diff options
author | Andrew White <andyw@pixeltrix.co.uk> | 2010-10-22 15:34:45 +0100 |
---|---|---|
committer | Andrew White <andyw@pixeltrix.co.uk> | 2010-10-25 16:36:35 +0100 |
commit | 2d5a12a50bcd83fcc99865de759b82e661b28698 (patch) | |
tree | 9adf7180e8ad739d69a6fc46e46955d6d6969a47 /actionpack/test/dispatch/cookies_test.rb | |
parent | cdce5fc8860982afa63bfa82f6a752972e7f7d19 (diff) | |
download | rails-2d5a12a50bcd83fcc99865de759b82e661b28698.tar.gz rails-2d5a12a50bcd83fcc99865de759b82e661b28698.tar.bz2 rails-2d5a12a50bcd83fcc99865de759b82e661b28698.zip |
Don't write out secure cookies unless the request is secure
Diffstat (limited to 'actionpack/test/dispatch/cookies_test.rb')
-rw-r--r-- | actionpack/test/dispatch/cookies_test.rb | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb index efdc1f5d93..faeae91f6b 100644 --- a/actionpack/test/dispatch/cookies_test.rb +++ b/actionpack/test/dispatch/cookies_test.rb @@ -135,11 +135,25 @@ class CookiesTest < ActionController::TestCase end def test_setting_cookie_with_secure + @request.env["HTTPS"] = "on" get :authenticate_with_secure assert_cookie_header "user_name=david; path=/; secure" assert_equal({"user_name" => "david"}, @response.cookies) end + def test_setting_cookie_with_secure_in_development + Rails.env.stubs(:development?).returns(true) + get :authenticate_with_secure + assert_cookie_header "user_name=david; path=/; secure" + assert_equal({"user_name" => "david"}, @response.cookies) + end + + def test_not_setting_cookie_with_secure + get :authenticate_with_secure + assert_not_cookie_header "user_name=david; path=/; secure" + assert_not_equal({"user_name" => "david"}, @response.cookies) + end + def test_multiple_cookies get :set_multiple_cookies assert_equal 2, @response.cookies.size @@ -286,4 +300,13 @@ class CookiesTest < ActionController::TestCase assert_equal expected.split("\n"), header end end + + def assert_not_cookie_header(expected) + header = @response.headers["Set-Cookie"] + if header.respond_to?(:to_str) + assert_not_equal expected.split("\n").sort, header.split("\n").sort + else + assert_not_equal expected.split("\n"), header + end + end end |