diff options
author | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2015-02-18 19:37:24 -0200 |
---|---|---|
committer | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2015-02-18 19:37:24 -0200 |
commit | fb876b8a2c9445dc989742a8ea64f8fdcbc7705e (patch) | |
tree | 039d86b6d23cdec5feefc532c23b4b9cbf798a92 /actionpack/test/controller | |
parent | 4ffe46f5fe957cb39eb93fc9120fab2dc951b384 (diff) | |
parent | bf067b41e58409240a0370993069eb8820ca12a6 (diff) | |
download | rails-fb876b8a2c9445dc989742a8ea64f8fdcbc7705e.tar.gz rails-fb876b8a2c9445dc989742a8ea64f8fdcbc7705e.tar.bz2 rails-fb876b8a2c9445dc989742a8ea64f8fdcbc7705e.zip |
Merge pull request #18917 from lautis/non-string-csrf-token
Handle non-string authenticity tokens
Diffstat (limited to 'actionpack/test/controller')
-rw-r--r-- | actionpack/test/controller/request_forgery_protection_test.rb | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb index 88155bb404..8887f291cf 100644 --- a/actionpack/test/controller/request_forgery_protection_test.rb +++ b/actionpack/test/controller/request_forgery_protection_test.rb @@ -374,6 +374,13 @@ module RequestForgeryProtectionTests end end + def test_should_not_raise_error_if_token_is_not_a_string + @controller.unstub(:valid_authenticity_token?) + assert_blocked do + patch :index, params: { custom_authenticity_token: { foo: 'bar' } } + end + end + def assert_blocked session[:something_like_user_id] = 1 yield |