diff options
Diffstat (limited to 'actionpack/test/controller/tainted_params_test.rb')
-rw-r--r-- | actionpack/test/controller/tainted_params_test.rb | 25 |
1 files changed, 0 insertions, 25 deletions
diff --git a/actionpack/test/controller/tainted_params_test.rb b/actionpack/test/controller/tainted_params_test.rb deleted file mode 100644 index 881b9d40fa..0000000000 --- a/actionpack/test/controller/tainted_params_test.rb +++ /dev/null @@ -1,25 +0,0 @@ -require 'abstract_unit' - -class PeopleController < ActionController::Base - def create - render text: params[:person].permitted? ? "untainted" : "tainted" - end - - def create_with_permit - render text: params[:person].permit(:name).permitted? ? "untainted" : "tainted" - end -end - -class ActionControllerTaintedParamsTest < ActionController::TestCase - tests PeopleController - - test "parameters are tainted" do - post :create, { person: { name: "Mjallo!" } } - assert_equal "tainted", response.body - end - - test "parameters can be permitted and are then not tainted" do - post :create_with_permit, { person: { name: "Mjallo!" } } - assert_equal "untainted", response.body - end -end |