aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/test/dispatch/cookies_test.rb
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #10380 from JonRowe/test_all_domain_2_letter_tldRafael Mendonça França2015-01-021-0/+7
|\ | | | | | | Assert that 2 letter tlds with 3 letter domain names work when option specified.
| * add test asserting that 2 letter tlds with 3 letter domain names work when ↵Jon Rowe2013-04-301-0/+7
| | | | | | | | option specified
* | Merge pull request #17792 from rockrep/masterRafael Mendonça França2014-12-041-0/+10
|\ \ | | | | | | | | | allow 'all' for :domain option in addition to :all
| * | allow 'all' for :domain option in addition to :allrockrep2014-11-261-0/+10
| | |
* | | Remove "rescue" clause around "require 'openssl'"claudiob2014-12-031-10/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some `require 'openssl'` statements were surrounded by `rescue` blocks to deal with Ruby versions that did not support `OpenSSL::Digest::SHA1` or `OpenSSL::PKCS5`. [As @jeremy explains](https://github.com/rails/rails/commit/a6a0904fcb12b876469c48b1c885aadafe9188cf#commitcomment-8826666) in the original commit: > If jruby didn't have jruby-openssl gem, the require wouldn't work. Not sure whether either of these are still relevant today. According to the [release notes for JRuby 1.7.13](http://www.jruby.org/2014/06/24/jruby-1-7-13.html): > jruby-openssl 0.9.5 bundled which means the above `rescue` block is not needed anymore. All the Ruby versions supported by the current version of Rails provide those OpenSSL libraries, so Travis CI should also be happy by removing the `rescue` blocks. --- Just to confirm, with JRuby: $ ruby --version #=> jruby 1.7.16.1 (1.9.3p392) 2014-10-28 4e93f31 on Java HotSpot(TM) 64-Bit Server VM 1.8.0_20-b26 +jit [darwin-x86_64] $ irb irb(main):001:0> require 'openssl' #=> true irb(main):002:0> OpenSSL::Digest::SHA1 #=> OpenSSL::Digest::SHA1 irb(main):003:0> OpenSSL::PKCS5 # => OpenSSL::PKCS5 And with Ruby 2.1: $ ruby --version #=> ruby 2.1.2p95 (2014-05-08 revision 45877) [x86_64-darwin13.0] $ irb irb(main):001:0> require 'openssl' #=> true irb(main):002:0> OpenSSL::Digest::SHA1 #=> OpenSSL::Digest::SHA1 irb(main):003:0> OpenSSL::PKCS5 #=> OpenSSL::PKCS5
* | | Fix "nonexistent" typo in testsMelissa Xie2014-12-021-2/+2
| | |
* | | Use less iterations for KeyGenerator in testsPeter Suschlik2014-08-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit improves performance of cookie tests: Ruby | After | Before ----- | --------:| --------: MRI | 5.03s | 9.28s JRuby | 25.45s | 1648.23s Please note the improvement for JRuby.
* | | Expectations firstAkira Matsuda2014-08-181-1/+1
| | |
* | | Use AS::JSON for (de)serializing cookiesGodfrey Chan2014-08-171-0/+39
| | | | | | | | | | | | | | | | | | | | | | | | Use the Active Support JSON encoder for cookie jars using the `:json` or `:hybrid` serializer. This allows you to serialize custom Ruby objects into cookies by defining the `#as_json` hook on such objects. Fixes #16520.
* | | Fixed broken reference caused by 14965baGodfrey Chan2014-08-171-2/+2
| | |
* | | Add config option for cookies digestŁukasz Strzałkowski2014-08-121-0/+50
| | | | | | | | | | | | | | | | | | You can now configure custom digest for cookies in the same way as `serializer`: config.action_dispatch.cookies_digest = 'SHA256'
* | | Fixed an issue with migrating legacy json cookies.Godfrey Chan2014-04-231-0/+117
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, the `VerifyAndUpgradeLegacySignedMessage` assumes all incoming cookies are marshal-encoded. This is not the case when `secret_token` is used in conjunction with the `:json` or `:hybrid` serializer. In those case, when upgrading to use `secret_key_base`, this would cause a `TypeError: incompatible marshal file format` and a 500 error for the user. Fixes #14774. *Godfrey Chan*
* | | Re-write legacy (marshal) cookies on readGodfrey Chan2014-02-111-15/+17
| | |
* | | Changed the tests to ensure HybridSerializer actually migrates the cookies ↵Godfrey Chan2014-02-111-10/+18
| | | | | | | | | | | | (currently failing)
* | | Fixed minor typo in test codeGodfrey Chan2014-02-111-1/+1
| | |
* | | Tests for the HybridSerializerRafael Mendonça França2014-02-111-0/+68
| | |
* | | Removed an old testGodfrey Chan2014-02-111-5/+0
| | |
* | | Just very so slightly better test coverageGodfrey Chan2014-02-111-15/+57
| | |
* | | Renamed session_serializer option to cookies_serializerGodfrey Chan2014-02-111-6/+6
| | |
* | | Modify the session serializer implementationGuillermo Iguaran2014-01-301-9/+3
| | | | | | | | | | | | | | | Rename allowed options to :marshal and :json, for custom serializers only allow the use of custom classes.
* | | Allow session serializer key in config.session_storeLukasz Sarnacki2014-01-291-0/+33
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | MessageEncryptor has :serializer option, where any serializer object can be passed. This commit make it possible to set this serializer from configuration level. There are predefined serializers (:marshal_serializer, :json_serialzier) and custom serializer can be passed as String, Symbol (camelized and constantized in ActionDispatch::Session namepspace) or serializer object. Default :json_serializer was also added to generators to provide secure defalt.
* | Remove comments about removing LegacyKeyGenerator in 4.1Trevor Turk2013-04-031-1/+0
| |
* | Merge pull request #10061 from trevorturk/dummy-key-generator-renameSantiago Pastorino2013-04-021-6/+6
|\ \ | | | | | | Rename DummyKeyGenerator -> LegacyKeyGenerator
| * | Rename DummyKeyGenerator -> LegacyKeyGeneratorTrevor Turk2013-04-021-6/+6
| | |
* | | Fix permanent cookie jar accessor typoTrevor Turk2013-04-021-1/+6
|/ /
* | Allow transparent upgrading of legacy signed cookies to encrypted cookies; ↵Trevor Turk2013-03-281-2/+73
| | | | | | | | Automatically configure cookie-based sessions to use the best cookie jar given the app's config
* | Skipping test for OpenSSL::PKCS5 JRubyArun Agrawal2013-03-251-0/+10
| |
* | Introduce UpgradeLegacySignedCookieJar to transparently upgrade existing ↵Trevor Turk2013-03-241-0/+55
| | | | | | | | signed cookies generated by Rails 3 to avoid invalidating them when upgrading to Rails 4
* | InvalidMessage is in ActiveSupport::MessageEncryptor namespaceSantiago Pastorino2013-02-191-3/+18
| | | | | | | | Closes #9302
* | add fetch to CookieJarAaron Patterson2013-01-271-0/+30
| |
* | Integrate Action Pack with Rack 1.5Carlos Antonio da Silva2013-01-251-10/+10
|/ | | | | | All ActionPack and Railties tests are passing. Closes #8891. [Carlos Antonio da Silva + Santiago Pastorino]
* Allow users to change the default salt if they want, shouldn't be necessarySantiago Pastorino2012-11-031-1/+4
|
* Add cookie.encrypted which returns an EncryptedCookieJarSantiago Pastorino2012-11-031-0/+15
| | | | | | | | | How to use it? cookies.encrypted[:discount] = 45 => Set-Cookie: discount=ZS9ZZ1R4cG1pcUJ1bm80anhQang3dz09LS1mbDZDSU5scGdOT3ltQ2dTdlhSdWpRPT0%3D--ab54663c9f4e3bc340c790d6d2b71e92f5b60315; path=/ cookies.encrypted[:discount] => 45
* Sign cookies using key deriverSantiago Pastorino2012-11-031-6/+8
|
* Test actual content of permanent cookiebrainopia2012-08-101-1/+1
|
* Dont stream back cookie value if it was set to the same valuebrainopia2012-04-301-0/+12
|
* Dont set cookie header for deletion of unexisting databrainopia2012-04-301-8/+24
|
* ActionDispatch::Cookies::CookieJar#deleted? predicate method.Paul Annesley2012-01-241-0/+11
| | | | | Necessary in controller tests to determine if the CookieJar will delete the given cookie.
* Get rid of the close checks since we cannot reliably close the session anyway.José Valim2011-12-161-97/+1
|
* configuration option to always write cookielest2011-11-231-2/+2
|
* CookieJar is enumerable. fixes #2795Aaron Patterson2011-09-011-0/+16
|
* Add has_key? and key? methods to CookieJar removed in 0ca69ca65f83b4bb34f8José Valim2011-06-301-0/+9
|
* Add backward compatibility for testing cookiesAndrew White2011-06-051-2/+49
| | | | | | | | | | | | | | | | | | | This commit restores the ability to assign cookies for testing via @request.env['HTTP_COOKIE'] and @request.cookies, e.g: @request.env['HTTP_COOKIE'] = 'user_name=david' get :index assert_equal 'david', cookies[:user_name] and @request.cookies[:user_name] = 'david' get :index assert_equal 'david', cookies[:user_name] Assigning via cookies[] is the preferred method and will take precedence over the other two methods. This is so that cookies set in controller actions have precedence and are carried over between calls to get, post, etc.
* Refactor ActionController::TestCase cookiesAndrew White2011-06-041-18/+12
| | | | | | | | | | | | | | | | | | Assigning cookies for test cases should now use cookies[], e.g: cookies[:email] = 'user@example.com' get :index assert_equal 'user@example.com', cookies[:email] To clear the cookies, use clear, e.g: cookies.clear get :index assert_nil cookies[:email] We now no longer write out HTTP_COOKIE and the cookie jar is persistent between requests so if you need to manipulate the environment for your test you need to do it before the cookie jar is created.
* adding teststeve2011-05-191-4/+8
|
* Revert "Use freeze instead of close!"Santiago Pastorino2011-04-071-6/+0
| | | | This reverts commit 29592a7f09dda2e7e1e0a915d9230fe6a9b5c0af.
* cookies hereSantiago Pastorino2011-04-071-3/+3
|
* Use freeze instead of close!Santiago Pastorino2011-04-061-0/+6
|
* Delete useless argumentsSantiago Pastorino2011-04-061-6/+6
|
* Delete useless env variableSantiago Pastorino2011-04-061-9/+3
|