diff options
Diffstat (limited to 'activerecord/test/cases')
-rw-r--r-- | activerecord/test/cases/adapter_test.rb | 17 |
1 files changed, 4 insertions, 13 deletions
diff --git a/activerecord/test/cases/adapter_test.rb b/activerecord/test/cases/adapter_test.rb index 80530194ff..65c5fc2fe9 100644 --- a/activerecord/test/cases/adapter_test.rb +++ b/activerecord/test/cases/adapter_test.rb @@ -112,23 +112,14 @@ class AdapterTest < ActiveRecord::TestCase def test_add_limit_offset_should_sanitize_sql_injection_for_limit_without_comas sql_inject = "1 select * from schema" - assert_equal " LIMIT 1", @connection.add_limit_offset!("", :limit=>sql_inject) - if current_adapter?(:MysqlAdapter) - assert_equal " LIMIT 7, 1", @connection.add_limit_offset!("", :limit=>sql_inject, :offset=>7) - else - assert_equal " LIMIT 1 OFFSET 7", @connection.add_limit_offset!("", :limit=>sql_inject, :offset=>7) - end + assert_no_match /schema/, @connection.add_limit_offset!("", :limit=>sql_inject) + assert_no_match /schema/, @connection.add_limit_offset!("", :limit=>sql_inject, :offset=>7) end def test_add_limit_offset_should_sanitize_sql_injection_for_limit_with_comas sql_inject = "1, 7 procedure help()" - if current_adapter?(:MysqlAdapter) - assert_equal " LIMIT 1,7", @connection.add_limit_offset!("", :limit=>sql_inject) - assert_equal " LIMIT 7, 1", @connection.add_limit_offset!("", :limit=> '1 ; DROP TABLE USERS', :offset=>7) - else - assert_equal " LIMIT 1,7", @connection.add_limit_offset!("", :limit=>sql_inject) - assert_equal " LIMIT 1,7 OFFSET 7", @connection.add_limit_offset!("", :limit=>sql_inject, :offset=>7) - end + assert_no_match /procedure/, @connection.add_limit_offset!("", :limit=>sql_inject) + assert_no_match /procedure/, @connection.add_limit_offset!("", :limit=>sql_inject, :offset=>7) end def test_uniqueness_violations_are_translated_to_specific_exception |