| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
Prevents PATH_INFO from being used to infer the request format in later
test requests when no explicit format is given.
As the request PATH_INFO may be set before a request, it can't be
deleted during pre-request scrubbing.
Fixes #27774
|
|
|
|
|
|
| |
It was depending on a side-effect of the old html-scanner, so was no
longer proving what it intended to. Instead, assert more directly about
the resulting observable difference.
|
|
|
|
| |
this test case fails with ruby 2.4, so we want to see what's actually happening
|
| |
|
|
|
|
|
| |
This image has copyright that we are not giving so it is better to use
one image that we own the copyright.
|
| |
|
| |
|
|\
| |
| | |
Make :as option also set request format (AC::TestCase)
|
| |
| |
| |
| |
| |
| |
| |
| | |
right now you'd have to specify both :as and :format:
```
post :create, params: { foo: "bar" } as: :json, format: :json
```
|
|/
|
|
|
|
|
|
|
|
| |
When passed an already-valid file name, prepending the path is likely to
create problems.
This is particularly relevant for #26384, which adds fixture_path
handling to test classes that previously didn't have it: any existing
caller must have been manually locating the file, and we don't want to
break them.
|
|
|
|
| |
Documentation & testing
|
|
|
|
|
|
|
|
| |
Style/SpaceBeforeBlockBraces
Style/SpaceInsideBlockBraces
Style/SpaceInsideHashLiteralBraces
Fix all violations in the repository.
|
| |
|
|
|
|
|
| |
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before this change, posted parameters would leak across requests. The included
test case failed like so:
1) Failure:
TestCaseTest#test_multiple_mixed_method_process_should_scrub_rack_input:
--- expected
+++ actual
@@ -1 +1 @@
-{"bar"=>"an bar", "controller"=>"test_case_test/test", "action"=>"test_params"}
+{"foo"=>"an foo", "bar"=>"an bar", "controller"=>"test_case_test/test", "action"=>"test_params"}
An argument could be made that this situation isn't encountered often and that
one should limit the number of requests per test case, but I still think the
parameter leaking is an unexpected side-effect.
|
| |
|
|
|
|
|
|
|
|
| |
Ruby 2.4 unifies Fixnum and Bignum into Integer: https://bugs.ruby-lang.org/issues/12005
* Forward compat with new unified Integer class in Ruby 2.4+.
* Backward compat with separate Fixnum/Bignum in Ruby 2.2 & 2.3.
* Drops needless Fixnum distinction in docs, preferring Integer.
|
|
|
|
|
|
|
|
| |
Allowing :controller and :action values to be specified via the path
in config/routes.rb has been an underlying cause of a number of issues
in Rails that have resulted in security releases. In light of this it's
better that controllers and actions are explicitly whitelisted rather
than trying to blacklist or sanitize 'bad' values.
|
| |
|
|
|
|
|
|
| |
The `cookies` hash isn't updated with the value generated by the output
from `to_header` so it wasn't testing anything. Rendering the cookie
value in the controller makes sure that the escaping is actually working.
|
|
|
|
|
| |
Get an incorrect cookie value in controller action method
if cookie value contains an escapable string.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For ActionController::Base we write the cookies in a middleware if it
was not yet committed no matter if the response was committed or not. [1]
For ActionController::Live we write the cookies before the response is
committed. [2]
We already mimic ActionController::Live in
ActionController::TestCase but we don't mimic the ActionController::Base
behavior because we were checking if the response was committed before
writing the cookies.
Now we are matching the behavior of the middleware and writing the
cookies if it was not written before.
[1]: https://github.com/rails/rails/blob/80c6b901d4d87cee610ab0a438ff6e3c6bf118d1/actionpack/lib/action_dispatch/middleware/cookies.rb#L599-L604
[2]: https://github.com/rails/rails/blob/80c6b901d4d87cee610ab0a438ff6e3c6bf118d1/actionpack/lib/action_controller/metal/live.rb#L218-L223
|
|
|
|
|
|
|
| |
It doesn't make sense to access the response object before a request is
made (how was a response object created without making a request?) This
commit splits testing default headers and default header mutation tests
and removes access to the pre-request response object.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In c546a2b this was changed to mimic how the browser behaves in a real
situation but left out types that were registered.
When this was changed it didn't take `text/plain` or `text/html` content
types into account. This is a problem if you're manipulating the
`Content-Type` headers in your controller tests, and expect a certain
result.
The reason I changed this to use `to_sym` is because if the
`Content-Type` is not registered then the symbol will not exist. If it's
one of the special types we handle that specifically (:json, :xml, or
:url_encoded_form). If it's any registered type we handle it by setting
the `path_parameters` and then the `request_parameters`. If the `to_sym`
returns nil an error will be thrown.
If the controller test sets a `Content-Type` on the request that `Content-Type`
should remain in the header and pass along the filename.
For example:
If a test sets a content type on a post
```
@request.headers['CONTENT_TYPE'] = 'text/plain'
post :create, params: { name: 'foo.txt' }
```
Then `foo.txt` should be in the `request_parameters` and params related
to the path should be in the `path_parameters` and the `Content-Type`
header should match the one set in the `@request`. When c546a2b was
committed `text/plain` and `text/html` types were throwing a "Unknown
Content-Type" error which is misleading and incorrect.
Note: this does not affect how this is handled in the browser, just how
the controller tests handle setting `Content-Type`.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
This will silence deprecation warnings.
Most of the test can be changed from `render :text` to render `:plain`
or `render :body` right away. However, there are some tests that needed
to be fixed by hand as they actually assert the default Content-Type
returned from `render :body`.
|
|
|
|
|
|
|
|
| |
This is another take at #14384 as we decided to wait until `master` is
targeting Rails 5.0. This commit is implementation-complete, as it
guarantees that all the public methods on the hash-inherited Parameters
are still working (based on test case). We can decide to follow-up later
if we want to remove some methods out from Parameters.
|
|
|
|
|
| |
We should use rack-test's upload file objects on the test side so that
we will be able to correctly generate mime blob posts in the future
|
|
|
|
|
|
| |
We should convert request parameters to a query string, then let the
request object parse that query string. This should give us results
that are more similar to the real-world
|
| |
|
|
|
|
|
| |
We should assign parameters to the request object rather than mutate the
hash that is returned by `query_parameters` or `request_parameters`
|
|
|
|
|
|
| |
Instead of trying to manually clear out a request object, lets just
allocate a new one. The rack ENV is reused and cleaned (still), but the
request object is not.
|
|
|
|
|
| |
We should leverage the request / response objects that the superclass
has already allocated for us.
|
| |
|
|
|
|
| |
`head` method works similar to `render` method with `:nothing` option
|
|\
| |
| | |
[PoC] Stop shadowing parameters named `action`
|
| | |
|
|/
|
|
|
|
|
|
|
|
| |
+ To avoid regression I am adding this test case on action pack
Changed to assert from assert_equal
+ Added msg to assertion
Modified msg
|
|
|
|
|
|
|
| |
Fixes regression in #18423. Merge default headers for new responses,
but don't merge when creating a response from the last session request.
hat tip @senny :heart:
|
|\
| |
| | |
Migrating xhr methods to keyword arguments syntax
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
in `ActionController::TestCase` and
`ActionDispatch::Integration`
Old syntax:
`xhr :get, :create, params: { id: 1 }`
New syntax example:
`get :create, params: { id: 1 }, xhr: true`
|
|\ \
| |/
|/| |
Pre-discard flash messages
|
| |
| |
| |
| |
| |
| |
| | |
Inside a controller functional test after the last flash is deleted it
still persists the flash because to_session_value is nil. We should
delete it from the session when the serialized version is nil, same as
the flash middleware.
|
| | |
|
|/
|
|
|
|
|
|
| |
Non-kwargs requests are deprecated now.
Guides are updated as well.
`post url, nil, nil, { a: 'b' }` doesn't make sense.
`post url, params: { y: x }, session: { a: 'b' }` would be an explicit way to do the same
|
| |
|
|
|
|
| |
Reference #17453
|