Move test for #22828 into it's own test

The `cookies` hash isn't updated with the value generated by the output
from `to_header` so it wasn't testing anything. Rendering the cookie
value in the controller makes sure that the escaping is actually working.

0 files changed, 0 insertions, 0 deletions