1
0
Fork 0
mirror of https://github.com/heartcombo/devise.git synced 2022-11-09 12:18:31 -05:00

respect do not track headers in trackable

This commit is contained in:
fabian 2011-05-04 14:44:37 +02:00
parent 9cc69277bc
commit 89b53ea39c
2 changed files with 27 additions and 1 deletions

View file

@ -3,7 +3,7 @@
# and on authentication. Retrieving the user from session (:fetch) does
# not trigger it.
Warden::Manager.after_set_user :except => :fetch do |record, warden, options|
if record.respond_to?(:update_tracked_fields!) && warden.authenticated?(options[:scope])
if record.respond_to?(:update_tracked_fields!) && warden.authenticated?(options[:scope]) && warden.request.headers['X-Do-Not-Track'].to_s != '1' && warden.request.headers['DNT'].to_s != '1'
record.update_tracked_fields!(warden.request)
end
end

View file

@ -61,4 +61,30 @@ class TrackableHooksTest < ActionController::IntegrationTest
assert_nil user.last_sign_in_at
end
end
test "respect X-Do-Not-Track and DNT headers" do
user = create_user
sign_in_as_user do
header "X-Do-Not-Track" , "1"
header "DNT" , "0"
end
user.reload
assert_equal 0, user.sign_in_count
visit destroy_user_session_path
sign_in_as_user do
header "X-Do-Not-Track" , "0"
header "DNT" , "1"
end
user.reload
assert_equal 0, user.sign_in_count
visit destroy_user_session_path
sign_in_as_user do
header "X-Do-Not-Track" , "0"
header "DNT" , "0"
end
user.reload
assert_equal 1, user.sign_in_count
end
end