diff options
-rw-r--r-- | lib/action_cable/connection/base.rb | 3 | ||||
-rw-r--r-- | test/connection/authorization_test.rb | 12 |
2 files changed, 12 insertions, 3 deletions
diff --git a/lib/action_cable/connection/base.rb b/lib/action_cable/connection/base.rb index a629f29643..ac45124a28 100644 --- a/lib/action_cable/connection/base.rb +++ b/lib/action_cable/connection/base.rb @@ -151,7 +151,6 @@ module ActionCable server.add_connection(self) rescue ActionCable::Connection::Authorization::UnauthorizedError respond_to_invalid_request - close end def on_message(message) @@ -186,6 +185,8 @@ module ActionCable end def respond_to_invalid_request + close if websocket.alive? + logger.info finished_request_message [ 404, { 'Content-Type' => 'text/plain' }, [ 'Page not found' ] ] end diff --git a/test/connection/authorization_test.rb b/test/connection/authorization_test.rb index 762c90fbbc..68668b2835 100644 --- a/test/connection/authorization_test.rb +++ b/test/connection/authorization_test.rb @@ -8,17 +8,25 @@ class ActionCable::Connection::AuthorizationTest < ActionCable::TestCase def connect reject_unauthorized_connection end + + def send_async(method, *args) + # Bypass Celluloid + send method, *args + end end test "unauthorized connection" do run_in_eventmachine do server = TestServer.new - env = Rack::MockRequest.env_for "/test", 'HTTP_CONNECTION' => 'upgrade', 'HTTP_UPGRADE' => 'websocket' + server.config.allowed_request_origins = %w( http://rubyonrails.com ) + + env = Rack::MockRequest.env_for "/test", 'HTTP_CONNECTION' => 'upgrade', 'HTTP_UPGRADE' => 'websocket', + 'HTTP_ORIGIN' => 'http://rubyonrails.com' connection = Connection.new(server, env) connection.websocket.expects(:close) + connection.process - connection.send :on_open end end end |