aboutsummaryrefslogtreecommitdiffstats
path: root/railties/test/application
diff options
context:
space:
mode:
Diffstat (limited to 'railties/test/application')
-rw-r--r--railties/test/application/configuration_test.rb24
-rw-r--r--railties/test/application/url_generation_test.rb2
2 files changed, 23 insertions, 3 deletions
diff --git a/railties/test/application/configuration_test.rb b/railties/test/application/configuration_test.rb
index c4c1100f19..daf9dd3505 100644
--- a/railties/test/application/configuration_test.rb
+++ b/railties/test/application/configuration_test.rb
@@ -225,9 +225,9 @@ module ApplicationTests
assert_equal Pathname.new(app_path).join("somewhere"), Rails.public_path
end
- test "config.secret_token is sent in env" do
+ test "config.secret_token_key is sent in env" do
make_basic_app do |app|
- app.config.secret_token = 'b3c631c314c0bbca50c1b2843150fe33'
+ app.config.secret_token_key = 'b3c631c314c0bbca50c1b2843150fe33'
app.config.session_store :disabled
end
@@ -242,6 +242,26 @@ module ApplicationTests
assert_equal 'b3c631c314c0bbca50c1b2843150fe33', last_response.body
end
+ test "Use key_generator when secret_token_key is set" do
+ make_basic_app do |app|
+ app.config.secret_token_key = 'b3c631c314c0bbca50c1b2843150fe33'
+ app.config.session_store :disabled
+ end
+
+ class ::OmgController < ActionController::Base
+ def index
+ cookies.signed[:some_key] = "some_value"
+ render text: cookies[:some_key]
+ end
+ end
+
+ get "/"
+
+ secret = app.key_generator.generate_key('signed cookie')
+ verifier = ActiveSupport::MessageVerifier.new(secret)
+ assert_equal 'some_value', verifier.verify(last_response.body)
+ end
+
test "protect from forgery is the default in a new app" do
make_basic_app
diff --git a/railties/test/application/url_generation_test.rb b/railties/test/application/url_generation_test.rb
index 2a48adae5c..fb83659b0c 100644
--- a/railties/test/application/url_generation_test.rb
+++ b/railties/test/application/url_generation_test.rb
@@ -14,7 +14,7 @@ module ApplicationTests
require "action_controller/railtie"
class MyApp < Rails::Application
- config.secret_token = "3b7cd727ee24e8444053437c36cc66c4"
+ config.secret_token_key = "3b7cd727ee24e8444053437c36cc66c4"
config.session_store :cookie_store, key: "_myapp_session"
config.active_support.deprecation = :log
config.eager_load = false
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-19 15:47:48 +0000