From 78de17cf7095af8e86d192af8d8fbe21e6f193d9 Mon Sep 17 00:00:00 2001 From: Jeremy Kemper Date: Thu, 4 Feb 2010 14:15:16 -0800 Subject: Expose CSRF tag for UJS adapters --- .../test/controller/request_forgery_protection_test.rb | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) (limited to 'actionpack/test') diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb index b2a0e2e2a3..55c21bc84a 100644 --- a/actionpack/test/controller/request_forgery_protection_test.rb +++ b/actionpack/test/controller/request_forgery_protection_test.rb @@ -15,13 +15,17 @@ module RequestForgeryProtectionActions render :text => 'pwn' end + def meta + render :inline => "<%= csrf_meta_tag %>" + end + def rescue_action(e) raise e end end # sample controllers class RequestForgeryProtectionController < ActionController::Base include RequestForgeryProtectionActions - protect_from_forgery :only => :index + protect_from_forgery :only => %w(index meta) end class FreeCookieController < RequestForgeryProtectionController @@ -211,6 +215,11 @@ class RequestForgeryProtectionControllerTest < ActionController::TestCase ActiveSupport::SecureRandom.stubs(:base64).returns(@token) ActionController::Base.request_forgery_protection_token = :authenticity_token end + + test 'should emit a csrf-token meta tag' do + get :meta + assert_equal %(), @response.body + end end class FreeCookieControllerTest < ActionController::TestCase @@ -238,6 +247,11 @@ class FreeCookieControllerTest < ActionController::TestCase assert_nothing_raised { send(method, :index)} end end + + test 'should not emit a csrf-token meta tag' do + get :meta + assert @response.body.blank? + end end class CustomAuthenticityParamControllerTest < ActionController::TestCase -- cgit v1.2.3 From 2191aa47acc0a560366c8c09fa9635602cff5f07 Mon Sep 17 00:00:00 2001 From: Jeremy Kemper Date: Thu, 4 Feb 2010 15:26:24 -0800 Subject: Expose CSRF param name also --- actionpack/test/controller/request_forgery_protection_test.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actionpack/test') diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb index 55c21bc84a..77d07d8eeb 100644 --- a/actionpack/test/controller/request_forgery_protection_test.rb +++ b/actionpack/test/controller/request_forgery_protection_test.rb @@ -218,7 +218,7 @@ class RequestForgeryProtectionControllerTest < ActionController::TestCase test 'should emit a csrf-token meta tag' do get :meta - assert_equal %(), @response.body + assert_equal %(\n), @response.body end end -- cgit v1.2.3 From 3062bc70eff68397a00fc652e8eee4ae8089e0a2 Mon Sep 17 00:00:00 2001 From: Jeremy Kemper Date: Thu, 4 Feb 2010 17:45:43 -0800 Subject: HTML-escape csrf meta contents --- actionpack/test/controller/request_forgery_protection_test.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'actionpack/test') diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb index 77d07d8eeb..c38ffad748 100644 --- a/actionpack/test/controller/request_forgery_protection_test.rb +++ b/actionpack/test/controller/request_forgery_protection_test.rb @@ -210,7 +210,7 @@ class RequestForgeryProtectionControllerTest < ActionController::TestCase @request = ActionController::TestRequest.new @request.format = :html @response = ActionController::TestResponse.new - @token = "cf50faa3fe97702ca1ae" + @token = "cf50faa3fe97702ca1a/=?" ActiveSupport::SecureRandom.stubs(:base64).returns(@token) ActionController::Base.request_forgery_protection_token = :authenticity_token @@ -227,7 +227,7 @@ class FreeCookieControllerTest < ActionController::TestCase @controller = FreeCookieController.new @request = ActionController::TestRequest.new @response = ActionController::TestResponse.new - @token = "cf50faa3fe97702ca1ae" + @token = "cf50faa3fe97702ca1a/=?" ActiveSupport::SecureRandom.stubs(:base64).returns(@token) end -- cgit v1.2.3 From 6bf79f02bede6a75a5211de64a1359b10749a2df Mon Sep 17 00:00:00 2001 From: Jeremy Kemper Date: Thu, 4 Feb 2010 17:49:23 -0800 Subject: Revert dumb test --- actionpack/test/controller/request_forgery_protection_test.rb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'actionpack/test') diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb index c38ffad748..77d07d8eeb 100644 --- a/actionpack/test/controller/request_forgery_protection_test.rb +++ b/actionpack/test/controller/request_forgery_protection_test.rb @@ -210,7 +210,7 @@ class RequestForgeryProtectionControllerTest < ActionController::TestCase @request = ActionController::TestRequest.new @request.format = :html @response = ActionController::TestResponse.new - @token = "cf50faa3fe97702ca1a/=?" + @token = "cf50faa3fe97702ca1ae" ActiveSupport::SecureRandom.stubs(:base64).returns(@token) ActionController::Base.request_forgery_protection_token = :authenticity_token @@ -227,7 +227,7 @@ class FreeCookieControllerTest < ActionController::TestCase @controller = FreeCookieController.new @request = ActionController::TestRequest.new @response = ActionController::TestResponse.new - @token = "cf50faa3fe97702ca1a/=?" + @token = "cf50faa3fe97702ca1ae" ActiveSupport::SecureRandom.stubs(:base64).returns(@token) end -- cgit v1.2.3 From 31f8a59c16d4a29553e2dbf891c891493fd138c0 Mon Sep 17 00:00:00 2001 From: Jeremy Kemper Date: Thu, 4 Feb 2010 18:03:06 -0800 Subject: Test that csrf meta content is html-escaped, too --- actionpack/test/controller/request_forgery_protection_test.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'actionpack/test') diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb index 77d07d8eeb..be05ef6167 100644 --- a/actionpack/test/controller/request_forgery_protection_test.rb +++ b/actionpack/test/controller/request_forgery_protection_test.rb @@ -217,8 +217,9 @@ class RequestForgeryProtectionControllerTest < ActionController::TestCase end test 'should emit a csrf-token meta tag' do + ActiveSupport::SecureRandom.stubs(:base64).returns(@token + '<=?') get :meta - assert_equal %(\n), @response.body + assert_equal %(\n), @response.body end end -- cgit v1.2.3 From 5384df5589c7adccff845e943ce594f556397e77 Mon Sep 17 00:00:00 2001 From: Yehuda Katz Date: Fri, 5 Feb 2010 22:48:13 -0800 Subject: Updates subscriber test for new output --- actionpack/test/controller/subscriber_test.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'actionpack/test') diff --git a/actionpack/test/controller/subscriber_test.rb b/actionpack/test/controller/subscriber_test.rb index 119a18ebc5..d7c1166f14 100644 --- a/actionpack/test/controller/subscriber_test.rb +++ b/actionpack/test/controller/subscriber_test.rb @@ -73,7 +73,7 @@ class ACSubscriberTest < ActionController::TestCase wait assert_equal 2, logs.size assert_match /Completed/, logs.last - assert_match /with 200/, logs.last + assert_match /200 OK/, logs.last end def test_process_action_without_parameters -- cgit v1.2.3 From 22c0390085eed6fa2c4b78e1a9465ae3b7861568 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Sat, 6 Feb 2010 11:52:28 +0100 Subject: Add a test which ensures namespaced roots. --- actionpack/test/dispatch/routing_test.rb | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'actionpack/test') diff --git a/actionpack/test/dispatch/routing_test.rb b/actionpack/test/dispatch/routing_test.rb index dfe824fd70..bcb97e4ae0 100644 --- a/actionpack/test/dispatch/routing_test.rb +++ b/actionpack/test/dispatch/routing_test.rb @@ -118,6 +118,8 @@ class TestRoutingMapper < ActionDispatch::IntegrationTest match 'description', :to => "account#description", :as => "description" resource :subscription, :credit, :credit_card + root :to => "account#index" + namespace :admin do resource :subscription end @@ -659,6 +661,14 @@ class TestRoutingMapper < ActionDispatch::IntegrationTest end end + def test_namespaced_roots + with_test_routes do + assert_equal '/account', account_root_path + get '/account' + assert_equal 'account#index', @response.body + end + end + def test_optional_scoped_root with_test_routes do assert_equal '/en', root_path("en") -- cgit v1.2.3 From de69c798db5535f19bfd585da83117fe1dacd6d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Valim?= Date: Sat, 6 Feb 2010 20:55:25 +0100 Subject: Fix nested attributes with specified collection. --- actionpack/test/template/form_helper_test.rb | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'actionpack/test') diff --git a/actionpack/test/template/form_helper_test.rb b/actionpack/test/template/form_helper_test.rb index f2d524bd1b..7b909fff82 100644 --- a/actionpack/test/template/form_helper_test.rb +++ b/actionpack/test/template/form_helper_test.rb @@ -918,6 +918,28 @@ class FormHelperTest < ActionView::TestCase assert_dom_equal expected, output_buffer end + def test_nested_fields_for_with_existing_records_on_a_supplied_nested_attributes_collection_different_from_record_one + comments = Array.new(2) { |id| Comment.new(id + 1) } + @post.comments = [] + + form_for(:post, @post) do |f| + concat f.text_field(:title) + f.fields_for(:comments, comments) do |cf| + concat cf.text_field(:name) + end + end + + expected = '
' + + '' + + '' + + '' + + '' + + '' + + '
' + + assert_dom_equal expected, output_buffer + end + def test_nested_fields_for_on_a_nested_attributes_collection_association_yields_only_builder @post.comments = [Comment.new(321), Comment.new] yielded_comments = [] -- cgit v1.2.3 From b235af702a086dd06fa9849ee47942e8ce82090d Mon Sep 17 00:00:00 2001 From: Gabriel Mansour Date: Sat, 30 Jan 2010 12:38:33 -0500 Subject: Fix pluralization for numbers formatted like '1.00' Signed-off-by: Jeremy Kemper --- actionpack/test/template/text_helper_test.rb | 2 ++ 1 file changed, 2 insertions(+) (limited to 'actionpack/test') diff --git a/actionpack/test/template/text_helper_test.rb b/actionpack/test/template/text_helper_test.rb index 088c07b8bb..39bea12501 100644 --- a/actionpack/test/template/text_helper_test.rb +++ b/actionpack/test/template/text_helper_test.rb @@ -228,6 +228,8 @@ class TextHelperTest < ActionView::TestCase assert_equal("2 counts", pluralize('2', "count")) assert_equal("1,066 counts", pluralize('1,066', "count")) assert_equal("1.25 counts", pluralize('1.25', "count")) + assert_equal("1.0 count", pluralize('1.0', "count")) + assert_equal("1.00 count", pluralize('1.00', "count")) assert_equal("2 counters", pluralize(2, "count", "counters")) assert_equal("0 counters", pluralize(nil, "count", "counters")) assert_equal("2 people", pluralize(2, "person")) -- cgit v1.2.3 From d68f8ba5c303556ecb8625dd146184d68b704e83 Mon Sep 17 00:00:00 2001 From: David Heinemeier Hansson Date: Fri, 12 Feb 2010 17:24:04 -0800 Subject: simple_format returns a safe buffer escaping unsafe input [Santiago Pastorino] --- actionpack/test/template/text_helper_test.rb | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'actionpack/test') diff --git a/actionpack/test/template/text_helper_test.rb b/actionpack/test/template/text_helper_test.rb index 39bea12501..9962b7af3f 100644 --- a/actionpack/test/template/text_helper_test.rb +++ b/actionpack/test/template/text_helper_test.rb @@ -40,6 +40,18 @@ class TextHelperTest < ActionView::TestCase assert_equal %Q(

para 1

\n\n

para 2

), simple_format("para 1\n\npara 2", :class => 'test') end + def test_simple_format_should_be_html_safe + assert simple_format(" test with html tags ").html_safe? + end + + def test_simple_format_should_escape_unsafe_input + assert_equal "

<b> test with unsafe string </b>

", simple_format(" test with unsafe string ") + end + + def test_simple_format_should_not_escape_safe_input + assert_equal "

test with safe string

", simple_format(" test with safe string ".html_safe) + end + def test_truncate assert_equal "Hello World!", truncate("Hello World!", :length => 12) assert_equal "Hello Wor...", truncate("Hello World!!", :length => 12) -- cgit v1.2.3