1
0
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2022-11-09 12:18:31 -05:00

Added assertion testing that remember_user_token cookie is flagged as HttpOnly.

Signed-off-by: José Valim <jose.valim@gmail.com>
This commit is contained in:
JamesFerguson 2010-12-22 16:04:54 +11:00 committed by José Valim
parent b34f456096
commit 1b43cb5203

View file

@ -69,6 +69,7 @@ class RememberMeTest < ActionController::IntegrationTest
assert_response :success
assert warden.authenticated?(:user)
assert warden.user(:user) == user
assert_match /remember_user_token[^\n]*HttpOnly\n/, response.headers["Set-Cookie"], "Expected Set-Cookie header in response to set HttpOnly flag on remember_user_token cookie."
end
test 'does not extend remember period through sign in' do
@ -176,4 +177,4 @@ class RememberMeTest < ActionController::IntegrationTest
get users_path
assert_not warden.authenticated?(:user)
end
end
end