diff options
| author | Carlhuda <carlhuda@engineyard.com> | 2010-03-03 16:22:30 -0800 |
|---|---|---|
| committer | Carl Lerche <carllerche@mac.com> | 2010-03-03 21:24:00 -0800 |
| commit | 93422af5d5bc0285bd72cfb2fd9b59f6d64ba141 (patch) | |
| tree | 10416ad8d3ba611fb8fcb7191decb7580f126db2 /railties/test | |
| parent | 9a9caf646d020e33ccdeac0f9b114acec019b599 (diff) | |
| download | rails-93422af5d5bc0285bd72cfb2fd9b59f6d64ba141.tar.gz rails-93422af5d5bc0285bd72cfb2fd9b59f6d64ba141.tar.bz2 rails-93422af5d5bc0285bd72cfb2fd9b59f6d64ba141.zip | |
Move remote_ip to a middleware:
* ActionController::Base.ip_spoofing_check deprecated => config.action_dispatch.ip_spoofing_check
* ActionController::Base.trusted_proxies deprecated => config.action_dispatch.trusted_proxies
Diffstat (limited to 'railties/test')
| -rw-r--r-- | railties/test/application/middleware_stack_defaults_test.rb | 53 |
1 files changed, 53 insertions, 0 deletions
diff --git a/railties/test/application/middleware_stack_defaults_test.rb b/railties/test/application/middleware_stack_defaults_test.rb new file mode 100644 index 0000000000..94151a90da --- /dev/null +++ b/railties/test/application/middleware_stack_defaults_test.rb @@ -0,0 +1,53 @@ +require 'isolation/abstract_unit' + +class MiddlewareStackDefaultsTest < Test::Unit::TestCase + include ActiveSupport::Testing::Isolation + + def setup + boot_rails + require "rails" + require "action_controller/railtie" + + Object.const_set(:MyApplication, Class.new(Rails::Application)) + MyApplication.class_eval do + config.action_controller.session = { :key => "_myapp_session", :secret => "OMG A SEKRET" * 10 } + end + end + + def remote_ip(env = {}) + remote_ip = nil + env = Rack::MockRequest.env_for("/").merge(env).merge('action_dispatch.show_exceptions' => false) + + endpoint = Proc.new do |e| + remote_ip = ActionDispatch::Request.new(e).remote_ip + [200, {}, ["Hello"]] + end + + out = MyApplication.middleware.build(endpoint).call(env) + remote_ip + end + + test "remote_ip works" do + assert_equal "1.1.1.1", remote_ip("REMOTE_ADDR" => "1.1.1.1") + end + + test "checks IP spoofing by default" do + assert_raises(ActionDispatch::RemoteIp::IpSpoofAttackError) do + remote_ip("HTTP_X_FORWARDED_FOR" => "1.1.1.1", "HTTP_CLIENT_IP" => "1.1.1.2") + end + end + + test "can disable IP spoofing check" do + MyApplication.config.action_dispatch.ip_spoofing_check = false + + assert_nothing_raised(ActionDispatch::RemoteIp::IpSpoofAttackError) do + assert_equal "1.1.1.2", remote_ip("HTTP_X_FORWARDED_FOR" => "1.1.1.1", "HTTP_CLIENT_IP" => "1.1.1.2") + end + end + + test "the user can set trusted proxies" do + MyApplication.config.action_dispatch.trusted_proxies = /^4\.2\.42\.42$/ + + assert_equal "1.1.1.1", remote_ip("REMOTE_ADDR" => "4.2.42.42,1.1.1.1") + end +end |