch :index, params: { custom_authenticity_token: { foo: 'bar' } }
+    end
+  end
+
   def assert_blocked
     session[:something_like_user_id] = 1
     yield
author	Ville Lautanala <lautis@gmail.com>	2015-02-12 22:24:45 +0200
committer	Ville Lautanala <lautis@gmail.com>	2015-02-12 22:24:45 +0200
commit	bf067b41e58409240a0370993069eb8820ca12a6 (patch)
tree	36571121236d56e9649e3451890890df7e99aa32 /actionpack/test/controller
parent	fa63448420d3385dbd043aca22dba973b45b8bb2 (diff)
download	rails-bf067b41e58409240a0370993069eb8820ca12a6.tar.gz rails-bf067b41e58409240a0370993069eb8820ca12a6.tar.bz2 rails-bf067b41e58409240a0370993069eb8820ca12a6.zip