aboutsummaryrefslogtreecommitdiffstats
path: root/railties/test/application/configuration_test.rb
diff options
context:
space:
mode:
authorwycats <wycats@gmail.com>2010-03-26 15:10:24 -0700
committerwycats <wycats@gmail.com>2010-03-26 15:10:24 -0700
commit197904341f2b2f21d69c653cede3aec124e86720 (patch)
tree83f1234e238016126860a929594db22e1862d783 /railties/test/application/configuration_test.rb
parent76d2c455c0607b4cd5f238cadef8f933a18567fb (diff)
parentb3a0aed028835ce4551c4a76742744a40a71b0be (diff)
downloadrails-197904341f2b2f21d69c653cede3aec124e86720.tar.gz
rails-197904341f2b2f21d69c653cede3aec124e86720.tar.bz2
rails-197904341f2b2f21d69c653cede3aec124e86720.zip
Merge branch 'master' into docrails
Diffstat (limited to 'railties/test/application/configuration_test.rb')
-rw-r--r--railties/test/application/configuration_test.rb27
1 files changed, 27 insertions, 0 deletions
diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb
index 54cd751f4e..1b6c657d6d 100644
--- a/railties/test/application/configuration_test.rb
+++ b/railties/test/application/configuration_test.rb
@@ -228,5 +228,32 @@ module ApplicationTests
get "/"
assert_equal File.expand_path(__FILE__), last_response.headers["X-Lighttpd-Send-File"]
end
+
+ test "protect from forgery is the default in a new app" do
+ require "rails"
+ require "action_controller/railtie"
+
+ class MyApp < Rails::Application
+ config.session_store :disabled
+
+ routes.draw do
+ match "/" => "omg#index"
+ end
+
+ class ::OmgController < ActionController::Base
+ protect_from_forgery
+
+ def index
+ render :inline => "<%= csrf_meta_tag %>"
+ end
+ end
+ end
+
+ require 'rack/test'
+ extend Rack::Test::Methods
+
+ get "/"
+ assert last_response.body =~ /csrf\-param/
+ end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-17 12:27:07 +0000