From dec2f52fa494c5adf8805ec227ed60d911a6fb4a Mon Sep 17 00:00:00 2001
From: Dennis Suratna <dennis.suratna@gmail.com>
Date: Tue, 11 Aug 2015 15:25:38 -0700
Subject: Authorization scheme should be case insensitive. Fixes #21199

---
 actionpack/test/controller/http_basic_authentication_test.rb | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'actionpack/test/controller/http_basic_authentication_test.rb')

diff --git a/actionpack/test/controller/http_basic_authentication_test.rb b/actionpack/test/controller/http_basic_authentication_test.rb
index ed3632007d..0a5e5402b9 100644
--- a/actionpack/test/controller/http_basic_authentication_test.rb
+++ b/actionpack/test/controller/http_basic_authentication_test.rb
@@ -100,6 +100,14 @@ class HttpBasicAuthenticationTest < ActionController::TestCase
     assert_no_match(/\n/, result)
   end
 
+  test "succesful authentication with uppercase authorization scheme" do
+    @request.env['HTTP_AUTHORIZATION'] = "BASIC #{::Base64.encode64("lifo:world")}"
+    get :index
+
+    assert_response :success
+    assert_equal 'Hello Secret', @response.body, 'Authentication failed when authorization scheme BASIC'
+  end
+
   test "authentication request without credential" do
     get :display
 
-- 
cgit v1.2.3