diff options
| author | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2012-03-16 23:22:25 -0300 |
|---|---|---|
| committer | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2012-03-17 13:36:35 -0300 |
| commit | 9ec63eb0491a1b72381833478398c369ab48019a (patch) | |
| tree | 1e332676a3d7e9163fb5a4e003fd121a7fadb600 /actionpack/test/dispatch/ssl_test.rb | |
| parent | 6ce54d4ba8c220a84e55e7dd798d364c3f48d9f7 (diff) | |
| download | rails-9ec63eb0491a1b72381833478398c369ab48019a.tar.gz rails-9ec63eb0491a1b72381833478398c369ab48019a.tar.bz2 rails-9ec63eb0491a1b72381833478398c369ab48019a.zip | |
Rack::SSL -> ActionDispatch::SSL
Diffstat (limited to 'actionpack/test/dispatch/ssl_test.rb')
| -rw-r--r-- | actionpack/test/dispatch/ssl_test.rb | 149 |
1 files changed, 149 insertions, 0 deletions
diff --git a/actionpack/test/dispatch/ssl_test.rb b/actionpack/test/dispatch/ssl_test.rb new file mode 100644 index 0000000000..187ed53d9f --- /dev/null +++ b/actionpack/test/dispatch/ssl_test.rb @@ -0,0 +1,149 @@ +require 'abstract_unit' + +class SSLTest < ActionDispatch::IntegrationTest + def default_app + lambda { |env| + headers = {'Content-Type' => "text/html"} + headers['Set-Cookie'] = "id=1; path=/\ntoken=abc; path=/; secure; HttpOnly" + [200, headers, ["OK"]] + } + end + + def app + @app ||= ActionDispatch::SSL.new(default_app) + end + attr_writer :app + + def test_allows_https_url + get "https://example.org/path?key=value" + assert_response :success + end + + def test_allows_https_proxy_header_url + get "http://example.org/", {}, 'HTTP_X_FORWARDED_PROTO' => "https" + assert_response :success + end + + def test_redirects_http_to_https + get "http://example.org/path?key=value" + assert_response :redirect + assert_equal "https://example.org/path?key=value", + response.headers['Location'] + end + + def test_exclude_from_redirect + self.app = ActionDispatch::SSL.new(default_app, :exclude => lambda { |env| true }) + get "http://example.org/" + assert_response :success + end + + def test_hsts_header_by_default + get "https://example.org/" + assert_equal "max-age=31536000", + response.headers['Strict-Transport-Security'] + end + + def test_hsts_header + self.app = ActionDispatch::SSL.new(default_app, :hsts => true) + get "https://example.org/" + assert_equal "max-age=31536000", + response.headers['Strict-Transport-Security'] + end + + def test_disable_hsts_header + self.app = ActionDispatch::SSL.new(default_app, :hsts => false) + get "https://example.org/" + refute response.headers['Strict-Transport-Security'] + end + + def test_hsts_expires + self.app = ActionDispatch::SSL.new(default_app, :hsts => { :expires => 500 }) + get "https://example.org/" + assert_equal "max-age=500", + response.headers['Strict-Transport-Security'] + end + + def test_hsts_include_subdomains + self.app = ActionDispatch::SSL.new(default_app, :hsts => { :subdomains => true }) + get "https://example.org/" + assert_equal "max-age=31536000; includeSubDomains", + response.headers['Strict-Transport-Security'] + end + + def test_flag_cookies_as_secure + get "https://example.org/" + assert_equal ["id=1; path=/; secure", "token=abc; path=/; secure; HttpOnly" ], + response.headers['Set-Cookie'].split("\n") + end + + def test_flag_cookies_as_secure_at_end_of_line + self.app = ActionDispatch::SSL.new(lambda { |env| + headers = { + 'Content-Type' => "text/html", + 'Set-Cookie' => "problem=def; path=/; HttpOnly; secure" + } + [200, headers, ["OK"]] + }) + + get "https://example.org/" + assert_equal ["problem=def; path=/; HttpOnly; secure"], + response.headers['Set-Cookie'].split("\n") + end + + def test_legacy_array_headers + self.app = ActionDispatch::SSL.new(lambda { |env| + headers = { + 'Content-Type' => "text/html", + 'Set-Cookie' => ["id=1; path=/", "token=abc; path=/; HttpOnly"] + } + [200, headers, ["OK"]] + }) + + get "https://example.org/" + assert_equal ["id=1; path=/; secure", "token=abc; path=/; HttpOnly; secure"], + response.headers['Set-Cookie'].split("\n") + end + + def test_no_cookies + self.app = ActionDispatch::SSL.new(lambda { |env| + [200, {'Content-Type' => "text/html"}, ["OK"]] + }) + get "https://example.org/" + assert !response.headers['Set-Cookie'] + end + + def test_redirect_to_host + self.app = ActionDispatch::SSL.new(default_app, :host => "ssl.example.org") + get "http://example.org/path?key=value" + assert_equal "https://ssl.example.org/path?key=value", + response.headers['Location'] + end + + def test_redirect_to_port + self.app = ActionDispatch::SSL.new(default_app, :port => 8443) + get "http://example.org/path?key=value" + assert_equal "https://example.org:8443/path?key=value", + response.headers['Location'] + end + + def test_redirect_to_host_and_port + self.app = ActionDispatch::SSL.new(default_app, :host => "ssl.example.org", :port => 8443) + get "http://example.org/path?key=value" + assert_equal "https://ssl.example.org:8443/path?key=value", + response.headers['Location'] + end + + def test_redirect_to_secure_host_when_on_subdomain + self.app = ActionDispatch::SSL.new(default_app, :host => "ssl.example.org") + get "http://ssl.example.org/path?key=value" + assert_equal "https://ssl.example.org/path?key=value", + response.headers['Location'] + end + + def test_redirect_to_secure_subdomain_when_on_deep_subdomain + self.app = ActionDispatch::SSL.new(default_app, :host => "example.co.uk") + get "http://double.rainbow.what.does.it.mean.example.co.uk/path?key=value" + assert_equal "https://example.co.uk/path?key=value", + response.headers['Location'] + end +end |