From d6933a1e9fdce873e5540813f4d44d313b6d363d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jos=C3=A9=20Valim?= <jose.valim@gmail.com>
Date: Thu, 12 Jan 2012 20:46:54 +0100
Subject: config.force_ssl should mark the session as secure.

---
 .../test/application/middleware/session_test.rb    | 30 ++++++++++++++++++++++
 1 file changed, 30 insertions(+)
 create mode 100644 railties/test/application/middleware/session_test.rb

(limited to 'railties/test/application')

diff --git a/railties/test/application/middleware/session_test.rb b/railties/test/application/middleware/session_test.rb
new file mode 100644
index 0000000000..f4e77ee244
--- /dev/null
+++ b/railties/test/application/middleware/session_test.rb
@@ -0,0 +1,30 @@
+# encoding: utf-8
+require 'isolation/abstract_unit'
+require 'rack/test'
+
+module ApplicationTests
+  class MiddlewareSessionTest < ActiveSupport::TestCase
+    include ActiveSupport::Testing::Isolation
+    include Rack::Test::Methods
+
+    def setup
+      build_app
+      boot_rails
+      FileUtils.rm_rf "#{app_path}/config/environments"
+    end
+
+    def teardown
+      teardown_app
+    end
+
+    def app
+      @app ||= Rails.application
+    end
+
+    test "config.force_ssl sets cookie to secure only" do
+      add_to_config "config.force_ssl = true"
+      require "#{app_path}/config/environment"
+      assert app.config.session_options[:secure], "Expected session to be marked as secure"
+    end
+  end
+end
-- 
cgit v1.2.3