diff options
author | George Claghorn <george@basecamp.com> | 2018-07-15 20:12:53 -0400 |
---|---|---|
committer | George Claghorn <george@basecamp.com> | 2018-07-15 20:12:53 -0400 |
commit | 94f2558f6a5bd315334d1b57a9aeeef48abfea20 (patch) | |
tree | e5daf377d227b0472a6060dacd5610105e9c2331 /activestorage | |
parent | 390097531bd17369f05a23eba58c37b850ac95dd (diff) | |
download | rails-94f2558f6a5bd315334d1b57a9aeeef48abfea20.tar.gz rails-94f2558f6a5bd315334d1b57a9aeeef48abfea20.tar.bz2 rails-94f2558f6a5bd315334d1b57a9aeeef48abfea20.zip |
Restore inadvertently-removed fallback
Diffstat (limited to 'activestorage')
-rw-r--r-- | activestorage/app/controllers/active_storage/disk_controller.rb | 3 | ||||
-rw-r--r-- | activestorage/test/controllers/disk_controller_test.rb | 6 |
2 files changed, 8 insertions, 1 deletions
diff --git a/activestorage/app/controllers/active_storage/disk_controller.rb b/activestorage/app/controllers/active_storage/disk_controller.rb index 436cd0ccd8..75cc11d6ff 100644 --- a/activestorage/app/controllers/active_storage/disk_controller.rb +++ b/activestorage/app/controllers/active_storage/disk_controller.rb @@ -19,10 +19,11 @@ class ActiveStorage::DiskController < ActiveStorage::BaseController if token = decode_verified_token if acceptable_content?(token) disk_service.upload token[:key], request.body, checksum: token[:checksum] - head :no_content else head :unprocessable_entity end + else + head :not_found end rescue ActiveStorage::IntegrityError head :unprocessable_entity diff --git a/activestorage/test/controllers/disk_controller_test.rb b/activestorage/test/controllers/disk_controller_test.rb index 32b930730d..c053052f6f 100644 --- a/activestorage/test/controllers/disk_controller_test.rb +++ b/activestorage/test/controllers/disk_controller_test.rb @@ -67,4 +67,10 @@ class ActiveStorage::DiskControllerTest < ActionDispatch::IntegrationTest assert_response :unprocessable_entity assert_not blob.service.exist?(blob.key) end + + test "directly uploading blob with invalid token" do + put update_rails_disk_service_url(encoded_token: "invalid"), + params: "Something else entirely!", headers: { "Content-Type" => "text/plain" } + assert_response :not_found + end end |