kotovalexarian-likes-github/heartcombo--devise
1
0
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2022-11-09 12:18:31 -05:00
Code Releases Activity

Added assertion testing that remember_user_token cookie is flagged as HttpOnly.

Browse source 
Signed-off-by: José Valim <jose.valim@gmail.com>
This commit is contained in:
JamesFerguson 2010-12-22 16:04:54 +11:00 committed by José Valim
parent b34f456096
commit 1b43cb5203
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
test/integration/rememberable_test.rb
View file

@ -69,6 +69,7 @@ class RememberMeTest < ActionController::IntegrationTest
assert_response :success
assert warden.authenticated?(:user)
assert warden.user(:user) == user
assert_match /remember_user_token[^\n]*HttpOnly\n/, response.headers["Set-Cookie"], "Expected Set-Cookie header in response to set HttpOnly flag on remember_user_token cookie."
end
test 'does not extend remember period through sign in' do
@ -176,4 +177,4 @@ class RememberMeTest < ActionController::IntegrationTest
get users_path
assert_not warden.authenticated?(:user)
end
end
end