diff options
Diffstat (limited to 'actionpack/test')
| -rw-r--r-- | actionpack/test/controller/redirect_test.rb | 5 | ||||
| -rw-r--r-- | actionpack/test/controller/render_test.rb | 14 | ||||
| -rw-r--r-- | actionpack/test/fixtures/test/hello_w*rld.erb | 1 | ||||
| -rw-r--r-- | actionpack/test/template/form_tag_helper_test.rb | 8 | ||||
| -rw-r--r-- | actionpack/test/template/html-scanner/sanitizer_test.rb | 7 | ||||
| -rw-r--r-- | actionpack/test/template/javascript_helper_test.rb | 1 | ||||
| -rw-r--r-- | actionpack/test/template/sprockets_helper_test.rb | 28 |
7 files changed, 54 insertions, 10 deletions
diff --git a/actionpack/test/controller/redirect_test.rb b/actionpack/test/controller/redirect_test.rb index 92d4a6d98b..79041055bd 100644 --- a/actionpack/test/controller/redirect_test.rb +++ b/actionpack/test/controller/redirect_test.rb @@ -4,6 +4,11 @@ class WorkshopsController < ActionController::Base end class RedirectController < ActionController::Base + # empty method not used anywhere to ensure methods like + # `status` and `location` aren't called on `redirect_to` calls + def status; render :text => 'called status'; end + def location; render :text => 'called location'; end + def simple_redirect redirect_to :action => "hello_world" end diff --git a/actionpack/test/controller/render_test.rb b/actionpack/test/controller/render_test.rb index ce4b407c7d..6bcd606bf4 100644 --- a/actionpack/test/controller/render_test.rb +++ b/actionpack/test/controller/render_test.rb @@ -405,6 +405,14 @@ class TestController < ActionController::Base render :template => "test/hello_world" end + def render_with_explicit_unescaped_template + render :template => "test/h*llo_world" + end + + def render_with_explicit_escaped_template + render :template => "test/hello_w*rld" + end + def render_with_explicit_string_template render "test/hello_world" end @@ -1057,6 +1065,12 @@ class RenderTest < ActionController::TestCase assert_response :success end + def test_render_with_explicit_unescaped_template + assert_raise(ActionView::MissingTemplate) { get :render_with_explicit_unescaped_template } + get :render_with_explicit_escaped_template + assert_equal "Hello w*rld!", @response.body + end + def test_render_with_explicit_string_template get :render_with_explicit_string_template assert_equal "<html>Hello world!</html>", @response.body diff --git a/actionpack/test/fixtures/test/hello_w*rld.erb b/actionpack/test/fixtures/test/hello_w*rld.erb new file mode 100644 index 0000000000..bc8fa5e0ca --- /dev/null +++ b/actionpack/test/fixtures/test/hello_w*rld.erb @@ -0,0 +1 @@ +Hello w*rld!
\ No newline at end of file diff --git a/actionpack/test/template/form_tag_helper_test.rb b/actionpack/test/template/form_tag_helper_test.rb index ad31812273..eb569c7308 100644 --- a/actionpack/test/template/form_tag_helper_test.rb +++ b/actionpack/test/template/form_tag_helper_test.rb @@ -508,25 +508,25 @@ class FormTagHelperTest < ActionView::TestCase def test_text_area_tag_options_symbolize_keys_side_effects options = { :option => "random_option" } - actual = text_area_tag "body", "hello world", options + text_area_tag "body", "hello world", options assert_equal options, { :option => "random_option" } end def test_submit_tag_options_symbolize_keys_side_effects options = { :option => "random_option" } - actual = submit_tag "submit value", options + submit_tag "submit value", options assert_equal options, { :option => "random_option" } end def test_button_tag_options_symbolize_keys_side_effects options = { :option => "random_option" } - actual = button_tag "button value", options + button_tag "button value", options assert_equal options, { :option => "random_option" } end def test_image_submit_tag_options_symbolize_keys_side_effects options = { :option => "random_option" } - actual = image_submit_tag "submit source", options + image_submit_tag "submit source", options assert_equal options, { :option => "random_option" } end diff --git a/actionpack/test/template/html-scanner/sanitizer_test.rb b/actionpack/test/template/html-scanner/sanitizer_test.rb index 678cb9eeeb..62ad6be680 100644 --- a/actionpack/test/template/html-scanner/sanitizer_test.rb +++ b/actionpack/test/template/html-scanner/sanitizer_test.rb @@ -5,6 +5,13 @@ class SanitizerTest < ActionController::TestCase @sanitizer = nil # used by assert_sanitizer end + def test_strip_tags_with_quote + sanitizer = HTML::FullSanitizer.new + string = '<" <img src="trollface.gif" onload="alert(1)"> hi' + + assert_equal ' hi', sanitizer.sanitize(string) + end + def test_strip_tags sanitizer = HTML::FullSanitizer.new assert_equal("<<<bad html", sanitizer.sanitize("<<<bad html")) diff --git a/actionpack/test/template/javascript_helper_test.rb b/actionpack/test/template/javascript_helper_test.rb index dd8b7b7cd5..bab9d42472 100644 --- a/actionpack/test/template/javascript_helper_test.rb +++ b/actionpack/test/template/javascript_helper_test.rb @@ -27,6 +27,7 @@ class JavaScriptHelperTest < ActionView::TestCase assert_equal %(This \\"thing\\" is really\\n netos\\'), escape_javascript(%(This "thing" is really\n netos')) assert_equal %(backslash\\\\test), escape_javascript( %(backslash\\test) ) assert_equal %(dont <\\/close> tags), escape_javascript(%(dont </close> tags)) + assert_equal %(unicode 
 newline), escape_javascript(%(unicode \342\200\250 newline)) assert_equal %(dont <\\/close> tags), j(%(dont </close> tags)) end diff --git a/actionpack/test/template/sprockets_helper_test.rb b/actionpack/test/template/sprockets_helper_test.rb index dfa635335e..d303acad0f 100644 --- a/actionpack/test/template/sprockets_helper_test.rb +++ b/actionpack/test/template/sprockets_helper_test.rb @@ -141,6 +141,8 @@ class SprocketsHelperTest < ActionView::TestCase end test "javascript include tag" do + Rails.env.stubs(:test?).returns(false) + assert_match %r{<script src="/assets/application-[0-9a-f]+.js" type="text/javascript"></script>}, javascript_include_tag(:application) @@ -151,11 +153,17 @@ class SprocketsHelperTest < ActionView::TestCase assert_equal '<script src="http://www.example.com/xmlhr" type="text/javascript"></script>', javascript_include_tag("http://www.example.com/xmlhr") + assert_match %r{<script src=\"/assets/xmlhr-[0-9a-f]+.js" type=\"text/javascript\"></script>\n<script src=\"/assets/extra-[0-9a-f]+.js" type=\"text/javascript\"></script>}, + javascript_include_tag("xmlhr", "extra") + + Rails.env.stubs(:test?).returns(true) + assert_match %r{<script src="/assets/xmlhr-[0-9a-f]+.js\?body=1" type="text/javascript"></script>\n<script src="/assets/application-[0-9a-f]+.js\?body=1" type="text/javascript"></script>}, - javascript_include_tag(:application, :debug => true) + javascript_include_tag(:application) + + assert_match %r{<script src="/assets/application-[0-9a-f]+.js\" type="text/javascript"></script>}, + javascript_include_tag(:application, :debug => false) - assert_match %r{<script src=\"/assets/xmlhr-[0-9a-f]+.js\" type=\"text/javascript\"></script>\n<script src=\"/assets/extra-[0-9a-f]+.js\" type=\"text/javascript\"></script>}, - javascript_include_tag("xmlhr", "extra") end test "stylesheet path" do @@ -172,6 +180,8 @@ class SprocketsHelperTest < ActionView::TestCase end test "stylesheet link tag" do + Rails.env.stubs(:test?).returns(false) + assert_match %r{<link href="/assets/application-[0-9a-f]+.css" media="screen" rel="stylesheet" type="text/css" />}, stylesheet_link_tag(:application) @@ -187,11 +197,17 @@ class SprocketsHelperTest < ActionView::TestCase assert_match %r{<link href="/assets/style-[0-9a-f]+.css" media="print" rel="stylesheet" type="text/css" />}, stylesheet_link_tag("style", :media => "print") - assert_match %r{<link href="/assets/style-[0-9a-f]+.css\?body=1" media="screen" rel="stylesheet" type="text/css" />\n<link href="/assets/application-[0-9a-f]+.css\?body=1" media="screen" rel="stylesheet" type="text/css" />}, - stylesheet_link_tag(:application, :debug => true) - assert_match %r{<link href="/assets/style-[0-9a-f]+.css" media="screen" rel="stylesheet" type="text/css" />\n<link href="/assets/extra-[0-9a-f]+.css" media="screen" rel="stylesheet" type="text/css" />}, stylesheet_link_tag("style", "extra") + + Rails.env.stubs(:test?).returns(true) + + assert_match %r{<link href="/assets/style-[0-9a-f]+.css\?body=1" media="screen" rel="stylesheet" type="text/css" />\n<link href="/assets/application-[0-9a-f]+.css\?body=1" media="screen" rel="stylesheet" type="text/css" />}, + stylesheet_link_tag(:application) + + assert_match %r{<link href="/assets/application-[0-9a-f]+.css" media="screen" rel="stylesheet" type="text/css" />}, + stylesheet_link_tag(:application, :debug => false) + end test "alternate asset prefix" do |