aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/controller/session/cookie_store_test.rb
diff options
context:
space:
mode:
Diffstat (limited to 'actionpack/test/controller/session/cookie_store_test.rb')
-rwxr-xr-xactionpack/test/controller/session/cookie_store_test.rb19
1 files changed, 19 insertions, 0 deletions
diff --git a/actionpack/test/controller/session/cookie_store_test.rb b/actionpack/test/controller/session/cookie_store_test.rb
index 0084f35dea..b2655c72d9 100755
--- a/actionpack/test/controller/session/cookie_store_test.rb
+++ b/actionpack/test/controller/session/cookie_store_test.rb
@@ -4,6 +4,19 @@ require 'action_controller/cgi_ext'
require 'stringio'
+
+class CGI::Session::CookieStore
+ def ensure_secret_secure_with_test_hax(secret)
+ if secret == CookieStoreTest.default_session_options['secret']
+ return true
+ else
+ ensure_secret_secure_without_test_hax(secret)
+ end
+ end
+ alias_method_chain :ensure_secret_secure, :test_hax
+end
+
+
# Expose for tests.
class CGI
attr_reader :output_cookies, :output_hidden
@@ -49,6 +62,12 @@ class CookieStoreTest < Test::Unit::TestCase
end
end
+ def test_raises_argument_error_if_secret_is_probably_insecure
+ ["password", "secret", "12345678901234567890123456789"].each do |blank|
+ assert_raise(ArgumentError, blank.inspect) { new_session 'secret' => blank }
+ end
+ end
+
def test_reconfigures_session_to_omit_id_cookie_and_hidden_field
new_session do |session|
assert_equal true, @options['no_hidden']
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 10:04:43 +0000