aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/dispatch
diff options
context:
space:
mode:
authorTim Rogers <tim@gocardless.com>2015-12-24 17:39:09 +0000
committerTim Rogers <tim@gocardless.com>2015-12-29 13:07:51 +0000
commit32b1c90837570a69841e9ffccff513c74fb7a308 (patch)
treefe573189f19ecb5dc8e79b4462f264dce62313de /actionpack/test/dispatch
parent468df261f8a123dec1d36b22136476ae3660e1fa (diff)
downloadrails-32b1c90837570a69841e9ffccff513c74fb7a308.tar.gz
rails-32b1c90837570a69841e9ffccff513c74fb7a308.tar.bz2
rails-32b1c90837570a69841e9ffccff513c74fb7a308.zip
Flexible configuration for ActionDispatch::SSL
Diffstat (limited to 'actionpack/test/dispatch')
-rw-r--r--actionpack/test/dispatch/ssl_test.rb45
1 files changed, 30 insertions, 15 deletions
diff --git a/actionpack/test/dispatch/ssl_test.rb b/actionpack/test/dispatch/ssl_test.rb
index 7a5b8393dc..11251c86e7 100644
--- a/actionpack/test/dispatch/ssl_test.rb
+++ b/actionpack/test/dispatch/ssl_test.rb
@@ -12,25 +12,31 @@ class SSLTest < ActionDispatch::IntegrationTest
end
class RedirectSSLTest < SSLTest
- def assert_not_redirected(url, headers: {})
- self.app = build_app
+
+ def assert_not_redirected(url, headers: {}, redirect: {}, deprecated_host: nil,
+ deprecated_port: nil)
+
+ self.app = build_app ssl_options: { redirect: redirect,
+ host: deprecated_host, port: deprecated_port
+ }
+
get url, headers: headers
assert_response :ok
end
- def assert_redirected(host: nil, port: nil, status: 301, body: [],
- deprecated_host: nil, deprecated_port: nil,
+ def assert_redirected(redirect: {}, deprecated_host: nil, deprecated_port: nil,
from: 'http://a/b?c=d', to: from.sub('http', 'https'))
- self.app = build_app ssl_options: {
- redirect: { host: host, port: port, status: status, body: body },
+ redirect = { status: 301, body: [] }.merge(redirect)
+
+ self.app = build_app ssl_options: { redirect: redirect,
host: deprecated_host, port: deprecated_port
}
get from
- assert_response status
+ assert_response redirect[:status] || 301
assert_redirected_to to
- assert_equal body.join, @response.body
+ assert_equal redirect[:body].join, @response.body
end
test 'https is not redirected' do
@@ -46,31 +52,31 @@ class RedirectSSLTest < SSLTest
end
test 'redirect with non-301 status' do
- assert_redirected status: 307
+ assert_redirected redirect: { status: 307 }
end
test 'redirect with custom body' do
- assert_redirected body: ['foo']
+ assert_redirected redirect: { body: ['foo'] }
end
test 'redirect to specific host' do
- assert_redirected host: 'ssl', to: 'https://ssl/b?c=d'
+ assert_redirected redirect: { host: 'ssl' }, to: 'https://ssl/b?c=d'
end
test 'redirect to default port' do
- assert_redirected port: 443
+ assert_redirected redirect: { port: 443 }
end
test 'redirect to non-default port' do
- assert_redirected port: 8443, to: 'https://a:8443/b?c=d'
+ assert_redirected redirect: { port: 8443 }, to: 'https://a:8443/b?c=d'
end
test 'redirect to different host and non-default port' do
- assert_redirected host: 'ssl', port: 8443, to: 'https://ssl:8443/b?c=d'
+ assert_redirected redirect: { host: 'ssl', port: 8443 }, to: 'https://ssl:8443/b?c=d'
end
test 'redirect to different host including port' do
- assert_redirected host: 'ssl:443', to: 'https://ssl:443/b?c=d'
+ assert_redirected redirect: { host: 'ssl:443' }, to: 'https://ssl:443/b?c=d'
end
test ':host is deprecated, moved within redirect: { host: … }' do
@@ -84,6 +90,10 @@ class RedirectSSLTest < SSLTest
assert_redirected deprecated_port: 1, to: 'https://a:1/b?c=d'
end
end
+
+ test 'no redirect with redirect set to false' do
+ assert_not_redirected 'http://example.org', redirect: false
+ end
end
class StrictTransportSecurityTest < SSLTest
@@ -187,6 +197,11 @@ class SecureCookiesTest < SSLTest
assert_cookies 'problem=def; path=/; Secure; HttpOnly'
end
+ def test_cookies_as_not_secure_with_secure_cookies_disabled
+ get headers: { 'Set-Cookie' => DEFAULT }, ssl_options: { secure_cookies: false }
+ assert_cookies *DEFAULT.split("\n")
+ end
+
def test_no_cookies
get
assert_nil response.headers['Set-Cookie']