diff options
Diffstat (limited to 'actionpack/test/dispatch/cookies_test.rb')
-rw-r--r-- | actionpack/test/dispatch/cookies_test.rb | 255 |
1 files changed, 251 insertions, 4 deletions
diff --git a/actionpack/test/dispatch/cookies_test.rb b/actionpack/test/dispatch/cookies_test.rb index b04c1a42c0..39159fd629 100644 --- a/actionpack/test/dispatch/cookies_test.rb +++ b/actionpack/test/dispatch/cookies_test.rb @@ -48,6 +48,11 @@ class CookiesTest < ActionController::TestCase head :ok end + def authenticate_with_secure + cookies["user_name"] = { :value => "david", :secure => true } + head :ok + end + def set_permanent_cookie cookies.permanent[:user_name] = "Jamie" head :ok @@ -89,6 +94,50 @@ class CookiesTest < ActionController::TestCase cookies.delete(:user_name, :domain => :all) head :ok end + + def set_cookie_with_domain_and_tld + cookies[:user_name] = {:value => "rizwanreza", :domain => :all, :tld_length => 2} + head :ok + end + + def delete_cookie_with_domain_and_tld + cookies.delete(:user_name, :domain => :all, :tld_length => 2) + head :ok + end + + def set_cookie_with_domains + cookies[:user_name] = {:value => "rizwanreza", :domain => %w(example1.com example2.com .example3.com)} + head :ok + end + + def delete_cookie_with_domains + cookies.delete(:user_name, :domain => %w(example1.com example2.com .example3.com)) + head :ok + end + + def symbol_key + cookies[:user_name] = "david" + head :ok + end + + def string_key + cookies['user_name'] = "david" + head :ok + end + + def symbol_key_mock + cookies[:user_name] = "david" if cookies[:user_name] == "andrew" + head :ok + end + + def string_key_mock + cookies['user_name'] = "david" if cookies['user_name'] == "andrew" + head :ok + end + + def noop + head :ok + end end tests TestController @@ -129,6 +178,26 @@ class CookiesTest < ActionController::TestCase assert_equal({"user_name" => "david"}, @response.cookies) end + def test_setting_cookie_with_secure + @request.env["HTTPS"] = "on" + get :authenticate_with_secure + assert_cookie_header "user_name=david; path=/; secure" + assert_equal({"user_name" => "david"}, @response.cookies) + end + + def test_setting_cookie_with_secure_in_development + Rails.env.stubs(:development?).returns(true) + get :authenticate_with_secure + assert_cookie_header "user_name=david; path=/; secure" + assert_equal({"user_name" => "david"}, @response.cookies) + end + + def test_not_setting_cookie_with_secure + get :authenticate_with_secure + assert_not_cookie_header "user_name=david; path=/; secure" + assert_not_equal({"user_name" => "david"}, @response.cookies) + end + def test_multiple_cookies get :set_multiple_cookies assert_equal 2, @response.cookies.size @@ -158,8 +227,8 @@ class CookiesTest < ActionController::TestCase def test_permanent_cookie get :set_permanent_cookie - assert_match /Jamie/, @response.headers["Set-Cookie"] - assert_match %r(#{20.years.from_now.utc.year}), @response.headers["Set-Cookie"] + assert_match(/Jamie/, @response.headers["Set-Cookie"]) + assert_match(%r(#{20.years.from_now.utc.year}), @response.headers["Set-Cookie"]) end def test_signed_cookie @@ -174,7 +243,7 @@ class CookiesTest < ActionController::TestCase def test_permanent_signed_cookie get :set_permanent_signed_cookie - assert_match %r(#{20.years.from_now.utc.year}), @response.headers["Set-Cookie"] + assert_match(%r(#{20.years.from_now.utc.year}), @response.headers["Set-Cookie"]) assert_equal 100, @controller.send(:cookies).signed[:remember_me] end @@ -232,12 +301,181 @@ class CookiesTest < ActionController::TestCase assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com; path=/" end + def test_cookie_with_all_domain_option_using_a_non_standard_tld + @request.host = "two.subdomains.nextangle.local" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/" + end + + def test_cookie_with_all_domain_option_using_australian_style_tld + @request.host = "nextangle.com.au" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com.au; path=/" + end + + def test_cookie_with_all_domain_option_using_uk_style_tld + @request.host = "nextangle.co.uk" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=.nextangle.co.uk; path=/" + end + + def test_cookie_with_all_domain_option_using_host_with_port + @request.host = "nextangle.local:3000" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/" + end + + def test_cookie_with_all_domain_option_using_localhost + @request.host = "localhost" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; path=/" + end + + def test_cookie_with_all_domain_option_using_ipv4_address + @request.host = "192.168.1.1" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; path=/" + end + + def test_cookie_with_all_domain_option_using_ipv6_address + @request.host = "2001:0db8:85a3:0000:0000:8a2e:0370:7334" + get :set_cookie_with_domain + assert_response :success + assert_cookie_header "user_name=rizwanreza; path=/" + end + def test_deleting_cookie_with_all_domain_option get :delete_cookie_with_domain assert_response :success assert_cookie_header "user_name=; domain=.nextangle.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT" end + def test_cookie_with_all_domain_option_and_tld_length + get :set_cookie_with_domain_and_tld + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com; path=/" + end + + def test_cookie_with_all_domain_option_using_a_non_standard_tld_and_tld_length + @request.host = "two.subdomains.nextangle.local" + get :set_cookie_with_domain_and_tld + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/" + end + + def test_cookie_with_all_domain_option_using_host_with_port_and_tld_length + @request.host = "nextangle.local:3000" + get :set_cookie_with_domain_and_tld + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/" + end + + def test_deleting_cookie_with_all_domain_option_and_tld_length + get :delete_cookie_with_domain_and_tld + assert_response :success + assert_cookie_header "user_name=; domain=.nextangle.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT" + end + + def test_cookie_with_several_preset_domains_using_one_of_these_domains + @request.host = "example1.com" + get :set_cookie_with_domains + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=example1.com; path=/" + end + + def test_cookie_with_several_preset_domains_using_other_domain + @request.host = "other-domain.com" + get :set_cookie_with_domains + assert_response :success + assert_cookie_header "user_name=rizwanreza; path=/" + end + + def test_cookie_with_several_preset_domains_using_shared_domain + @request.host = "example3.com" + get :set_cookie_with_domains + assert_response :success + assert_cookie_header "user_name=rizwanreza; domain=.example3.com; path=/" + end + + def test_deletings_cookie_with_several_preset_domains_using_one_of_these_domains + @request.host = "example2.com" + get :delete_cookie_with_domains + assert_response :success + assert_cookie_header "user_name=; domain=example2.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT" + end + + def test_deletings_cookie_with_several_preset_domains_using_other_domain + @request.host = "other-domain.com" + get :delete_cookie_with_domains + assert_response :success + assert_cookie_header "user_name=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT" + end + + def test_cookies_hash_is_indifferent_access + [:symbol_key, :string_key].each do |cookie_key| + get cookie_key + assert_equal "david", cookies[:user_name] + assert_equal "david", cookies['user_name'] + end + end + + def test_setting_request_cookies_is_indifferent_access + @request.cookies.clear + @request.cookies[:user_name] = "andrew" + get :string_key_mock + assert_equal "david", cookies[:user_name] + + @request.cookies.clear + @request.cookies['user_name'] = "andrew" + get :symbol_key_mock + assert_equal "david", cookies['user_name'] + end + + def test_cookies_retained_across_requests + get :symbol_key + assert_equal "user_name=david; path=/", @response.headers["Set-Cookie"] + assert_equal "david", cookies[:user_name] + + get :noop + assert_nil @response.headers["Set-Cookie"] + assert_equal "user_name=david", @request.env['HTTP_COOKIE'] + assert_equal "david", cookies[:user_name] + + get :noop + assert_nil @response.headers["Set-Cookie"] + assert_equal "user_name=david", @request.env['HTTP_COOKIE'] + assert_equal "david", cookies[:user_name] + end + + def test_cookies_can_be_cleared + get :symbol_key + assert_equal "user_name=david; path=/", @response.headers["Set-Cookie"] + assert_equal "david", cookies[:user_name] + + @request.cookies.clear + get :noop + assert_nil @response.headers["Set-Cookie"] + assert_nil @request.env['HTTP_COOKIE'] + assert_nil cookies[:user_name] + + get :symbol_key + assert_equal "user_name=david; path=/", @response.headers["Set-Cookie"] + assert_equal "david", cookies[:user_name] + end + + def test_cookies_are_escaped + @request.cookies[:user_ids] = '1;2' + get :noop + assert_equal "user_ids=1%3B2", @request.env['HTTP_COOKIE'] + assert_equal "1;2", cookies[:user_ids] + end + private def assert_cookie_header(expected) header = @response.headers["Set-Cookie"] @@ -247,4 +485,13 @@ class CookiesTest < ActionController::TestCase assert_equal expected.split("\n"), header end end -end
\ No newline at end of file + + def assert_not_cookie_header(expected) + header = @response.headers["Set-Cookie"] + if header.respond_to?(:to_str) + assert_not_equal expected.split("\n").sort, header.split("\n").sort + else + assert_not_equal expected.split("\n"), header + end + end +end |