From 617e94658ddc3f71c42fc4f8c2346f87ff106bbe Mon Sep 17 00:00:00 2001
From: Prem Sichanugrist <s@sikachu.com>
Date: Fri, 25 Jun 2010 02:42:08 +0700
Subject: Make sure that Rails doesn't resent session_id cookie over and over
 again if it's already there [#2485 state:resolved]
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

This apply to only Active Record store and Memcached store, as they both store only the session_id, which will be unchanged, in the cookie.

Signed-off-by: José Valim <jose.valim@gmail.com>
---
 actionpack/test/activerecord/active_record_store_test.rb | 12 ++++++++++++
 actionpack/test/dispatch/session/mem_cache_store_test.rb | 12 ++++++++++++
 2 files changed, 24 insertions(+)

(limited to 'actionpack/test')

diff --git a/actionpack/test/activerecord/active_record_store_test.rb b/actionpack/test/activerecord/active_record_store_test.rb
index 736829dbf7..bdd1a0a15c 100644
--- a/actionpack/test/activerecord/active_record_store_test.rb
+++ b/actionpack/test/activerecord/active_record_store_test.rb
@@ -136,6 +136,18 @@ class ActiveRecordStoreTest < ActionController::IntegrationTest
     end
   end
 
+  def test_doesnt_write_session_cookie_if_session_id_is_already_exists
+    with_test_route_set do
+      get '/set_session_value'
+      assert_response :success
+      assert cookies['_session_id']
+
+      get '/get_session_value'
+      assert_response :success
+      assert_equal nil, headers['Set-Cookie'], "should not resend the cookie again if session_id cookie is already exists"
+    end
+  end
+
   def test_prevents_session_fixation
     with_test_route_set do
       get '/set_session_value'
diff --git a/actionpack/test/dispatch/session/mem_cache_store_test.rb b/actionpack/test/dispatch/session/mem_cache_store_test.rb
index 08f8069888..d388992b98 100644
--- a/actionpack/test/dispatch/session/mem_cache_store_test.rb
+++ b/actionpack/test/dispatch/session/mem_cache_store_test.rb
@@ -117,6 +117,18 @@ class MemCacheStoreTest < ActionController::IntegrationTest
       end
     end
 
+    def test_doesnt_write_session_cookie_if_session_id_is_already_exists
+      with_test_route_set do
+        get '/set_session_value'
+        assert_response :success
+        assert cookies['_session_id']
+
+        get '/get_session_value'
+        assert_response :success
+        assert_equal nil, headers['Set-Cookie'], "should not resend the cookie again if session_id cookie is already exists"
+      end
+    end
+
     def test_prevents_session_fixation
       with_test_route_set do
         get '/get_session_value'
-- 
cgit v1.2.3