From e1385be025263fad6d339010d42fe553d1de64af Mon Sep 17 00:00:00 2001
From: Jeremy Kemper <jeremy@bitsweat.net>
Date: Tue, 17 Nov 2009 23:36:48 -0800
Subject: Extract form_authenticity_param instance method so it's overridable
 in subclasses

---
 .../controller/request_forgery_protection_test.rb    | 20 +++++++++++++++++++-
 1 file changed, 19 insertions(+), 1 deletion(-)

(limited to 'actionpack/test/controller')

diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb
index 7111796f8d..3e54ae96c5 100644
--- a/actionpack/test/controller/request_forgery_protection_test.rb
+++ b/actionpack/test/controller/request_forgery_protection_test.rb
@@ -18,7 +18,7 @@ module RequestForgeryProtectionActions
   def unsafe
     render :text => 'pwn'
   end
-  
+
   def rescue_action(e) raise e end
 end
 
@@ -40,6 +40,13 @@ class FreeCookieController < RequestForgeryProtectionController
   end
 end
 
+class CustomAuthenticityParamController < RequestForgeryProtectionController
+  def form_authenticity_param
+    'foobar'
+  end
+end
+
+
 # common test methods
 
 module RequestForgeryProtectionTests
@@ -241,3 +248,14 @@ class FreeCookieControllerTest < ActionController::TestCase
     end
   end
 end
+
+class CustomAuthenticityParamControllerTest < ActionController::TestCase
+  def setup
+    ActionController::Base.request_forgery_protection_token = :authenticity_tok
+  end
+
+  def test_should_allow_custom_token
+    post :index, :authenticity_token => 'foobar'
+    assert_response :ok
+  end
+end
-- 
cgit v1.2.3