aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/dispatch/request_test.rb
diff options
context:
space:
mode:
Diffstat (limited to 'actionpack/test/dispatch/request_test.rb')
-rw-r--r--actionpack/test/dispatch/request_test.rb71
1 files changed, 40 insertions, 31 deletions
diff --git a/actionpack/test/dispatch/request_test.rb b/actionpack/test/dispatch/request_test.rb
index 6e21b4a258..6737609567 100644
--- a/actionpack/test/dispatch/request_test.rb
+++ b/actionpack/test/dispatch/request_test.rb
@@ -152,9 +152,12 @@ class RequestIP < BaseRequestTest
request = stub_request 'HTTP_X_FORWARDED_FOR' => 'unknown,::1'
assert_equal nil, request.remote_ip
- request = stub_request 'HTTP_X_FORWARDED_FOR' => '2001:0db8:85a3:0000:0000:8a2e:0370:7334, fe80:0000:0000:0000:0202:b3ff:fe1e:8329, ::1, fc00::'
+ request = stub_request 'HTTP_X_FORWARDED_FOR' => '2001:0db8:85a3:0000:0000:8a2e:0370:7334, fe80:0000:0000:0000:0202:b3ff:fe1e:8329, ::1, fc00::, fc01::, fdff'
assert_equal 'fe80:0000:0000:0000:0202:b3ff:fe1e:8329', request.remote_ip
+ request = stub_request 'HTTP_X_FORWARDED_FOR' => 'FE00::, FDFF::'
+ assert_equal 'FE00::', request.remote_ip
+
request = stub_request 'HTTP_X_FORWARDED_FOR' => 'not_ip_address'
assert_equal nil, request.remote_ip
end
@@ -525,6 +528,13 @@ class RequestCGI < BaseRequestTest
end
end
+class LocalhostTest < BaseRequestTest
+ test "IPs that match localhost" do
+ request = stub_request("REMOTE_IP" => "127.1.1.1", "REMOTE_ADDR" => "127.1.1.1")
+ assert request.local?
+ end
+end
+
class RequestCookie < BaseRequestTest
test "cookie syntax resilience" do
request = stub_request("HTTP_COOKIE" => "_session_id=c84ace84796670c052c6ceb2451fb0f2; is_admin=yes")
@@ -629,12 +639,14 @@ class RequestProtocol < BaseRequestTest
end
class RequestMethod < BaseRequestTest
- test "request methods" do
- [:post, :get, :patch, :put, :delete].each do |method|
- request = stub_request('REQUEST_METHOD' => method.to_s.upcase)
+ test "method returns environment's request method when it has not been
+ overriden by middleware".squish do
+
+ ActionDispatch::Request::HTTP_METHODS.each do |method|
+ request = stub_request('REQUEST_METHOD' => method)
- assert_equal method.to_s.upcase, request.method
- assert_equal method, request.method_symbol
+ assert_equal method, request.method
+ assert_equal method.underscore.to_sym, request.method_symbol
end
end
@@ -644,28 +656,18 @@ class RequestMethod < BaseRequestTest
end
end
- test "allow method hacking on post" do
- %w(GET OPTIONS PATCH PUT POST DELETE).each do |method|
- request = stub_request 'REQUEST_METHOD' => method.to_s.upcase
-
- assert_equal(method == "HEAD" ? "GET" : method, request.method)
- end
+ test "method returns original value of environment request method on POST" do
+ request = stub_request('rack.methodoverride.original_method' => 'POST')
+ assert_equal 'POST', request.method
end
- test "invalid method hacking on post raises exception" do
+ test "method raises exception on invalid HTTP method" do
assert_raise(ActionController::UnknownHttpMethod) do
- stub_request('REQUEST_METHOD' => '_RANDOM_METHOD').request_method
+ stub_request('rack.methodoverride.original_method' => '_RANDOM_METHOD').method
end
- end
- test "restrict method hacking" do
- [:get, :patch, :put, :delete].each do |method|
- request = stub_request(
- 'action_dispatch.request.request_parameters' => { :_method => 'put' },
- 'REQUEST_METHOD' => method.to_s.upcase
- )
-
- assert_equal method.to_s.upcase, request.method
+ assert_raise(ActionController::UnknownHttpMethod) do
+ stub_request('REQUEST_METHOD' => '_RANDOM_METHOD').method
end
end
@@ -795,6 +797,12 @@ class RequestFormat < BaseRequestTest
assert_not request.format.json?
end
+ test "format does not throw exceptions when malformed parameters" do
+ request = stub_request("QUERY_STRING" => "x[y]=1&x[y][][w]=2")
+ assert request.formats
+ assert request.format.html?
+ end
+
test "formats with xhr request" do
request = stub_request 'HTTP_X_REQUESTED_WITH' => "XMLHttpRequest"
request.expects(:parameters).at_least_once.returns({})
@@ -802,6 +810,7 @@ class RequestFormat < BaseRequestTest
end
test "ignore_accept_header" do
+ old_ignore_accept_header = ActionDispatch::Request.ignore_accept_header
ActionDispatch::Request.ignore_accept_header = true
begin
@@ -831,7 +840,7 @@ class RequestFormat < BaseRequestTest
request.expects(:parameters).at_least_once.returns({:format => :json})
assert_equal [ Mime::JSON ], request.formats
ensure
- ActionDispatch::Request.ignore_accept_header = false
+ ActionDispatch::Request.ignore_accept_header = old_ignore_accept_header
end
end
end
@@ -889,15 +898,15 @@ class RequestParameters < BaseRequestTest
assert_equal({"bar" => 2}, request.query_parameters)
end
- test "parameters still accessible after rack parse error" do
+ test "parameters not accessible after rack parse error" do
request = stub_request("QUERY_STRING" => "x[y]=1&x[y][][w]=2")
- assert_raises(ActionController::BadRequest) do
- # rack will raise a TypeError when parsing this query string
- request.parameters
+ 2.times do
+ assert_raises(ActionController::BadRequest) do
+ # rack will raise a TypeError when parsing this query string
+ request.parameters
+ end
end
-
- assert_equal({}, request.parameters)
end
test "we have access to the original exception" do
@@ -1062,7 +1071,7 @@ class RequestEtag < BaseRequestTest
end
end
-class RequestVarient < BaseRequestTest
+class RequestVariant < BaseRequestTest
test "setting variant" do
request = stub_request
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-01 01:33:08 +0000