3 files changed, 48 insertions, 5 deletions

diff --git a/actionpack/test/controller/cookie_test.rb b/actionpack/test/controller/cookie_test.rb
index 278cae1415..4971866e7c 100644
--- a/actionpack/test/controller/cookie_test.rb
+++ b/actionpack/test/controller/cookie_test.rb
@@ -1,7 +1,5 @@
 require 'abstract_unit'
 
-ActionController::Base.config.secret = "thisISverySECRET123"
-
 class CookieTest < ActionController::TestCase
   class TestController < ActionController::Base
     def authenticate
@@ -76,6 +74,7 @@ class CookieTest < ActionController::TestCase
 
   def setup
     super
+    @request.env["action_dispatch.secret_token"] = "thisISverySECRET123"
     @request.host = "www.nextangle.com"
   end
 
diff --git a/actionpack/test/controller/http_digest_authentication_test.rb b/actionpack/test/controller/http_digest_authentication_test.rb
index eb2af523a2..b011536717 100644
--- a/actionpack/test/controller/http_digest_authentication_test.rb
+++ b/actionpack/test/controller/http_digest_authentication_test.rb
@@ -41,8 +41,7 @@ class HttpDigestAuthenticationTest < ActionController::TestCase
   setup do
     # Used as secret in generating nonce to prevent tampering of timestamp
     @secret = "session_options_secret"
-    @controller.config.secret = @secret
-    # @old_secret, ActionController::Base.config.secret[:secret] = ActionController::Base.session_options[:secret], @secret
+    @request.env["action_dispatch.secret_token"] = @secret
   end
 
   teardown do
@@ -206,7 +205,7 @@ class HttpDigestAuthenticationTest < ActionController::TestCase
 
   test "validate_digest_response should fail with nil returning password_procedure" do
     @request.env['HTTP_AUTHORIZATION'] = encode_credentials(:username => nil, :password => nil)
-    assert !ActionController::HttpAuthentication::Digest.validate_digest_response(@secret, @request, "SuperSecret"){nil}
+    assert !ActionController::HttpAuthentication::Digest.validate_digest_response(@request, "SuperSecret"){nil}
   end
 
   private
diff --git a/actionpack/test/controller/integration_test.rb b/actionpack/test/controller/integration_test.rb
index 14c0c3708b..20dc96d38d 100644
--- a/actionpack/test/controller/integration_test.rb
+++ b/actionpack/test/controller/integration_test.rb
@@ -245,6 +245,15 @@ class IntegrationProcessTest < ActionController::IntegrationTest
       render :text => "Gone", :status => 410
     end
 
+    def set_cookie
+      cookies["foo"] = 'bar'
+      head :ok
+    end
+
+    def get_cookie
+      render :text => cookies["foo"]
+    end
+
     def redirect
       redirect_to :action => "get"
     end
@@ -292,6 +301,42 @@ class IntegrationProcessTest < ActionController::IntegrationTest
     end
   end
 
+  test 'cookie persist to next request' do
+    with_test_route_set do
+      get '/set_cookie'
+      assert_response :success
+
+      assert_equal "foo=bar; path=/", headers["Set-Cookie"]
+      assert_equal({"foo"=>"bar"}, cookies.to_hash)
+
+      get '/get_cookie'
+      assert_response :success
+      assert_equal "bar", body
+
+      assert_equal nil, headers["Set-Cookie"]
+      assert_equal({"foo"=>"bar"}, cookies.to_hash)
+    end
+  end
+
+  test 'cookie persist to next request on another domain' do
+    with_test_route_set do
+      host! "37s.backpack.test"
+
+      get '/set_cookie'
+      assert_response :success
+
+      assert_equal "foo=bar; path=/", headers["Set-Cookie"]
+      assert_equal({"foo"=>"bar"}, cookies.to_hash)
+
+      get '/get_cookie'
+      assert_response :success
+      assert_equal "bar", body
+
+      assert_equal nil, headers["Set-Cookie"]
+      assert_equal({"foo"=>"bar"}, cookies.to_hash)
+    end
+  end
+
   def test_redirect
     with_test_route_set do
       get '/redirect'