diff options
| author | Eugene Kenny <elkenny@gmail.com> | 2018-01-08 20:45:46 +0000 |
|---|---|---|
| committer | Eugene Kenny <elkenny@gmail.com> | 2018-01-08 20:45:46 +0000 |
| commit | d034f488f9c2d694bcad9950df0310ca869956e0 (patch) | |
| tree | dd42d7b15b986f25e6e8039b37f71ba6dc9b20cd /railties/test | |
| parent | 93e6a0ec55a93fbb20d301763b69029b71d49fe9 (diff) | |
| download | rails-d034f488f9c2d694bcad9950df0310ca869956e0.tar.gz rails-d034f488f9c2d694bcad9950df0310ca869956e0.tar.bz2 rails-d034f488f9c2d694bcad9950df0310ca869956e0.zip | |
Use SHA-1 for non-sensitive digests by default
Instead of providing a configuration option to set the hash function,
switch to SHA-1 for new apps and allow upgrading apps to opt in later
via `new_framework_defaults_5_2.rb`.
Diffstat (limited to 'railties/test')
| -rw-r--r-- | railties/test/application/configuration_test.rb | 20 | ||||
| -rw-r--r-- | railties/test/application/per_request_digest_cache_test.rb | 2 |
2 files changed, 15 insertions, 7 deletions
diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb index 437b1ded72..5f932f38db 100644 --- a/railties/test/application/configuration_test.rb +++ b/railties/test/application/configuration_test.rb @@ -1914,17 +1914,25 @@ module ApplicationTests assert_equal true, ActiveSupport::MessageEncryptor.use_authenticated_message_encryption end - test "config.active_support.hash_digest_class is Digest::MD5 by default" do + test "ActiveSupport::Digest.hash_digest_class is Digest::SHA1 by default for new apps" do + app "development" + + assert_equal Digest::SHA1, ActiveSupport::Digest.hash_digest_class + end + + test "ActiveSupport::Digest.hash_digest_class is Digest::MD5 by default for upgraded apps" do + remove_from_config '.*config\.load_defaults.*\n' + app "development" assert_equal Digest::MD5, ActiveSupport::Digest.hash_digest_class end - test "config.active_support.hash_digest_class can be configured" do - app_file "config/environments/development.rb", <<-RUBY - Rails.application.configure do - config.active_support.hash_digest_class = Digest::SHA1 - end + test "ActiveSupport::Digest.hash_digest_class can be configured via config.active_support.use_sha1_digests" do + remove_from_config '.*config\.load_defaults.*\n' + + app_file "config/initializers/new_framework_defaults_5_2.rb", <<-RUBY + Rails.application.config.active_support.use_sha1_digests = true RUBY app "development" diff --git a/railties/test/application/per_request_digest_cache_test.rb b/railties/test/application/per_request_digest_cache_test.rb index e9bc91785c..10d3313f6e 100644 --- a/railties/test/application/per_request_digest_cache_test.rb +++ b/railties/test/application/per_request_digest_cache_test.rb @@ -59,7 +59,7 @@ class PerRequestDigestCacheTest < ActiveSupport::TestCase assert_equal 200, last_response.status values = ActionView::LookupContext::DetailsKey.digest_caches.first.values - assert_equal [ "8ba099b7749542fe765ff34a6824d548" ], values + assert_equal [ "effc8928d0b33535c8a21d24ec617161" ], values assert_equal %w(david dingus), last_response.body.split.map(&:strip) end |