diff options
Diffstat (limited to 'actionpack/test/dispatch/ssl_test.rb')
| -rw-r--r-- | actionpack/test/dispatch/ssl_test.rb | 63 |
1 files changed, 24 insertions, 39 deletions
diff --git a/actionpack/test/dispatch/ssl_test.rb b/actionpack/test/dispatch/ssl_test.rb index ccddb90bb5..e29ffa750c 100644 --- a/actionpack/test/dispatch/ssl_test.rb +++ b/actionpack/test/dispatch/ssl_test.rb @@ -12,25 +12,16 @@ class SSLTest < ActionDispatch::IntegrationTest end class RedirectSSLTest < SSLTest - def assert_not_redirected(url, headers: {}, redirect: {}, deprecated_host: nil, - deprecated_port: nil) - - self.app = build_app ssl_options: { redirect: redirect, - host: deprecated_host, port: deprecated_port - } - + def assert_not_redirected(url, headers: {}, redirect: {}) + self.app = build_app ssl_options: { redirect: redirect } get url, headers: headers assert_response :ok end - def assert_redirected(redirect: {}, deprecated_host: nil, deprecated_port: nil, - from: "http://a/b?c=d", to: from.sub("http", "https")) - + def assert_redirected(redirect: {}, from: "http://a/b?c=d", to: from.sub("http", "https")) redirect = { status: 301, body: [] }.merge(redirect) - self.app = build_app ssl_options: { redirect: redirect, - host: deprecated_host, port: deprecated_port - } + self.app = build_app ssl_options: { redirect: redirect } get from assert_response redirect[:status] || 301 @@ -38,6 +29,16 @@ class RedirectSSLTest < SSLTest assert_equal redirect[:body].join, @response.body end + def assert_post_redirected(redirect: {}, from: "http://a/b?c=d", + to: from.sub("http", "https")) + + self.app = build_app ssl_options: { redirect: redirect } + + post from + assert_response redirect[:status] || 307 + assert_redirected_to to + end + test "exclude can avoid redirect" do excluding = { exclude: -> request { request.path =~ /healthcheck/ } } @@ -57,6 +58,10 @@ class RedirectSSLTest < SSLTest assert_redirected end + test "http POST is redirected to https with status 307" do + assert_post_redirected + end + test "redirect with non-301 status" do assert_redirected redirect: { status: 307 } end @@ -85,18 +90,6 @@ class RedirectSSLTest < SSLTest assert_redirected redirect: { host: "ssl:443" }, to: "https://ssl:443/b?c=d" end - test ":host is deprecated, moved within redirect: { host: … }" do - assert_deprecated do - assert_redirected deprecated_host: "foo", to: "https://foo/b?c=d" - end - end - - test ":port is deprecated, moved within redirect: { port: … }" do - assert_deprecated do - assert_redirected deprecated_port: 1, to: "https://a:1/b?c=d" - end - end - test "no redirect with redirect set to false" do assert_not_redirected "http://example.org", redirect: false end @@ -125,23 +118,19 @@ class StrictTransportSecurityTest < SSLTest end test "hsts: true enables default settings" do - assert_hsts EXPECTED, hsts: true + assert_hsts EXPECTED_WITH_SUBDOMAINS, hsts: true end test "hsts: false sets max-age to zero, clearing browser HSTS settings" do - assert_hsts "max-age=0", hsts: false + assert_hsts "max-age=0; includeSubDomains", hsts: false end test ":expires sets max-age" do - assert_deprecated do - assert_hsts "max-age=500", hsts: { expires: 500 } - end + assert_hsts "max-age=500; includeSubDomains", hsts: { expires: 500 } end test ":expires supports AS::Duration arguments" do - assert_deprecated do - assert_hsts "max-age=31557600", hsts: { expires: 1.year } - end + assert_hsts "max-age=31557600; includeSubDomains", hsts: { expires: 1.year } end test "include subdomains" do @@ -153,15 +142,11 @@ class StrictTransportSecurityTest < SSLTest end test "opt in to browser preload lists" do - assert_deprecated do - assert_hsts "#{EXPECTED}; preload", hsts: { preload: true } - end + assert_hsts "#{EXPECTED_WITH_SUBDOMAINS}; preload", hsts: { preload: true } end test "opt out of browser preload lists" do - assert_deprecated do - assert_hsts EXPECTED, hsts: { preload: false } - end + assert_hsts EXPECTED_WITH_SUBDOMAINS, hsts: { preload: false } end end |