diff options
Diffstat (limited to 'actionpack/test/controller/request_test.rb')
-rw-r--r-- | actionpack/test/controller/request_test.rb | 219 |
1 files changed, 88 insertions, 131 deletions
diff --git a/actionpack/test/controller/request_test.rb b/actionpack/test/controller/request_test.rb index 932c0e21a1..045dab4141 100644 --- a/actionpack/test/controller/request_test.rb +++ b/actionpack/test/controller/request_test.rb @@ -3,64 +3,69 @@ require 'action_controller/integration' class RequestTest < Test::Unit::TestCase def setup + ActionController::Base.relative_url_root = nil @request = ActionController::TestRequest.new end + def teardown + ActionController::Base.relative_url_root = nil + end + def test_remote_ip assert_equal '0.0.0.0', @request.remote_ip @request.remote_addr = '1.2.3.4' - assert_equal '1.2.3.4', @request.remote_ip + assert_equal '1.2.3.4', @request.remote_ip(true) @request.env['HTTP_CLIENT_IP'] = '2.3.4.5' - assert_equal '1.2.3.4', @request.remote_ip + assert_equal '1.2.3.4', @request.remote_ip(true) @request.remote_addr = '192.168.0.1' - assert_equal '2.3.4.5', @request.remote_ip + assert_equal '2.3.4.5', @request.remote_ip(true) @request.env.delete 'HTTP_CLIENT_IP' @request.remote_addr = '1.2.3.4' @request.env['HTTP_X_FORWARDED_FOR'] = '3.4.5.6' - assert_equal '1.2.3.4', @request.remote_ip + assert_equal '1.2.3.4', @request.remote_ip(true) @request.remote_addr = '127.0.0.1' @request.env['HTTP_X_FORWARDED_FOR'] = '3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip + assert_equal '3.4.5.6', @request.remote_ip(true) @request.env['HTTP_X_FORWARDED_FOR'] = 'unknown,3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip + assert_equal '3.4.5.6', @request.remote_ip(true) @request.env['HTTP_X_FORWARDED_FOR'] = '172.16.0.1,3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip + assert_equal '3.4.5.6', @request.remote_ip(true) @request.env['HTTP_X_FORWARDED_FOR'] = '192.168.0.1,3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip + assert_equal '3.4.5.6', @request.remote_ip(true) @request.env['HTTP_X_FORWARDED_FOR'] = '10.0.0.1,3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip - + assert_equal '3.4.5.6', @request.remote_ip(true) + @request.env['HTTP_X_FORWARDED_FOR'] = '10.0.0.1, 10.0.0.1, 3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip + assert_equal '3.4.5.6', @request.remote_ip(true) @request.env['HTTP_X_FORWARDED_FOR'] = '127.0.0.1,3.4.5.6' - assert_equal '3.4.5.6', @request.remote_ip + assert_equal '3.4.5.6', @request.remote_ip(true) @request.env['HTTP_X_FORWARDED_FOR'] = 'unknown,192.168.0.1' - assert_equal 'unknown', @request.remote_ip + assert_equal 'unknown', @request.remote_ip(true) @request.env['HTTP_X_FORWARDED_FOR'] = '9.9.9.9, 3.4.5.6, 10.0.0.1, 172.31.4.4' - assert_equal '3.4.5.6', @request.remote_ip + assert_equal '3.4.5.6', @request.remote_ip(true) @request.env['HTTP_CLIENT_IP'] = '8.8.8.8' e = assert_raises(ActionController::ActionControllerError) { - @request.remote_ip + @request.remote_ip(true) } assert_match /IP spoofing attack/, e.message assert_match /HTTP_X_FORWARDED_FOR="9.9.9.9, 3.4.5.6, 10.0.0.1, 172.31.4.4"/, e.message assert_match /HTTP_CLIENT_IP="8.8.8.8"/, e.message @request.env['HTTP_X_FORWARDED_FOR'] = '8.8.8.8, 9.9.9.9' - assert_equal '8.8.8.8', @request.remote_ip + assert_equal '8.8.8.8', @request.remote_ip(true) @request.env.delete 'HTTP_CLIENT_IP' @request.env.delete 'HTTP_X_FORWARDED_FOR' @@ -120,169 +125,118 @@ class RequestTest < Test::Unit::TestCase assert_equal ":8080", @request.port_string end - def test_relative_url_root - @request.env['SCRIPT_NAME'] = "/hieraki/dispatch.cgi" - @request.env['SERVER_SOFTWARE'] = 'lighttpd/1.2.3' - assert_equal '', @request.relative_url_root, "relative_url_root should be disabled on lighttpd" - - @request.env['SERVER_SOFTWARE'] = 'apache/1.2.3 some random text' - - @request.env['SCRIPT_NAME'] = nil - assert_equal "", @request.relative_url_root - - @request.env['SCRIPT_NAME'] = "/dispatch.cgi" - assert_equal "", @request.relative_url_root - - @request.env['SCRIPT_NAME'] = "/myapp.rb" - assert_equal "", @request.relative_url_root - - @request.relative_url_root = nil - @request.env['SCRIPT_NAME'] = "/hieraki/dispatch.cgi" - assert_equal "/hieraki", @request.relative_url_root - - @request.relative_url_root = nil - @request.env['SCRIPT_NAME'] = "/collaboration/hieraki/dispatch.cgi" - assert_equal "/collaboration/hieraki", @request.relative_url_root - - # apache/scgi case - @request.relative_url_root = nil - @request.env['SCRIPT_NAME'] = "/collaboration/hieraki" - assert_equal "/collaboration/hieraki", @request.relative_url_root - - @request.relative_url_root = nil - @request.env['SCRIPT_NAME'] = "/hieraki/dispatch.cgi" - @request.env['SERVER_SOFTWARE'] = 'lighttpd/1.2.3' - @request.env['RAILS_RELATIVE_URL_ROOT'] = "/hieraki" - assert_equal "/hieraki", @request.relative_url_root - - # @env overrides path guess - @request.relative_url_root = nil - @request.env['SCRIPT_NAME'] = "/hieraki/dispatch.cgi" - @request.env['SERVER_SOFTWARE'] = 'apache/1.2.3 some random text' - @request.env['RAILS_RELATIVE_URL_ROOT'] = "/real_url" - assert_equal "/real_url", @request.relative_url_root - end - def test_request_uri @request.env['SERVER_SOFTWARE'] = 'Apache 42.342.3432' - @request.relative_url_root = nil @request.set_REQUEST_URI "http://www.rubyonrails.org/path/of/some/uri?mapped=1" assert_equal "/path/of/some/uri?mapped=1", @request.request_uri assert_equal "/path/of/some/uri", @request.path - @request.relative_url_root = nil @request.set_REQUEST_URI "http://www.rubyonrails.org/path/of/some/uri" assert_equal "/path/of/some/uri", @request.request_uri assert_equal "/path/of/some/uri", @request.path - @request.relative_url_root = nil @request.set_REQUEST_URI "/path/of/some/uri" assert_equal "/path/of/some/uri", @request.request_uri assert_equal "/path/of/some/uri", @request.path - @request.relative_url_root = nil @request.set_REQUEST_URI "/" assert_equal "/", @request.request_uri assert_equal "/", @request.path - @request.relative_url_root = nil @request.set_REQUEST_URI "/?m=b" assert_equal "/?m=b", @request.request_uri assert_equal "/", @request.path - @request.relative_url_root = nil @request.set_REQUEST_URI "/" @request.env['SCRIPT_NAME'] = "/dispatch.cgi" assert_equal "/", @request.request_uri assert_equal "/", @request.path - @request.relative_url_root = nil + ActionController::Base.relative_url_root = "/hieraki" @request.set_REQUEST_URI "/hieraki/" @request.env['SCRIPT_NAME'] = "/hieraki/dispatch.cgi" assert_equal "/hieraki/", @request.request_uri assert_equal "/", @request.path + ActionController::Base.relative_url_root = nil - @request.relative_url_root = nil + ActionController::Base.relative_url_root = "/collaboration/hieraki" @request.set_REQUEST_URI "/collaboration/hieraki/books/edit/2" @request.env['SCRIPT_NAME'] = "/collaboration/hieraki/dispatch.cgi" assert_equal "/collaboration/hieraki/books/edit/2", @request.request_uri assert_equal "/books/edit/2", @request.path + ActionController::Base.relative_url_root = nil # The following tests are for when REQUEST_URI is not supplied (as in IIS) - @request.relative_url_root = nil - @request.set_REQUEST_URI nil @request.env['PATH_INFO'] = "/path/of/some/uri?mapped=1" @request.env['SCRIPT_NAME'] = nil #"/path/dispatch.rb" + @request.set_REQUEST_URI nil assert_equal "/path/of/some/uri?mapped=1", @request.request_uri assert_equal "/path/of/some/uri", @request.path - @request.set_REQUEST_URI nil - @request.relative_url_root = nil + ActionController::Base.relative_url_root = '/path' @request.env['PATH_INFO'] = "/path/of/some/uri?mapped=1" @request.env['SCRIPT_NAME'] = "/path/dispatch.rb" - assert_equal "/path/of/some/uri?mapped=1", @request.request_uri - assert_equal "/of/some/uri", @request.path - @request.set_REQUEST_URI nil - @request.relative_url_root = nil + assert_equal "/path/of/some/uri?mapped=1", @request.request_uri(true) + assert_equal "/of/some/uri", @request.path(true) + ActionController::Base.relative_url_root = nil + @request.env['PATH_INFO'] = "/path/of/some/uri" @request.env['SCRIPT_NAME'] = nil + @request.set_REQUEST_URI nil assert_equal "/path/of/some/uri", @request.request_uri assert_equal "/path/of/some/uri", @request.path - @request.set_REQUEST_URI nil - @request.relative_url_root = nil @request.env['PATH_INFO'] = "/" + @request.set_REQUEST_URI nil assert_equal "/", @request.request_uri assert_equal "/", @request.path - @request.set_REQUEST_URI nil - @request.relative_url_root = nil @request.env['PATH_INFO'] = "/?m=b" + @request.set_REQUEST_URI nil assert_equal "/?m=b", @request.request_uri assert_equal "/", @request.path - @request.set_REQUEST_URI nil - @request.relative_url_root = nil @request.env['PATH_INFO'] = "/" @request.env['SCRIPT_NAME'] = "/dispatch.cgi" + @request.set_REQUEST_URI nil assert_equal "/", @request.request_uri assert_equal "/", @request.path - @request.set_REQUEST_URI nil - @request.relative_url_root = nil + ActionController::Base.relative_url_root = '/hieraki' @request.env['PATH_INFO'] = "/hieraki/" @request.env['SCRIPT_NAME'] = "/hieraki/dispatch.cgi" + @request.set_REQUEST_URI nil assert_equal "/hieraki/", @request.request_uri assert_equal "/", @request.path + ActionController::Base.relative_url_root = nil @request.set_REQUEST_URI '/hieraki/dispatch.cgi' - @request.relative_url_root = '/hieraki' - assert_equal "/dispatch.cgi", @request.path - @request.relative_url_root = nil + ActionController::Base.relative_url_root = '/hieraki' + assert_equal "/dispatch.cgi", @request.path(true) + ActionController::Base.relative_url_root = nil @request.set_REQUEST_URI '/hieraki/dispatch.cgi' - @request.relative_url_root = '/foo' - assert_equal "/hieraki/dispatch.cgi", @request.path - @request.relative_url_root = nil + ActionController::Base.relative_url_root = '/foo' + assert_equal "/hieraki/dispatch.cgi", @request.path(true) + ActionController::Base.relative_url_root = nil # This test ensures that Rails uses REQUEST_URI over PATH_INFO - @request.relative_url_root = nil + ActionController::Base.relative_url_root = nil @request.env['REQUEST_URI'] = "/some/path" @request.env['PATH_INFO'] = "/another/path" @request.env['SCRIPT_NAME'] = "/dispatch.cgi" - assert_equal "/some/path", @request.request_uri - assert_equal "/some/path", @request.path + assert_equal "/some/path", @request.request_uri(true) + assert_equal "/some/path", @request.path(true) end - def test_host_with_default_port @request.host = "rubyonrails.org" @request.port = 80 assert_equal "rubyonrails.org", @request.host_with_port end - + def test_host_with_non_default_port @request.host = "rubyonrails.org" @request.port = 81 @@ -290,13 +244,13 @@ class RequestTest < Test::Unit::TestCase end def test_server_software - assert_equal nil, @request.server_software + assert_equal nil, @request.server_software(true) @request.env['SERVER_SOFTWARE'] = 'Apache3.422' - assert_equal 'apache', @request.server_software + assert_equal 'apache', @request.server_software(true) @request.env['SERVER_SOFTWARE'] = 'lighttpd(1.1.4)' - assert_equal 'lighttpd', @request.server_software + assert_equal 'lighttpd', @request.server_software(true) end def test_xml_http_request @@ -326,44 +280,44 @@ class RequestTest < Test::Unit::TestCase def test_symbolized_request_methods [:get, :post, :put, :delete].each do |method| - set_request_method_to method + self.request_method = method assert_equal method, @request.method end end def test_invalid_http_method_raises_exception - set_request_method_to :random_method assert_raises(ActionController::UnknownHttpMethod) do - @request.method + self.request_method = :random_method end end def test_allow_method_hacking_on_post - set_request_method_to :post + self.request_method = :post [:get, :head, :options, :put, :post, :delete].each do |method| - @request.instance_eval { @parameters = { :_method => method } ; @request_method = nil } + @request.instance_eval { @parameters = { :_method => method.to_s } ; @request_method = nil } + @request.request_method(true) assert_equal(method == :head ? :get : method, @request.method) end end def test_invalid_method_hacking_on_post_raises_exception - set_request_method_to :post + self.request_method = :post @request.instance_eval { @parameters = { :_method => :random_method } ; @request_method = nil } assert_raises(ActionController::UnknownHttpMethod) do - @request.method + @request.request_method(true) end end def test_restrict_method_hacking @request.instance_eval { @parameters = { :_method => 'put' } } [:get, :put, :delete].each do |method| - set_request_method_to method + self.request_method = method assert_equal method, @request.method end end - def test_head_masquarading_as_get - set_request_method_to :head + def test_head_masquerading_as_get + self.request_method = :head assert_equal :get, @request.method assert @request.get? assert @request.head? @@ -385,9 +339,16 @@ class RequestTest < Test::Unit::TestCase end def test_nil_format - @request.instance_eval { @parameters = { :format => nil } } + ActionController::Base.use_accept_header, old = + false, ActionController::Base.use_accept_header + + @request.instance_eval { @parameters = {} } @request.env["HTTP_X_REQUESTED_WITH"] = "XMLHttpRequest" + assert @request.xhr? assert_equal Mime::JS, @request.format + + ensure + ActionController::Base.use_accept_header = old end def test_content_type @@ -415,28 +376,27 @@ class RequestTest < Test::Unit::TestCase @request.env["CONTENT_TYPE"] = "application/xml; charset=UTF-8" assert_equal Mime::XML, @request.content_type end - + def test_user_agent assert_not_nil @request.user_agent end - + def test_parameters @request.instance_eval { @request_parameters = { "foo" => 1 } } @request.instance_eval { @query_parameters = { "bar" => 2 } } - + assert_equal({"foo" => 1, "bar" => 2}, @request.parameters) assert_equal({"foo" => 1}, @request.request_parameters) assert_equal({"bar" => 2}, @request.query_parameters) end protected - def set_request_method_to(method) + def request_method=(method) @request.env['REQUEST_METHOD'] = method.to_s.upcase - @request.instance_eval { @request_method = nil } + @request.request_method(true) end end - class UrlEncodedRequestParameterParsingTest < Test::Unit::TestCase def setup @query_string = "action=create_customer&full_name=David%20Heinemeier%20Hansson&customerId=1" @@ -548,7 +508,6 @@ class UrlEncodedRequestParameterParsingTest < Test::Unit::TestCase ) end - def test_request_hash_parsing query = { "note[viewers][viewer][][type]" => ["User", "Group"], @@ -560,7 +519,6 @@ class UrlEncodedRequestParameterParsingTest < Test::Unit::TestCase assert_equal(expected, ActionController::AbstractRequest.parse_request_parameters(query)) end - def test_parse_params input = { "customers[boston][first][name]" => [ "David" ], @@ -743,7 +701,6 @@ class UrlEncodedRequestParameterParsingTest < Test::Unit::TestCase end end - class MultipartRequestParameterParsingTest < Test::Unit::TestCase FIXTURE_PATH = File.dirname(__FILE__) + '/../fixtures/multipart' @@ -774,19 +731,19 @@ class MultipartRequestParameterParsingTest < Test::Unit::TestCase file = params['file'] foo = params['foo'] - + if RUBY_VERSION > '1.9' assert_kind_of File, file else assert_kind_of Tempfile, file end - + assert_equal 'file.txt', file.original_filename assert_equal "text/plain", file.content_type - + assert_equal 'bar', foo end - + def test_large_text_file params = process('large_text_file') assert_equal %w(file foo), params.keys.sort @@ -891,20 +848,20 @@ class XmlParamsParsingTest < Test::Unit::TestCase private def parse_body(body) - env = { 'CONTENT_TYPE' => 'application/xml', + env = { 'rack.input' => StringIO.new(body), + 'CONTENT_TYPE' => 'application/xml', 'CONTENT_LENGTH' => body.size.to_s } - cgi = ActionController::Integration::Session::StubCGI.new(env, body) - ActionController::CgiRequest.new(cgi).request_parameters + ActionController::RackRequest.new(env).request_parameters end end class LegacyXmlParamsParsingTest < XmlParamsParsingTest private def parse_body(body) - env = { 'HTTP_X_POST_DATA_FORMAT' => 'xml', - 'CONTENT_LENGTH' => body.size.to_s } - cgi = ActionController::Integration::Session::StubCGI.new(env, body) - ActionController::CgiRequest.new(cgi).request_parameters + env = { 'rack.input' => StringIO.new(body), + 'HTTP_X_POST_DATA_FORMAT' => 'xml', + 'CONTENT_LENGTH' => body.size.to_s } + ActionController::RackRequest.new(env).request_parameters end end @@ -923,9 +880,9 @@ class JsonParamsParsingTest < Test::Unit::TestCase private def parse_body(body,content_type) - env = { 'CONTENT_TYPE' => content_type, + env = { 'rack.input' => StringIO.new(body), + 'CONTENT_TYPE' => content_type, 'CONTENT_LENGTH' => body.size.to_s } - cgi = ActionController::Integration::Session::StubCGI.new(env, body) - ActionController::CgiRequest.new(cgi).request_parameters + ActionController::RackRequest.new(env).request_parameters end end |