2008-01-05 08:32:06 -05:00
|
|
|
require 'abstract_unit'
|
2004-11-23 20:04:44 -05:00
|
|
|
|
2010-06-11 05:44:18 -04:00
|
|
|
class CookiesTest < ActionController::TestCase
|
2004-11-23 20:04:44 -05:00
|
|
|
class TestController < ActionController::Base
|
2004-11-25 21:04:35 -05:00
|
|
|
def authenticate
|
|
|
|
cookies["user_name"] = "david"
|
2009-05-22 19:57:45 -04:00
|
|
|
head :ok
|
2004-11-25 21:04:35 -05:00
|
|
|
end
|
|
|
|
|
2009-02-03 21:37:55 -05:00
|
|
|
def set_with_with_escapable_characters
|
|
|
|
cookies["that & guy"] = "foo & bar => baz"
|
2009-05-22 19:57:45 -04:00
|
|
|
head :ok
|
2009-02-03 21:37:55 -05:00
|
|
|
end
|
|
|
|
|
2007-09-28 10:18:47 -04:00
|
|
|
def authenticate_for_fourteen_days
|
2008-12-21 07:35:29 -05:00
|
|
|
cookies["user_name"] = { "value" => "david", "expires" => Time.utc(2005, 10, 10,5) }
|
2009-05-22 19:57:45 -04:00
|
|
|
head :ok
|
2004-11-25 21:04:35 -05:00
|
|
|
end
|
|
|
|
|
2007-09-28 10:18:47 -04:00
|
|
|
def authenticate_for_fourteen_days_with_symbols
|
2008-12-21 07:35:29 -05:00
|
|
|
cookies[:user_name] = { :value => "david", :expires => Time.utc(2005, 10, 10,5) }
|
2009-05-22 19:57:45 -04:00
|
|
|
head :ok
|
2004-11-25 21:09:38 -05:00
|
|
|
end
|
|
|
|
|
2004-11-25 21:04:35 -05:00
|
|
|
def set_multiple_cookies
|
2008-12-21 07:35:29 -05:00
|
|
|
cookies["user_name"] = { "value" => "david", "expires" => Time.utc(2005, 10, 10,5) }
|
2004-11-25 21:04:35 -05:00
|
|
|
cookies["login"] = "XJ-122"
|
2009-05-22 19:57:45 -04:00
|
|
|
head :ok
|
2004-11-25 21:04:35 -05:00
|
|
|
end
|
2008-12-19 17:35:23 -05:00
|
|
|
|
2005-04-02 03:54:25 -05:00
|
|
|
def access_frozen_cookies
|
2006-09-29 04:04:39 -04:00
|
|
|
cookies["will"] = "work"
|
2009-05-22 19:57:45 -04:00
|
|
|
head :ok
|
2005-04-02 03:54:25 -05:00
|
|
|
end
|
|
|
|
|
2007-01-17 01:51:59 -05:00
|
|
|
def logout
|
|
|
|
cookies.delete("user_name")
|
2009-05-22 19:57:45 -04:00
|
|
|
head :ok
|
2007-01-17 01:51:59 -05:00
|
|
|
end
|
|
|
|
|
2007-07-01 19:27:59 -04:00
|
|
|
def delete_cookie_with_path
|
|
|
|
cookies.delete("user_name", :path => '/beaten')
|
2009-05-22 19:57:45 -04:00
|
|
|
head :ok
|
2007-07-01 19:27:59 -04:00
|
|
|
end
|
|
|
|
|
2007-09-21 11:05:49 -04:00
|
|
|
def authenticate_with_http_only
|
2009-02-07 16:37:54 -05:00
|
|
|
cookies["user_name"] = { :value => "david", :httponly => true }
|
2009-05-22 19:57:45 -04:00
|
|
|
head :ok
|
2007-01-17 01:51:59 -05:00
|
|
|
end
|
2010-09-22 15:03:39 -04:00
|
|
|
|
2010-09-13 17:29:25 -04:00
|
|
|
def authenticate_with_secure
|
|
|
|
cookies["user_name"] = { :value => "david", :secure => true }
|
|
|
|
head :ok
|
|
|
|
end
|
2009-12-20 17:33:13 -05:00
|
|
|
|
|
|
|
def set_permanent_cookie
|
|
|
|
cookies.permanent[:user_name] = "Jamie"
|
|
|
|
head :ok
|
|
|
|
end
|
2010-01-16 18:21:46 -05:00
|
|
|
|
2009-12-20 17:33:13 -05:00
|
|
|
def set_signed_cookie
|
|
|
|
cookies.signed[:user_id] = 45
|
|
|
|
head :ok
|
|
|
|
end
|
2010-01-16 18:21:46 -05:00
|
|
|
|
2010-05-17 19:43:06 -04:00
|
|
|
def raise_data_overflow
|
|
|
|
cookies.signed[:foo] = 'bye!' * 1024
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
|
|
|
|
def tampered_cookies
|
|
|
|
cookies[:tampered] = "BAh7BjoIZm9vIghiYXI%3D--123456780"
|
|
|
|
cookies.signed[:tampered]
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
|
2009-12-20 17:33:13 -05:00
|
|
|
def set_permanent_signed_cookie
|
|
|
|
cookies.permanent.signed[:remember_me] = 100
|
|
|
|
head :ok
|
|
|
|
end
|
2010-03-17 20:15:52 -04:00
|
|
|
|
|
|
|
def delete_and_set_cookie
|
|
|
|
cookies.delete :user_name
|
|
|
|
cookies[:user_name] = { :value => "david", :expires => Time.utc(2005, 10, 10,5) }
|
|
|
|
head :ok
|
|
|
|
end
|
2010-06-11 06:00:35 -04:00
|
|
|
|
|
|
|
def set_cookie_with_domain
|
|
|
|
cookies[:user_name] = {:value => "rizwanreza", :domain => :all}
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
|
|
|
|
def delete_cookie_with_domain
|
|
|
|
cookies.delete(:user_name, :domain => :all)
|
|
|
|
head :ok
|
|
|
|
end
|
2010-10-13 14:58:25 -04:00
|
|
|
|
2011-01-21 06:59:49 -05:00
|
|
|
def set_cookie_with_domain_and_tld
|
|
|
|
cookies[:user_name] = {:value => "rizwanreza", :domain => :all, :tld_length => 2}
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
|
|
|
|
def delete_cookie_with_domain_and_tld
|
|
|
|
cookies.delete(:user_name, :domain => :all, :tld_length => 2)
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
|
2011-01-21 06:58:33 -05:00
|
|
|
def set_cookie_with_domains
|
|
|
|
cookies[:user_name] = {:value => "rizwanreza", :domain => %w(example1.com example2.com .example3.com)}
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
|
|
|
|
def delete_cookie_with_domains
|
|
|
|
cookies.delete(:user_name, :domain => %w(example1.com example2.com .example3.com))
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
|
2010-10-13 14:58:25 -04:00
|
|
|
def symbol_key
|
|
|
|
cookies[:user_name] = "david"
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
|
|
|
|
def string_key
|
2011-05-19 10:33:18 -04:00
|
|
|
cookies['user_name'] = "dhh"
|
2010-10-13 14:58:25 -04:00
|
|
|
head :ok
|
|
|
|
end
|
2011-03-06 07:49:44 -05:00
|
|
|
|
|
|
|
def symbol_key_mock
|
|
|
|
cookies[:user_name] = "david" if cookies[:user_name] == "andrew"
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
|
|
|
|
def string_key_mock
|
|
|
|
cookies['user_name'] = "david" if cookies['user_name'] == "andrew"
|
|
|
|
head :ok
|
|
|
|
end
|
|
|
|
|
|
|
|
def noop
|
|
|
|
head :ok
|
|
|
|
end
|
2004-11-23 20:04:44 -05:00
|
|
|
end
|
|
|
|
|
2009-01-07 16:23:10 -05:00
|
|
|
tests TestController
|
2004-11-23 20:04:44 -05:00
|
|
|
|
2009-01-07 16:23:10 -05:00
|
|
|
def setup
|
2009-04-08 20:33:06 -04:00
|
|
|
super
|
2010-05-17 19:43:06 -04:00
|
|
|
@request.env["action_dispatch.secret_token"] = "b3c631c314c0bbca50c1b2843150fe33"
|
2004-11-23 20:04:44 -05:00
|
|
|
@request.host = "www.nextangle.com"
|
|
|
|
end
|
|
|
|
|
2011-09-01 16:37:14 -04:00
|
|
|
def test_each
|
|
|
|
request.cookie_jar['foo'] = :bar
|
|
|
|
list = []
|
|
|
|
request.cookie_jar.each do |k,v|
|
|
|
|
list << [k, v]
|
|
|
|
end
|
|
|
|
|
|
|
|
assert_equal [['foo', :bar]], list
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_enumerable
|
|
|
|
request.cookie_jar['foo'] = :bar
|
|
|
|
actual = request.cookie_jar.map { |k,v| [k.to_s, v.to_s] }
|
|
|
|
assert_equal [['foo', 'bar']], actual
|
|
|
|
end
|
|
|
|
|
2011-06-30 07:01:26 -04:00
|
|
|
def test_key_methods
|
|
|
|
assert !request.cookie_jar.key?(:foo)
|
|
|
|
assert !request.cookie_jar.has_key?("foo")
|
|
|
|
|
|
|
|
request.cookie_jar[:foo] = :bar
|
|
|
|
assert request.cookie_jar.key?(:foo)
|
|
|
|
assert request.cookie_jar.has_key?("foo")
|
|
|
|
end
|
|
|
|
|
2004-11-23 20:04:44 -05:00
|
|
|
def test_setting_cookie
|
2007-01-17 01:51:59 -05:00
|
|
|
get :authenticate
|
2009-05-22 19:57:45 -04:00
|
|
|
assert_cookie_header "user_name=david; path=/"
|
2008-12-20 22:25:09 -05:00
|
|
|
assert_equal({"user_name" => "david"}, @response.cookies)
|
2004-11-23 20:04:44 -05:00
|
|
|
end
|
|
|
|
|
2009-02-03 21:37:55 -05:00
|
|
|
def test_setting_with_escapable_characters
|
|
|
|
get :set_with_with_escapable_characters
|
2009-05-22 19:57:45 -04:00
|
|
|
assert_cookie_header "that+%26+guy=foo+%26+bar+%3D%3E+baz; path=/"
|
2009-02-03 21:37:55 -05:00
|
|
|
assert_equal({"that & guy" => "foo & bar => baz"}, @response.cookies)
|
|
|
|
end
|
|
|
|
|
2004-11-25 21:04:35 -05:00
|
|
|
def test_setting_cookie_for_fourteen_days
|
2007-09-28 10:18:47 -04:00
|
|
|
get :authenticate_for_fourteen_days
|
2009-05-22 19:57:45 -04:00
|
|
|
assert_cookie_header "user_name=david; path=/; expires=Mon, 10-Oct-2005 05:00:00 GMT"
|
2008-12-20 22:25:09 -05:00
|
|
|
assert_equal({"user_name" => "david"}, @response.cookies)
|
2008-12-19 18:15:22 -05:00
|
|
|
end
|
2004-11-25 21:04:35 -05:00
|
|
|
|
2004-11-25 21:09:38 -05:00
|
|
|
def test_setting_cookie_for_fourteen_days_with_symbols
|
2008-07-17 13:19:09 -04:00
|
|
|
get :authenticate_for_fourteen_days_with_symbols
|
2009-05-22 19:57:45 -04:00
|
|
|
assert_cookie_header "user_name=david; path=/; expires=Mon, 10-Oct-2005 05:00:00 GMT"
|
2008-12-20 22:25:09 -05:00
|
|
|
assert_equal({"user_name" => "david"}, @response.cookies)
|
2004-11-25 21:09:38 -05:00
|
|
|
end
|
|
|
|
|
2007-09-21 11:05:49 -04:00
|
|
|
def test_setting_cookie_with_http_only
|
|
|
|
get :authenticate_with_http_only
|
2009-05-22 19:57:45 -04:00
|
|
|
assert_cookie_header "user_name=david; path=/; HttpOnly"
|
2008-12-20 22:25:09 -05:00
|
|
|
assert_equal({"user_name" => "david"}, @response.cookies)
|
2008-12-19 18:15:22 -05:00
|
|
|
end
|
2010-09-22 15:03:39 -04:00
|
|
|
|
2010-09-13 17:29:25 -04:00
|
|
|
def test_setting_cookie_with_secure
|
2010-10-22 10:34:45 -04:00
|
|
|
@request.env["HTTPS"] = "on"
|
2010-09-13 17:29:25 -04:00
|
|
|
get :authenticate_with_secure
|
|
|
|
assert_cookie_header "user_name=david; path=/; secure"
|
|
|
|
assert_equal({"user_name" => "david"}, @response.cookies)
|
|
|
|
end
|
2007-09-21 11:05:49 -04:00
|
|
|
|
2011-11-23 15:36:56 -05:00
|
|
|
def test_setting_cookie_with_secure_when_always_write_cookie_is_true
|
|
|
|
ActionDispatch::Cookies::CookieJar.any_instance.stubs(:always_write_cookie).returns(true)
|
2010-10-22 10:34:45 -04:00
|
|
|
get :authenticate_with_secure
|
|
|
|
assert_cookie_header "user_name=david; path=/; secure"
|
|
|
|
assert_equal({"user_name" => "david"}, @response.cookies)
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_not_setting_cookie_with_secure
|
|
|
|
get :authenticate_with_secure
|
|
|
|
assert_not_cookie_header "user_name=david; path=/; secure"
|
|
|
|
assert_not_equal({"user_name" => "david"}, @response.cookies)
|
|
|
|
end
|
|
|
|
|
2004-11-25 21:04:35 -05:00
|
|
|
def test_multiple_cookies
|
2007-01-17 01:51:59 -05:00
|
|
|
get :set_multiple_cookies
|
|
|
|
assert_equal 2, @response.cookies.size
|
2009-05-22 19:57:45 -04:00
|
|
|
assert_cookie_header "user_name=david; path=/; expires=Mon, 10-Oct-2005 05:00:00 GMT\nlogin=XJ-122; path=/"
|
2008-12-20 22:25:09 -05:00
|
|
|
assert_equal({"login" => "XJ-122", "user_name" => "david"}, @response.cookies)
|
2008-12-19 18:15:22 -05:00
|
|
|
end
|
2004-11-25 21:04:35 -05:00
|
|
|
|
2005-04-02 03:54:25 -05:00
|
|
|
def test_setting_test_cookie
|
2007-01-17 01:51:59 -05:00
|
|
|
assert_nothing_raised { get :access_frozen_cookies }
|
|
|
|
end
|
2008-12-19 17:35:23 -05:00
|
|
|
|
2007-01-17 01:51:59 -05:00
|
|
|
def test_expiring_cookie
|
|
|
|
get :logout
|
2009-05-22 19:57:45 -04:00
|
|
|
assert_cookie_header "user_name=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT"
|
2008-12-20 22:25:09 -05:00
|
|
|
assert_equal({"user_name" => nil}, @response.cookies)
|
2008-12-19 18:15:22 -05:00
|
|
|
end
|
2008-12-19 17:35:23 -05:00
|
|
|
|
2007-07-01 19:27:59 -04:00
|
|
|
def test_delete_cookie_with_path
|
|
|
|
get :delete_cookie_with_path
|
2009-05-22 19:57:45 -04:00
|
|
|
assert_cookie_header "user_name=; path=/beaten; expires=Thu, 01-Jan-1970 00:00:00 GMT"
|
2008-05-12 18:25:56 -04:00
|
|
|
end
|
2009-05-22 19:57:45 -04:00
|
|
|
|
2009-05-28 10:18:27 -04:00
|
|
|
def test_cookies_persist_throughout_request
|
2009-10-26 21:01:09 -04:00
|
|
|
response = get :authenticate
|
|
|
|
assert response.headers["Set-Cookie"] =~ /user_name=david/
|
2009-05-28 10:18:27 -04:00
|
|
|
end
|
2009-12-20 17:33:13 -05:00
|
|
|
|
|
|
|
def test_permanent_cookie
|
|
|
|
get :set_permanent_cookie
|
2010-09-22 15:03:39 -04:00
|
|
|
assert_match(/Jamie/, @response.headers["Set-Cookie"])
|
|
|
|
assert_match(%r(#{20.years.from_now.utc.year}), @response.headers["Set-Cookie"])
|
2009-12-20 17:33:13 -05:00
|
|
|
end
|
2010-01-16 18:21:46 -05:00
|
|
|
|
2009-12-20 17:33:13 -05:00
|
|
|
def test_signed_cookie
|
|
|
|
get :set_signed_cookie
|
|
|
|
assert_equal 45, @controller.send(:cookies).signed[:user_id]
|
|
|
|
end
|
2010-01-16 18:21:46 -05:00
|
|
|
|
2010-01-17 22:30:38 -05:00
|
|
|
def test_accessing_nonexistant_signed_cookie_should_not_raise_an_invalid_signature
|
|
|
|
get :set_signed_cookie
|
|
|
|
assert_nil @controller.send(:cookies).signed[:non_existant_attribute]
|
|
|
|
end
|
|
|
|
|
2009-12-20 17:33:13 -05:00
|
|
|
def test_permanent_signed_cookie
|
|
|
|
get :set_permanent_signed_cookie
|
2010-09-22 15:03:39 -04:00
|
|
|
assert_match(%r(#{20.years.from_now.utc.year}), @response.headers["Set-Cookie"])
|
2009-12-20 17:33:13 -05:00
|
|
|
assert_equal 100, @controller.send(:cookies).signed[:remember_me]
|
|
|
|
end
|
|
|
|
|
2010-03-17 20:15:52 -04:00
|
|
|
def test_delete_and_set_cookie
|
|
|
|
get :delete_and_set_cookie
|
|
|
|
assert_cookie_header "user_name=david; path=/; expires=Mon, 10-Oct-2005 05:00:00 GMT"
|
|
|
|
assert_equal({"user_name" => "david"}, @response.cookies)
|
|
|
|
end
|
2010-01-16 18:21:46 -05:00
|
|
|
|
2010-05-17 19:43:06 -04:00
|
|
|
def test_raise_data_overflow
|
|
|
|
assert_raise(ActionDispatch::Cookies::CookieOverflow) do
|
|
|
|
get :raise_data_overflow
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_tampered_cookies
|
|
|
|
assert_nothing_raised do
|
|
|
|
get :tampered_cookies
|
|
|
|
assert_response :success
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_raises_argument_error_if_missing_secret
|
|
|
|
assert_raise(ArgumentError, nil.inspect) {
|
|
|
|
@request.env["action_dispatch.secret_token"] = nil
|
|
|
|
get :set_signed_cookie
|
|
|
|
}
|
|
|
|
|
|
|
|
assert_raise(ArgumentError, ''.inspect) {
|
|
|
|
@request.env["action_dispatch.secret_token"] = ""
|
|
|
|
get :set_signed_cookie
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_raises_argument_error_if_secret_is_probably_insecure
|
|
|
|
assert_raise(ArgumentError, "password".inspect) {
|
|
|
|
@request.env["action_dispatch.secret_token"] = "password"
|
|
|
|
get :set_signed_cookie
|
|
|
|
}
|
|
|
|
|
|
|
|
assert_raise(ArgumentError, "secret".inspect) {
|
|
|
|
@request.env["action_dispatch.secret_token"] = "secret"
|
|
|
|
get :set_signed_cookie
|
|
|
|
}
|
|
|
|
|
|
|
|
assert_raise(ArgumentError, "12345678901234567890123456789".inspect) {
|
|
|
|
@request.env["action_dispatch.secret_token"] = "12345678901234567890123456789"
|
|
|
|
get :set_signed_cookie
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
2010-06-11 06:00:35 -04:00
|
|
|
def test_cookie_with_all_domain_option
|
|
|
|
get :set_cookie_with_domain
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com; path=/"
|
|
|
|
end
|
|
|
|
|
2010-08-14 15:35:01 -04:00
|
|
|
def test_cookie_with_all_domain_option_using_a_non_standard_tld
|
|
|
|
@request.host = "two.subdomains.nextangle.local"
|
|
|
|
get :set_cookie_with_domain
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookie_with_all_domain_option_using_australian_style_tld
|
|
|
|
@request.host = "nextangle.com.au"
|
|
|
|
get :set_cookie_with_domain
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com.au; path=/"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookie_with_all_domain_option_using_uk_style_tld
|
|
|
|
@request.host = "nextangle.co.uk"
|
|
|
|
get :set_cookie_with_domain
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.co.uk; path=/"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookie_with_all_domain_option_using_host_with_port
|
|
|
|
@request.host = "nextangle.local:3000"
|
|
|
|
get :set_cookie_with_domain
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/"
|
|
|
|
end
|
|
|
|
|
2010-12-09 10:38:52 -05:00
|
|
|
def test_cookie_with_all_domain_option_using_localhost
|
|
|
|
@request.host = "localhost"
|
|
|
|
get :set_cookie_with_domain
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; path=/"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookie_with_all_domain_option_using_ipv4_address
|
|
|
|
@request.host = "192.168.1.1"
|
|
|
|
get :set_cookie_with_domain
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; path=/"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookie_with_all_domain_option_using_ipv6_address
|
|
|
|
@request.host = "2001:0db8:85a3:0000:0000:8a2e:0370:7334"
|
|
|
|
get :set_cookie_with_domain
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; path=/"
|
|
|
|
end
|
|
|
|
|
2010-06-11 06:00:35 -04:00
|
|
|
def test_deleting_cookie_with_all_domain_option
|
|
|
|
get :delete_cookie_with_domain
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=; domain=.nextangle.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT"
|
|
|
|
end
|
|
|
|
|
2011-01-21 06:59:49 -05:00
|
|
|
def test_cookie_with_all_domain_option_and_tld_length
|
|
|
|
get :set_cookie_with_domain_and_tld
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.com; path=/"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookie_with_all_domain_option_using_a_non_standard_tld_and_tld_length
|
|
|
|
@request.host = "two.subdomains.nextangle.local"
|
|
|
|
get :set_cookie_with_domain_and_tld
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookie_with_all_domain_option_using_host_with_port_and_tld_length
|
|
|
|
@request.host = "nextangle.local:3000"
|
|
|
|
get :set_cookie_with_domain_and_tld
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; domain=.nextangle.local; path=/"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_deleting_cookie_with_all_domain_option_and_tld_length
|
|
|
|
get :delete_cookie_with_domain_and_tld
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=; domain=.nextangle.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT"
|
|
|
|
end
|
|
|
|
|
2011-01-21 06:58:33 -05:00
|
|
|
def test_cookie_with_several_preset_domains_using_one_of_these_domains
|
|
|
|
@request.host = "example1.com"
|
|
|
|
get :set_cookie_with_domains
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; domain=example1.com; path=/"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookie_with_several_preset_domains_using_other_domain
|
|
|
|
@request.host = "other-domain.com"
|
|
|
|
get :set_cookie_with_domains
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; path=/"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookie_with_several_preset_domains_using_shared_domain
|
|
|
|
@request.host = "example3.com"
|
|
|
|
get :set_cookie_with_domains
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=rizwanreza; domain=.example3.com; path=/"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_deletings_cookie_with_several_preset_domains_using_one_of_these_domains
|
|
|
|
@request.host = "example2.com"
|
|
|
|
get :delete_cookie_with_domains
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=; domain=example2.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT"
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_deletings_cookie_with_several_preset_domains_using_other_domain
|
|
|
|
@request.host = "other-domain.com"
|
|
|
|
get :delete_cookie_with_domains
|
|
|
|
assert_response :success
|
|
|
|
assert_cookie_header "user_name=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT"
|
|
|
|
end
|
|
|
|
|
2011-06-05 07:34:27 -04:00
|
|
|
|
2010-10-13 14:58:25 -04:00
|
|
|
def test_cookies_hash_is_indifferent_access
|
2011-05-19 10:33:18 -04:00
|
|
|
get :symbol_key
|
2010-10-13 14:58:25 -04:00
|
|
|
assert_equal "david", cookies[:user_name]
|
|
|
|
assert_equal "david", cookies['user_name']
|
2011-05-19 10:33:18 -04:00
|
|
|
get :string_key
|
|
|
|
assert_equal "dhh", cookies[:user_name]
|
|
|
|
assert_equal "dhh", cookies['user_name']
|
2010-10-13 14:58:25 -04:00
|
|
|
end
|
|
|
|
|
2011-05-19 10:33:18 -04:00
|
|
|
|
|
|
|
|
2011-03-06 07:49:44 -05:00
|
|
|
def test_setting_request_cookies_is_indifferent_access
|
2011-03-29 19:46:27 -04:00
|
|
|
cookies.clear
|
|
|
|
cookies[:user_name] = "andrew"
|
2011-03-06 07:49:44 -05:00
|
|
|
get :string_key_mock
|
2011-03-29 19:46:27 -04:00
|
|
|
assert_equal "david", cookies['user_name']
|
2011-03-06 07:49:44 -05:00
|
|
|
|
2011-03-29 19:46:27 -04:00
|
|
|
cookies.clear
|
|
|
|
cookies['user_name'] = "andrew"
|
2011-03-06 07:49:44 -05:00
|
|
|
get :symbol_key_mock
|
2011-03-29 19:46:27 -04:00
|
|
|
assert_equal "david", cookies[:user_name]
|
2011-03-06 07:49:44 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookies_retained_across_requests
|
|
|
|
get :symbol_key
|
2011-03-29 19:46:27 -04:00
|
|
|
assert_cookie_header "user_name=david; path=/"
|
2011-03-06 07:49:44 -05:00
|
|
|
assert_equal "david", cookies[:user_name]
|
|
|
|
|
|
|
|
get :noop
|
|
|
|
assert_nil @response.headers["Set-Cookie"]
|
|
|
|
assert_equal "david", cookies[:user_name]
|
|
|
|
|
|
|
|
get :noop
|
|
|
|
assert_nil @response.headers["Set-Cookie"]
|
|
|
|
assert_equal "david", cookies[:user_name]
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookies_can_be_cleared
|
|
|
|
get :symbol_key
|
|
|
|
assert_equal "david", cookies[:user_name]
|
|
|
|
|
2011-03-29 19:46:27 -04:00
|
|
|
cookies.clear
|
2011-03-06 07:49:44 -05:00
|
|
|
get :noop
|
|
|
|
assert_nil cookies[:user_name]
|
|
|
|
|
|
|
|
get :symbol_key
|
|
|
|
assert_equal "david", cookies[:user_name]
|
|
|
|
end
|
|
|
|
|
2011-03-29 19:46:27 -04:00
|
|
|
def test_can_set_http_cookie_header
|
2011-06-05 07:34:27 -04:00
|
|
|
@request.env['HTTP_COOKIE'] = 'user_name=david'
|
|
|
|
get :noop
|
|
|
|
assert_equal 'david', cookies['user_name']
|
|
|
|
assert_equal 'david', cookies[:user_name]
|
|
|
|
|
|
|
|
get :noop
|
|
|
|
assert_equal 'david', cookies['user_name']
|
|
|
|
assert_equal 'david', cookies[:user_name]
|
|
|
|
|
|
|
|
@request.env['HTTP_COOKIE'] = 'user_name=andrew'
|
|
|
|
get :noop
|
|
|
|
assert_equal 'andrew', cookies['user_name']
|
|
|
|
assert_equal 'andrew', cookies[:user_name]
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_can_set_request_cookies
|
|
|
|
@request.cookies['user_name'] = 'david'
|
|
|
|
get :noop
|
|
|
|
assert_equal 'david', cookies['user_name']
|
|
|
|
assert_equal 'david', cookies[:user_name]
|
|
|
|
|
|
|
|
get :noop
|
|
|
|
assert_equal 'david', cookies['user_name']
|
|
|
|
assert_equal 'david', cookies[:user_name]
|
|
|
|
|
|
|
|
@request.cookies[:user_name] = 'andrew'
|
|
|
|
get :noop
|
|
|
|
assert_equal 'andrew', cookies['user_name']
|
|
|
|
assert_equal 'andrew', cookies[:user_name]
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookies_precedence_over_http_cookie
|
|
|
|
@request.env['HTTP_COOKIE'] = 'user_name=andrew'
|
|
|
|
get :authenticate
|
|
|
|
assert_equal 'david', cookies['user_name']
|
|
|
|
assert_equal 'david', cookies[:user_name]
|
|
|
|
|
|
|
|
get :noop
|
|
|
|
assert_equal 'david', cookies['user_name']
|
|
|
|
assert_equal 'david', cookies[:user_name]
|
|
|
|
end
|
|
|
|
|
|
|
|
def test_cookies_precedence_over_request_cookies
|
|
|
|
@request.cookies['user_name'] = 'andrew'
|
|
|
|
get :authenticate
|
|
|
|
assert_equal 'david', cookies['user_name']
|
|
|
|
assert_equal 'david', cookies[:user_name]
|
|
|
|
|
2011-03-06 07:49:44 -05:00
|
|
|
get :noop
|
2011-03-29 19:46:27 -04:00
|
|
|
assert_equal 'david', cookies['user_name']
|
|
|
|
assert_equal 'david', cookies[:user_name]
|
2011-03-06 07:49:44 -05:00
|
|
|
end
|
|
|
|
|
2009-05-22 19:57:45 -04:00
|
|
|
private
|
|
|
|
def assert_cookie_header(expected)
|
|
|
|
header = @response.headers["Set-Cookie"]
|
|
|
|
if header.respond_to?(:to_str)
|
2010-03-03 19:06:15 -05:00
|
|
|
assert_equal expected.split("\n").sort, header.split("\n").sort
|
2009-05-22 19:57:45 -04:00
|
|
|
else
|
|
|
|
assert_equal expected.split("\n"), header
|
|
|
|
end
|
|
|
|
end
|
2010-10-22 10:34:45 -04:00
|
|
|
|
|
|
|
def assert_not_cookie_header(expected)
|
|
|
|
header = @response.headers["Set-Cookie"]
|
|
|
|
if header.respond_to?(:to_str)
|
|
|
|
assert_not_equal expected.split("\n").sort, header.split("\n").sort
|
|
|
|
else
|
|
|
|
assert_not_equal expected.split("\n"), header
|
|
|
|
end
|
|
|
|
end
|
2011-12-16 03:06:30 -05:00
|
|
|
end
|