2008-05-18 06:22:34 +02:00
|
|
|
require 'abstract_unit'
|
2007-01-22 14:43:50 +01:00
|
|
|
|
2009-02-04 21:26:08 +01:00
|
|
|
class CookieTest < ActionController::TestCase
|
2007-01-22 14:43:50 +01:00
|
|
|
class TestController < ActionController::Base
|
2010-05-25 19:45:45 +02:00
|
|
|
self.cookie_verifier_secret = "thisISverySECRET123"
|
|
|
|
|
2007-01-22 14:43:50 +01:00
|
|
|
def authenticate
|
|
|
|
cookies["user_name"] = "david"
|
|
|
|
end
|
|
|
|
|
2009-08-04 17:16:03 +02:00
|
|
|
def set_with_with_escapable_characters
|
|
|
|
cookies["that & guy"] = "foo & bar => baz"
|
|
|
|
end
|
|
|
|
|
2007-12-21 08:48:59 +01:00
|
|
|
def authenticate_for_fourteen_days
|
2009-02-04 21:26:08 +01:00
|
|
|
cookies["user_name"] = { "value" => "david", "expires" => Time.utc(2005, 10, 10,5) }
|
2007-01-22 14:43:50 +01:00
|
|
|
end
|
|
|
|
|
2007-12-21 08:48:59 +01:00
|
|
|
def authenticate_for_fourteen_days_with_symbols
|
2009-02-04 21:26:08 +01:00
|
|
|
cookies[:user_name] = { :value => "david", :expires => Time.utc(2005, 10, 10,5) }
|
2007-01-22 14:43:50 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
def set_multiple_cookies
|
2009-02-04 21:26:08 +01:00
|
|
|
cookies["user_name"] = { "value" => "david", "expires" => Time.utc(2005, 10, 10,5) }
|
2007-01-22 14:43:50 +01:00
|
|
|
cookies["login"] = "XJ-122"
|
|
|
|
end
|
2009-02-04 21:26:08 +01:00
|
|
|
|
2007-01-22 14:43:50 +01:00
|
|
|
def access_frozen_cookies
|
2007-02-09 09:04:31 +01:00
|
|
|
cookies["will"] = "work"
|
2007-01-22 14:43:50 +01:00
|
|
|
end
|
|
|
|
|
2007-02-09 09:04:31 +01:00
|
|
|
def logout
|
|
|
|
cookies.delete("user_name")
|
|
|
|
end
|
|
|
|
|
2007-10-15 19:16:54 +02:00
|
|
|
def delete_cookie_with_path
|
|
|
|
cookies.delete("user_name", :path => '/beaten')
|
2007-12-21 08:48:59 +01:00
|
|
|
render :text => "hello world"
|
|
|
|
end
|
|
|
|
|
|
|
|
def authenticate_with_http_only
|
2009-02-28 02:23:00 +01:00
|
|
|
cookies["user_name"] = { :value => "david", :httponly => true }
|
2007-10-15 19:16:54 +02:00
|
|
|
end
|
2010-05-25 19:45:45 +02:00
|
|
|
|
|
|
|
def set_permanent_cookie
|
|
|
|
cookies.permanent[:user_name] = "Jamie"
|
|
|
|
end
|
|
|
|
|
|
|
|
def set_signed_cookie
|
|
|
|
cookies.signed[:user_id] = 45
|
|
|
|
end
|
|
|
|
|
|
|
|
def set_permanent_signed_cookie
|
|
|
|
cookies.permanent.signed[:remember_me] = 100
|
|
|
|
end
|
2007-10-15 19:16:54 +02:00
|
|
|
|
2009-02-04 21:26:08 +01:00
|
|
|
def rescue_action(e)
|
|
|
|
raise unless ActionView::MissingTemplate # No templates here, and we don't care about the output
|
2007-02-09 09:04:31 +01:00
|
|
|
end
|
2007-01-22 14:43:50 +01:00
|
|
|
end
|
|
|
|
|
2009-02-04 21:26:08 +01:00
|
|
|
tests TestController
|
2007-01-22 14:43:50 +01:00
|
|
|
|
2009-02-04 21:26:08 +01:00
|
|
|
def setup
|
2007-01-22 14:43:50 +01:00
|
|
|
@request.host = "www.nextangle.com"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_setting_cookie
|
2007-02-09 09:04:31 +01:00
|
|
|
get :authenticate
|
2009-02-04 21:26:08 +01:00
|
|
|
assert_equal ["user_name=david; path=/"], @response.headers["Set-Cookie"]
|
|
|
|
assert_equal({"user_name" => "david"}, @response.cookies)
|
2007-01-22 14:43:50 +01:00
|
|
|
end
|
|
|
|
|
2009-08-04 17:16:03 +02:00
|
|
|
def test_setting_with_escapable_characters
|
|
|
|
get :set_with_with_escapable_characters
|
|
|
|
assert_equal ["that+%26+guy=foo+%26+bar+%3D%3E+baz; path=/"], @response.headers["Set-Cookie"]
|
|
|
|
assert_equal({"that & guy" => "foo & bar => baz"}, @response.cookies)
|
|
|
|
end
|
|
|
|
|
2007-01-22 14:43:50 +01:00
|
|
|
def test_setting_cookie_for_fourteen_days
|
2007-12-21 08:48:59 +01:00
|
|
|
get :authenticate_for_fourteen_days
|
2009-02-04 21:26:08 +01:00
|
|
|
assert_equal ["user_name=david; path=/; expires=Mon, 10-Oct-2005 05:00:00 GMT"], @response.headers["Set-Cookie"]
|
|
|
|
assert_equal({"user_name" => "david"}, @response.cookies)
|
2007-01-22 14:43:50 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_setting_cookie_for_fourteen_days_with_symbols
|
2008-10-27 07:47:01 +01:00
|
|
|
get :authenticate_for_fourteen_days_with_symbols
|
2009-02-04 21:26:08 +01:00
|
|
|
assert_equal ["user_name=david; path=/; expires=Mon, 10-Oct-2005 05:00:00 GMT"], @response.headers["Set-Cookie"]
|
|
|
|
assert_equal({"user_name" => "david"}, @response.cookies)
|
2007-01-22 14:43:50 +01:00
|
|
|
end
|
|
|
|
|
2007-12-21 08:48:59 +01:00
|
|
|
def test_setting_cookie_with_http_only
|
|
|
|
get :authenticate_with_http_only
|
2009-02-04 21:26:08 +01:00
|
|
|
assert_equal ["user_name=david; path=/; HttpOnly"], @response.headers["Set-Cookie"]
|
|
|
|
assert_equal({"user_name" => "david"}, @response.cookies)
|
2007-12-21 08:48:59 +01:00
|
|
|
end
|
|
|
|
|
2007-01-22 14:43:50 +01:00
|
|
|
def test_multiple_cookies
|
2007-02-09 09:04:31 +01:00
|
|
|
get :set_multiple_cookies
|
|
|
|
assert_equal 2, @response.cookies.size
|
2009-02-04 21:26:08 +01:00
|
|
|
assert_equal "user_name=david; path=/; expires=Mon, 10-Oct-2005 05:00:00 GMT", @response.headers["Set-Cookie"][0]
|
|
|
|
assert_equal "login=XJ-122; path=/", @response.headers["Set-Cookie"][1]
|
|
|
|
assert_equal({"login" => "XJ-122", "user_name" => "david"}, @response.cookies)
|
2007-01-22 14:43:50 +01:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_setting_test_cookie
|
2007-02-09 09:04:31 +01:00
|
|
|
assert_nothing_raised { get :access_frozen_cookies }
|
|
|
|
end
|
2009-02-04 21:26:08 +01:00
|
|
|
|
2007-02-09 09:04:31 +01:00
|
|
|
def test_expiring_cookie
|
|
|
|
get :logout
|
2009-02-04 21:26:08 +01:00
|
|
|
assert_equal ["user_name=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT"], @response.headers["Set-Cookie"]
|
|
|
|
assert_equal({"user_name" => nil}, @response.cookies)
|
|
|
|
end
|
|
|
|
|
2007-02-09 09:04:31 +01:00
|
|
|
def test_cookiejar_accessor
|
2009-02-04 21:26:08 +01:00
|
|
|
@request.cookies["user_name"] = "david"
|
2007-02-09 09:04:31 +01:00
|
|
|
@controller.request = @request
|
|
|
|
jar = ActionController::CookieJar.new(@controller)
|
|
|
|
assert_equal "david", jar["user_name"]
|
|
|
|
assert_equal nil, jar["something_else"]
|
2007-01-22 14:43:50 +01:00
|
|
|
end
|
2007-10-15 19:16:54 +02:00
|
|
|
|
2007-12-21 08:48:59 +01:00
|
|
|
def test_cookiejar_accessor_with_array_value
|
2009-02-04 21:26:08 +01:00
|
|
|
@request.cookies["pages"] = %w{1 2 3}
|
2007-12-21 08:48:59 +01:00
|
|
|
@controller.request = @request
|
|
|
|
jar = ActionController::CookieJar.new(@controller)
|
2009-02-04 21:26:08 +01:00
|
|
|
assert_equal %w{1 2 3}, jar["pages"]
|
2007-12-21 08:48:59 +01:00
|
|
|
end
|
2009-02-04 21:26:08 +01:00
|
|
|
|
2009-12-01 02:38:34 +01:00
|
|
|
def test_cookiejar_delete_removes_item_and_returns_its_value
|
|
|
|
@request.cookies["user_name"] = "david"
|
|
|
|
@controller.response = @response
|
|
|
|
jar = ActionController::CookieJar.new(@controller)
|
|
|
|
assert_equal "david", jar.delete("user_name")
|
|
|
|
end
|
|
|
|
|
2007-10-15 19:16:54 +02:00
|
|
|
def test_delete_cookie_with_path
|
|
|
|
get :delete_cookie_with_path
|
2009-02-04 21:26:08 +01:00
|
|
|
assert_equal ["user_name=; path=/beaten; expires=Thu, 01-Jan-1970 00:00:00 GMT"], @response.headers["Set-Cookie"]
|
2008-06-02 08:35:38 +02:00
|
|
|
end
|
2009-09-05 09:01:46 +02:00
|
|
|
|
|
|
|
def test_cookies_persist_throughout_request
|
|
|
|
get :authenticate
|
|
|
|
cookies = @controller.send(:cookies)
|
|
|
|
assert_equal 'david', cookies['user_name']
|
|
|
|
end
|
2010-05-25 19:45:45 +02:00
|
|
|
|
|
|
|
def test_permanent_cookie
|
|
|
|
get :set_permanent_cookie
|
|
|
|
assert_match /Jamie/, @response.headers["Set-Cookie"].first
|
|
|
|
assert_match %r(#{20.years.from_now.year}), @response.headers["Set-Cookie"].first
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_signed_cookie
|
|
|
|
get :set_signed_cookie
|
|
|
|
assert_equal 45, @controller.send(:cookies).signed[:user_id]
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_accessing_nonexistant_signed_cookie_should_not_raise_an_invalid_signature
|
|
|
|
get :set_signed_cookie
|
|
|
|
assert_nil @controller.send(:cookies).signed[:non_existant_attribute]
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_permanent_signed_cookie
|
|
|
|
get :set_permanent_signed_cookie
|
|
|
|
assert_match %r(#{20.years.from_now.year}), @response.headers["Set-Cookie"].first
|
|
|
|
assert_equal 100, @controller.send(:cookies).signed[:remember_me]
|
|
|
|
end
|
|
|
|
end
|