1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
|
require 'abstract_unit'
class CookieTest < Test::Unit::TestCase
class TestController < ActionController::Base
def authenticate
cookies["user_name"] = "david"
end
def authenticate_for_fourteen_days
cookies["user_name"] = { "value" => "david", "expires" => Time.local(2005, 10, 10) }
end
def authenticate_for_fourteen_days_with_symbols
cookies[:user_name] = { :value => "david", :expires => Time.local(2005, 10, 10) }
end
def set_multiple_cookies
cookies["user_name"] = { "value" => "david", "expires" => Time.local(2005, 10, 10) }
cookies["login"] = "XJ-122"
end
def access_frozen_cookies
cookies["will"] = "work"
end
def logout
cookies.delete("user_name")
end
def delete_cookie_with_path
cookies.delete("user_name", :path => '/beaten')
render :text => "hello world"
end
def authenticate_with_http_only
cookies["user_name"] = { :value => "david", :http_only => true }
end
def rescue_action(e)
raise unless ActionView::MissingTemplate # No templates here, and we don't care about the output
end
end
def setup
@request = ActionController::TestRequest.new
@response = ActionController::TestResponse.new
@controller = TestController.new
@request.host = "www.nextangle.com"
end
def test_setting_cookie
get :authenticate
assert_equal [ CGI::Cookie::new("name" => "user_name", "value" => "david") ], @response.headers["cookie"]
end
def test_setting_cookie_for_fourteen_days
get :authenticate_for_fourteen_days
assert_equal [ CGI::Cookie::new("name" => "user_name", "value" => "david", "expires" => Time.local(2005, 10, 10)) ], @response.headers["cookie"]
end
def test_setting_cookie_for_fourteen_days_with_symbols
get :authenticate_for_fourteen_days_with_symbols
assert_equal [ CGI::Cookie::new("name" => "user_name", "value" => "david", "expires" => Time.local(2005, 10, 10)) ], @response.headers["cookie"]
end
def test_setting_cookie_with_http_only
get :authenticate_with_http_only
assert_equal [ CGI::Cookie::new("name" => "user_name", "value" => "david", "http_only" => true) ], @response.headers["cookie"]
assert_equal CGI::Cookie::new("name" => "user_name", "value" => "david", "path" => "/", "http_only" => true).to_s, @response.headers["cookie"][0].to_s
end
def test_multiple_cookies
get :set_multiple_cookies
assert_equal 2, @response.cookies.size
end
def test_setting_test_cookie
assert_nothing_raised { get :access_frozen_cookies }
end
def test_expiring_cookie
get :logout
assert_equal [ CGI::Cookie::new("name" => "user_name", "value" => "", "expires" => Time.at(0)) ], @response.headers["cookie"]
assert_equal CGI::Cookie::new("name" => "user_name", "value" => "", "expires" => Time.at(0)).value, []
end
def test_cookiejar_accessor
@request.cookies["user_name"] = CGI::Cookie.new("name" => "user_name", "value" => "david", "expires" => Time.local(2025, 10, 10))
@controller.request = @request
jar = ActionController::CookieJar.new(@controller)
assert_equal "david", jar["user_name"]
assert_equal nil, jar["something_else"]
end
def test_cookiejar_accessor_with_array_value
a = %w{1 2 3}
@request.cookies["pages"] = CGI::Cookie.new("name" => "pages", "value" => a, "expires" => Time.local(2025, 10, 10))
@controller.request = @request
jar = ActionController::CookieJar.new(@controller)
assert_equal a, jar["pages"]
end
def test_delete_cookie_with_path
get :delete_cookie_with_path
assert_equal "/beaten", @response.headers["cookie"].first.path
assert_not_equal "/", @response.headers["cookie"].first.path
end
def test_cookie_to_s_simple_values
assert_equal 'myname=myvalue; path=', CGI::Cookie.new('myname', 'myvalue').to_s
end
def test_cookie_to_s_hash
cookie_str = CGI::Cookie.new(
'name' => 'myname',
'value' => 'myvalue',
'domain' => 'mydomain',
'path' => 'mypath',
'expires' => Time.utc(2007, 10, 20),
'secure' => true,
'http_only' => true).to_s
assert_equal 'myname=myvalue; domain=mydomain; path=mypath; expires=Sat, 20 Oct 2007 00:00:00 GMT; secure; HttpOnly', cookie_str
end
def test_cookie_to_s_hash_default_not_secure_not_http_only
cookie_str = CGI::Cookie.new(
'name' => 'myname',
'value' => 'myvalue',
'domain' => 'mydomain',
'path' => 'mypath',
'expires' => Time.utc(2007, 10, 20))
assert cookie_str !~ /secure/
assert cookie_str !~ /HttpOnly/
end
def test_cookies_should_not_be_split_on_ampersand_values
cookies = CGI::Cookie.parse('return_to=http://rubyonrails.org/search?term=api&scope=all&global=true')
assert_equal({"return_to" => ["http://rubyonrails.org/search?term=api&scope=all&global=true"]}, cookies)
end
def test_cookies_should_not_be_split_on_values_with_newlines
cookies = CGI::Cookie.new("name" => "val", "value" => "this\nis\na\ntest")
assert cookies.size == 1
end
end
|