diff options
author | Guillermo Iguaran <guilleiguaran@gmail.com> | 2015-01-28 00:00:17 -0500 |
---|---|---|
committer | Guillermo Iguaran <guilleiguaran@gmail.com> | 2015-01-28 00:00:17 -0500 |
commit | 36082a62048248c27cdd513c943ee94b716bd7f8 (patch) | |
tree | 517cb021abe0c0679a7c39acf11ed5d55d9a9c51 /actionpack | |
parent | 1fb9e6eff71eb84b6cb620282c15b7b89d8e70c1 (diff) | |
parent | 98277d1398fa55de25d0b50303ca12aaa061ab75 (diff) | |
download | rails-36082a62048248c27cdd513c943ee94b716bd7f8.tar.gz rails-36082a62048248c27cdd513c943ee94b716bd7f8.tar.bz2 rails-36082a62048248c27cdd513c943ee94b716bd7f8.zip |
Merge pull request #18666 from cheunghy/auth_check_nil
Fixed undefined method error when doing http basic authentication.
Diffstat (limited to 'actionpack')
-rw-r--r-- | actionpack/lib/action_controller/metal/http_authentication.rb | 4 | ||||
-rw-r--r-- | actionpack/test/controller/http_basic_authentication_test.rb | 7 |
2 files changed, 9 insertions, 2 deletions
diff --git a/actionpack/lib/action_controller/metal/http_authentication.rb b/actionpack/lib/action_controller/metal/http_authentication.rb index a219d35b25..20afcee537 100644 --- a/actionpack/lib/action_controller/metal/http_authentication.rb +++ b/actionpack/lib/action_controller/metal/http_authentication.rb @@ -106,11 +106,11 @@ module ActionController end def auth_scheme(request) - request.authorization.split(' ', 2).first + request.authorization.to_s.split(' ', 2).first end def auth_param(request) - request.authorization.split(' ', 2).second + request.authorization.to_s.split(' ', 2).second end def encode_credentials(user_name, password) diff --git a/actionpack/test/controller/http_basic_authentication_test.rb b/actionpack/test/controller/http_basic_authentication_test.rb index 9052fc6962..20962a90cb 100644 --- a/actionpack/test/controller/http_basic_authentication_test.rb +++ b/actionpack/test/controller/http_basic_authentication_test.rb @@ -83,6 +83,13 @@ class HttpBasicAuthenticationTest < ActionController::TestCase assert_response :unauthorized assert_equal "HTTP Basic: Access denied.\n", @response.body, "Authentication didn't fail for request header #{header} and long credentials" end + + test "unsuccessful authentication with #{header.downcase} and no credentials" do + get :show + + assert_response :unauthorized + assert_equal "HTTP Basic: Access denied.\n", @response.body, "Authentication didn't fail for request header #{header} and no credentials" + end end def test_encode_credentials_has_no_newline |