Rails 2.1.1
Among other things, a security fix.
This commit is contained in:
Jacques Distler
parent
d2c4c8737c
commit
d4f97345db
354 changed files with 21027 additions and 3072 deletions
|
|
@ -284,6 +284,7 @@ class UrlHelperTest < ActionView::TestCase
|
|||
assert_dom_equal "<a href=\"mailto:%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">My email</a>", mail_to("me@domain.com", "My email", :encode => "hex", :replace_at => "(at)")
|
||||
assert_dom_equal "<a href=\"mailto:%6d%65@%64%6f%6d%61%69%6e.%63%6f%6d\">me(at)domain(dot)com</a>", mail_to("me@domain.com", nil, :encode => "hex", :replace_at => "(at)", :replace_dot => "(dot)")
|
||||
assert_dom_equal "<script type=\"text/javascript\">eval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%64%6f%6d%61%69%6e%2e%63%6f%6d%22%3e%4d%79%20%65%6d%61%69%6c%3c%2f%61%3e%27%29%3b'))</script>", mail_to("me@domain.com", "My email", :encode => "javascript", :replace_at => "(at)", :replace_dot => "(dot)")
|
||||
assert_dom_equal "<script type=\"text/javascript\">eval(unescape('%64%6f%63%75%6d%65%6e%74%2e%77%72%69%74%65%28%27%3c%61%20%68%72%65%66%3d%22%6d%61%69%6c%74%6f%3a%6d%65%40%64%6f%6d%61%69%6e%2e%63%6f%6d%22%3e%6d%65%28%61%74%29%64%6f%6d%61%69%6e%28%64%6f%74%29%63%6f%6d%3c%2f%61%3e%27%29%3b'))</script>", mail_to("me@domain.com", nil, :encode => "javascript", :replace_at => "(at)", :replace_dot => "(dot)")
|
||||
end
|
||||
|
||||
def protect_against_forgery?
|
||||
|
|
@ -305,6 +306,10 @@ class UrlHelperWithControllerTest < ActionView::TestCase
|
|||
render :inline => "<%= show_named_route_#{params[:kind]} %>"
|
||||
end
|
||||
|
||||
def nil_url_for
|
||||
render :inline => '<%= url_for(nil) %>'
|
||||
end
|
||||
|
||||
def rescue_action(e) raise e end
|
||||
end
|
||||
|
||||
|
|
@ -321,7 +326,7 @@ class UrlHelperWithControllerTest < ActionView::TestCase
|
|||
assert_equal '/url_helper_with_controller/show_url_for', @response.body
|
||||
end
|
||||
|
||||
def test_named_route_shows_host_and_path
|
||||
def test_named_route_url_shows_host_and_path
|
||||
with_url_helper_routing do
|
||||
get :show_named_route, :kind => 'url'
|
||||
assert_equal 'http://test.host/url_helper_with_controller/show_named_route', @response.body
|
||||
|
|
@ -335,6 +340,11 @@ class UrlHelperWithControllerTest < ActionView::TestCase
|
|||
end
|
||||
end
|
||||
|
||||
def test_url_for_nil_returns_current_path
|
||||
get :nil_url_for
|
||||
assert_equal '/url_helper_with_controller/nil_url_for', @response.body
|
||||
end
|
||||
|
||||
protected
|
||||
def with_url_helper_routing
|
||||
with_routing do |set|
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue