From 65e36d31819d46ea5934fa8c7222dcec04490423 Mon Sep 17 00:00:00 2001
From: Takayuki Matsubara <takayuki.1229@gmail.com>
Date: Wed, 30 Dec 2015 00:12:01 +0900
Subject: Escape cookie's key and value in ActionController::TestCase

Get an incorrect cookie value in controller action method
if cookie value contains an escapable string.
---
 actionpack/test/controller/test_case_test.rb | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'actionpack/test')

diff --git a/actionpack/test/controller/test_case_test.rb b/actionpack/test/controller/test_case_test.rb
index b9caddcdb7..a054477282 100644
--- a/actionpack/test/controller/test_case_test.rb
+++ b/actionpack/test/controller/test_case_test.rb
@@ -137,6 +137,11 @@ XML
       head :created, location: 'created resource'
     end
 
+    def read_cookie
+      cookies["foo"]
+      render plain: 'ok'
+    end
+
     def delete_cookie
       cookies.delete("foo")
       render plain: 'ok'
@@ -825,8 +830,10 @@ XML
 
   def test_should_have_knowledge_of_client_side_cookie_state_even_if_they_are_not_set
     cookies['foo'] = 'bar'
+    cookies['escape'] = '+'
     get :no_op
     assert_equal 'bar', cookies['foo']
+    assert_equal '+', cookies['escape']
   end
 
   def test_should_detect_if_cookie_is_deleted
-- 
cgit v1.2.3