diff options
author | Jordan Owens <jkowens@gmail.com> | 2016-01-12 14:05:54 -0500 |
---|---|---|
committer | Jordan Owens <jkowens@gmail.com> | 2016-01-12 14:05:54 -0500 |
commit | 918f0eea970c9f0d39b8d470a316ad5109935dae (patch) | |
tree | ce831158a47a0c8cf3e0cc82c1536ac4eb5c4b63 /actionpack/test/dispatch/static_test.rb | |
parent | 15299f3a5c0e068b4945bdb8199755100dc91e13 (diff) | |
download | rails-918f0eea970c9f0d39b8d470a316ad5109935dae.tar.gz rails-918f0eea970c9f0d39b8d470a316ad5109935dae.tar.bz2 rails-918f0eea970c9f0d39b8d470a316ad5109935dae.zip |
Prevent attempt to serve a request with a null byte
File paths cannot contain null byte characters and methods that do path
operations such as Rack::Utils#clean_path_info will raise unwanted
errors.
Diffstat (limited to 'actionpack/test/dispatch/static_test.rb')
-rw-r--r-- | actionpack/test/dispatch/static_test.rb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/actionpack/test/dispatch/static_test.rb b/actionpack/test/dispatch/static_test.rb index 1da57ab50b..ea8b5e904e 100644 --- a/actionpack/test/dispatch/static_test.rb +++ b/actionpack/test/dispatch/static_test.rb @@ -40,6 +40,10 @@ module StaticTests assert_equal "Hello, World!", get("/doorkeeper%E3E4".force_encoding('ASCII-8BIT')).body end + def test_handles_urls_with_null_byte + assert_equal "Hello, World!", get("/doorkeeper%00").body + end + def test_sets_cache_control app = assert_deprecated do ActionDispatch::Static.new(DummyApp, @root, "public, max-age=60") |