From 28f8914962108a9d3147ed01db1f37a493d79d8a Mon Sep 17 00:00:00 2001
From: Taishi Kasuga <kasuga@livesense.co.jp>
Date: Tue, 22 Nov 2016 14:40:10 +0900
Subject: Fix a force ssl redirection bug that occur when session store
 disabled.

---
 actionpack/test/controller/force_ssl_test.rb | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'actionpack/test/controller/force_ssl_test.rb')

diff --git a/actionpack/test/controller/force_ssl_test.rb b/actionpack/test/controller/force_ssl_test.rb
index 2b3859aa57..af3eedabe2 100644
--- a/actionpack/test/controller/force_ssl_test.rb
+++ b/actionpack/test/controller/force_ssl_test.rb
@@ -92,6 +92,22 @@ class RedirectToSSL < ForceSSLController
   end
 end
 
+class RedirectToSSLIfSessionStoreDisabled < ForceSSLController
+  def banana
+    request.class_eval do
+      alias_method :flash_origin, :flash
+      undef_method :flash
+    end
+
+    force_ssl_redirect || render(plain: "monkey")
+  ensure
+    request.class_eval do
+      alias_method :flash, :flash_origin
+      undef_method :flash_origin
+    end
+  end
+end
+
 class ForceSSLControllerLevelTest < ActionController::TestCase
   def test_banana_redirects_to_https
     get :banana
@@ -321,6 +337,14 @@ class RedirectToSSLTest < ActionController::TestCase
   end
 end
 
+class RedirectToSSLIfSessionStoreDisabledTest < ActionController::TestCase
+  def test_banana_redirects_to_https_if_not_https_and_session_store_disabled
+    get :banana
+    assert_response 301
+    assert_equal "https://test.host/redirect_to_ssl_if_session_store_disabled/banana", redirect_to_url
+  end
+end
+
 class ForceSSLControllerLevelTest < ActionController::TestCase
   def test_no_redirect_websocket_ssl_request
     request.env["rack.url_scheme"] = "wss"
-- 
cgit v1.2.3