diff options
author | eileencodes <eileencodes@gmail.com> | 2015-09-01 04:20:32 -0400 |
---|---|---|
committer | eileencodes <eileencodes@gmail.com> | 2015-09-01 08:42:30 -0400 |
commit | 75a121a2c5470e2bfc7347567a8dc5f89b3812ca (patch) | |
tree | 4dd77673d13ad8efcb44e953d0a513802c1139a5 /actionpack/test | |
parent | 8ce0fdb5c412a5083dff3ecb863e86c1853651d7 (diff) | |
download | rails-75a121a2c5470e2bfc7347567a8dc5f89b3812ca.tar.gz rails-75a121a2c5470e2bfc7347567a8dc5f89b3812ca.tar.bz2 rails-75a121a2c5470e2bfc7347567a8dc5f89b3812ca.zip |
Fix bug where cookies mutated by request were not persisted
With changes made in 8363b8 and ae29142 cookies that are mutated on the
request like `cookies.signed = x` were not retained in subsequent tests,
breaking cookie authentiation in controller tests.
The test added demonstrates the issue.
The reason we need to select from non-deleted cookies is because without
checking the `@delete_cookies` the `cookie_jar` `@cookies` will send the
wrong cookies to be updated. The code must check for `@deleted_cookies`
before sending an `#update` with the requests cookie_jar cookies.
This follows how the cookie_jar cookies from the request were updated
before these changes.
Diffstat (limited to 'actionpack/test')
-rw-r--r-- | actionpack/test/dispatch/cookies_test.rb | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb index 3454e60697..e9b2fe3214 100644 --- a/actionpack/test/dispatch/cookies_test.rb +++ b/actionpack/test/dispatch/cookies_test.rb @@ -653,6 +653,15 @@ class CookiesTest < ActionController::TestCase end end + def test_cookie_jar_mutated_by_request_persists_on_future_requests + get :authenticate + cookie_jar = @request.cookie_jar + cookie_jar.signed[:user_id] = 123 + assert_equal ["user_name", "user_id"], @request.cookie_jar.instance_variable_get(:@cookies).keys + get :get_signed_cookie + assert_equal ["user_name", "user_id"], @request.cookie_jar.instance_variable_get(:@cookies).keys + end + def test_raises_argument_error_if_missing_secret assert_raise(ArgumentError, nil.inspect) { @request.env["action_dispatch.key_generator"] = ActiveSupport::LegacyKeyGenerator.new(nil) |