2008-01-05 08:32:06 -05:00
|
|
|
require 'abstract_unit'
|
2004-12-18 12:19:15 -05:00
|
|
|
|
2008-11-07 15:42:34 -05:00
|
|
|
class RequestTest < ActiveSupport::TestCase
|
2009-01-28 23:50:46 -05:00
|
|
|
test "remote ip" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'REMOTE_ADDR' => '1.2.3.4'
|
|
|
|
assert_equal '1.2.3.4', request.remote_ip
|
2005-05-19 14:24:52 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'REMOTE_ADDR' => '1.2.3.4,3.4.5.6'
|
|
|
|
assert_equal '1.2.3.4', request.remote_ip
|
2005-05-19 14:24:52 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'REMOTE_ADDR' => '1.2.3.4',
|
|
|
|
'HTTP_X_FORWARDED_FOR' => '3.4.5.6'
|
|
|
|
assert_equal '1.2.3.4', request.remote_ip
|
2008-07-01 04:52:20 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'REMOTE_ADDR' => '127.0.0.1',
|
|
|
|
'HTTP_X_FORWARDED_FOR' => '3.4.5.6'
|
|
|
|
assert_equal '3.4.5.6', request.remote_ip
|
2008-03-28 17:38:01 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => 'unknown,3.4.5.6'
|
|
|
|
assert_equal '3.4.5.6', request.remote_ip
|
2005-05-19 14:24:52 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => '172.16.0.1,3.4.5.6'
|
|
|
|
assert_equal '3.4.5.6', request.remote_ip
|
2008-03-28 17:38:01 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => '192.168.0.1,3.4.5.6'
|
|
|
|
assert_equal '3.4.5.6', request.remote_ip
|
2005-05-19 14:24:52 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => '10.0.0.1,3.4.5.6'
|
|
|
|
assert_equal '3.4.5.6', request.remote_ip
|
2005-05-19 14:24:52 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => '10.0.0.1, 10.0.0.1, 3.4.5.6'
|
|
|
|
assert_equal '3.4.5.6', request.remote_ip
|
2005-05-19 14:24:52 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => '127.0.0.1,3.4.5.6'
|
|
|
|
assert_equal '3.4.5.6', request.remote_ip
|
2005-05-19 14:24:52 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => 'unknown,192.168.0.1'
|
|
|
|
assert_equal 'unknown', request.remote_ip
|
2008-07-24 14:41:51 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => '9.9.9.9, 3.4.5.6, 10.0.0.1, 172.31.4.4'
|
|
|
|
assert_equal '3.4.5.6', request.remote_ip
|
2005-05-19 14:24:52 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => '1.1.1.1',
|
|
|
|
'HTTP_CLIENT_IP' => '2.2.2.2'
|
2009-03-08 16:11:58 -04:00
|
|
|
e = assert_raise(ActionController::ActionControllerError) {
|
2009-03-24 11:41:45 -04:00
|
|
|
request.remote_ip
|
2008-03-28 17:38:01 -04:00
|
|
|
}
|
|
|
|
assert_match /IP spoofing attack/, e.message
|
2009-03-24 11:41:45 -04:00
|
|
|
assert_match /HTTP_X_FORWARDED_FOR="1.1.1.1"/, e.message
|
|
|
|
assert_match /HTTP_CLIENT_IP="2.2.2.2"/, e.message
|
2008-03-28 17:38:01 -04:00
|
|
|
|
2008-11-22 13:04:30 -05:00
|
|
|
# turn IP Spoofing detection off.
|
|
|
|
# This is useful for sites that are aimed at non-IP clients. The typical
|
|
|
|
# example is WAP. Since the cellular network is not IP based, it's a
|
|
|
|
# leap of faith to assume that their proxies are ever going to set the
|
|
|
|
# HTTP_CLIENT_IP/HTTP_X_FORWARDED_FOR headers properly.
|
|
|
|
ActionController::Base.ip_spoofing_check = false
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => '1.1.1.1',
|
|
|
|
'HTTP_CLIENT_IP' => '2.2.2.2'
|
|
|
|
assert_equal '2.2.2.2', request.remote_ip
|
2008-11-22 13:04:30 -05:00
|
|
|
ActionController::Base.ip_spoofing_check = true
|
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => '8.8.8.8, 9.9.9.9'
|
|
|
|
assert_equal '9.9.9.9', request.remote_ip
|
2005-05-19 14:24:52 -04:00
|
|
|
end
|
|
|
|
|
2009-08-09 11:56:18 -04:00
|
|
|
test "remote ip with user specified trusted proxies" do
|
|
|
|
ActionController::Base.trusted_proxies = /^67\.205\.106\.73$/i
|
|
|
|
|
|
|
|
request = stub_request 'REMOTE_ADDR' => '67.205.106.73',
|
|
|
|
'HTTP_X_FORWARDED_FOR' => '3.4.5.6'
|
|
|
|
assert_equal '3.4.5.6', request.remote_ip
|
|
|
|
|
|
|
|
request = stub_request 'REMOTE_ADDR' => '172.16.0.1,67.205.106.73',
|
|
|
|
'HTTP_X_FORWARDED_FOR' => '3.4.5.6'
|
|
|
|
assert_equal '3.4.5.6', request.remote_ip
|
|
|
|
|
|
|
|
request = stub_request 'REMOTE_ADDR' => '67.205.106.73,172.16.0.1',
|
|
|
|
'HTTP_X_FORWARDED_FOR' => '3.4.5.6'
|
|
|
|
assert_equal '3.4.5.6', request.remote_ip
|
|
|
|
|
|
|
|
request = stub_request 'REMOTE_ADDR' => '67.205.106.74,172.16.0.1',
|
|
|
|
'HTTP_X_FORWARDED_FOR' => '3.4.5.6'
|
|
|
|
assert_equal '67.205.106.74', request.remote_ip
|
|
|
|
|
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => 'unknown,67.205.106.73'
|
|
|
|
assert_equal 'unknown', request.remote_ip
|
|
|
|
|
|
|
|
request = stub_request 'HTTP_X_FORWARDED_FOR' => '9.9.9.9, 3.4.5.6, 10.0.0.1, 67.205.106.73'
|
|
|
|
assert_equal '3.4.5.6', request.remote_ip
|
|
|
|
|
|
|
|
ActionController::Base.trusted_proxies = nil
|
|
|
|
end
|
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "domains" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => 'www.rubyonrails.org'
|
|
|
|
assert_equal "rubyonrails.org", request.domain
|
2004-12-18 12:19:15 -05:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => "www.rubyonrails.co.uk"
|
|
|
|
assert_equal "rubyonrails.co.uk", request.domain(2)
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => "192.168.1.200"
|
|
|
|
assert_nil request.domain
|
2005-09-20 02:44:53 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => "foo.192.168.1.200"
|
|
|
|
assert_nil request.domain
|
2007-11-07 09:57:51 -05:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => "192.168.1.200.com"
|
|
|
|
assert_equal "200.com", request.domain
|
2004-12-18 12:19:15 -05:00
|
|
|
end
|
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "subdomains" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => "www.rubyonrails.org"
|
|
|
|
assert_equal %w( www ), request.subdomains
|
2004-12-18 12:19:15 -05:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => "www.rubyonrails.co.uk"
|
|
|
|
assert_equal %w( www ), request.subdomains(2)
|
2004-12-18 12:19:15 -05:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => "dev.www.rubyonrails.co.uk"
|
|
|
|
assert_equal %w( dev www ), request.subdomains(2)
|
2005-07-12 12:16:13 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => "foobar.foobar.com"
|
|
|
|
assert_equal %w( foobar ), request.subdomains
|
2005-09-20 02:44:53 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => "192.168.1.200"
|
|
|
|
assert_equal [], request.subdomains
|
2007-11-07 09:57:51 -05:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => "foo.192.168.1.200"
|
|
|
|
assert_equal [], request.subdomains
|
2007-11-07 09:57:51 -05:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => "192.168.1.200.com"
|
|
|
|
assert_equal %w( 192 168 1 ), request.subdomains
|
2007-11-07 09:57:51 -05:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => nil
|
|
|
|
assert_equal [], request.subdomains
|
2004-12-18 12:19:15 -05:00
|
|
|
end
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "port string" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => 'www.example.org:80'
|
|
|
|
assert_equal "", request.port_string
|
2004-12-18 13:01:28 -05:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => 'www.example.org:8080'
|
|
|
|
assert_equal ":8080", request.port_string
|
2004-12-18 13:01:28 -05:00
|
|
|
end
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "request uri" do
|
2010-03-02 21:57:02 -05:00
|
|
|
request = stub_request 'SCRIPT_NAME' => '', 'PATH_INFO' => '/path/of/some/uri', 'QUERY_STRING' => 'mapped=1'
|
2009-03-24 11:41:45 -04:00
|
|
|
assert_equal "/path/of/some/uri?mapped=1", request.request_uri
|
|
|
|
assert_equal "/path/of/some/uri", request.path
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2010-03-02 21:57:02 -05:00
|
|
|
request = stub_request 'SCRIPT_NAME' => '', 'PATH_INFO' => '/path/of/some/uri'
|
2009-03-24 11:41:45 -04:00
|
|
|
assert_equal "/path/of/some/uri", request.request_uri
|
|
|
|
assert_equal "/path/of/some/uri", request.path
|
2005-02-14 20:45:35 -05:00
|
|
|
|
2010-03-02 21:57:02 -05:00
|
|
|
request = stub_request 'SCRIPT_NAME' => '', 'PATH_INFO' => '/'
|
2009-03-24 11:41:45 -04:00
|
|
|
assert_equal "/", request.request_uri
|
|
|
|
assert_equal "/", request.path
|
2005-02-14 20:45:35 -05:00
|
|
|
|
2010-03-02 21:57:02 -05:00
|
|
|
request = stub_request 'SCRIPT_NAME' => '', 'PATH_INFO' => '/', 'QUERY_STRING' => 'm=b'
|
2009-03-24 11:41:45 -04:00
|
|
|
assert_equal "/?m=b", request.request_uri
|
|
|
|
assert_equal "/", request.path
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2010-03-02 21:57:02 -05:00
|
|
|
request = stub_request 'SCRIPT_NAME' => '/hieraki', 'PATH_INFO' => '/'
|
2009-03-24 11:41:45 -04:00
|
|
|
assert_equal "/hieraki/", request.request_uri
|
|
|
|
assert_equal "/", request.path
|
2005-03-20 17:02:22 -05:00
|
|
|
|
2010-03-02 21:57:02 -05:00
|
|
|
request = stub_request 'SCRIPT_NAME' => '/collaboration/hieraki', 'PATH_INFO' => '/books/edit/2'
|
2009-03-24 11:41:45 -04:00
|
|
|
assert_equal "/collaboration/hieraki/books/edit/2", request.request_uri
|
|
|
|
assert_equal "/books/edit/2", request.path
|
2005-04-18 11:43:07 -04:00
|
|
|
|
2010-03-02 21:57:02 -05:00
|
|
|
request = stub_request 'SCRIPT_NAME' => '/path', 'PATH_INFO' => '/of/some/uri', 'QUERY_STRING' => 'mapped=1'
|
2009-03-24 11:41:45 -04:00
|
|
|
assert_equal "/path/of/some/uri?mapped=1", request.request_uri
|
|
|
|
assert_equal "/of/some/uri", request.path
|
2005-02-14 20:45:35 -05:00
|
|
|
end
|
2007-01-12 02:01:39 -05:00
|
|
|
|
2009-04-13 18:18:45 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "host with default port" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => 'rubyonrails.org:80'
|
|
|
|
assert_equal "rubyonrails.org", request.host_with_port
|
2007-11-17 00:41:47 -05:00
|
|
|
end
|
2008-07-24 14:41:51 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "host with non default port" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_HOST' => 'rubyonrails.org:81'
|
|
|
|
assert_equal "rubyonrails.org:81", request.host_with_port
|
2004-12-18 13:01:28 -05:00
|
|
|
end
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "server software" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request
|
|
|
|
assert_equal nil, request.server_software
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'SERVER_SOFTWARE' => 'Apache3.422'
|
|
|
|
assert_equal 'apache', request.server_software
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'SERVER_SOFTWARE' => 'lighttpd(1.1.4)'
|
|
|
|
assert_equal 'lighttpd', request.server_software
|
2005-06-18 01:17:18 -04:00
|
|
|
end
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "xml http request" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request
|
|
|
|
|
|
|
|
assert !request.xml_http_request?
|
|
|
|
assert !request.xhr?
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_REQUESTED_WITH' => 'DefinitelyNotAjax1.0'
|
|
|
|
assert !request.xml_http_request?
|
|
|
|
assert !request.xhr?
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest'
|
|
|
|
assert request.xml_http_request?
|
|
|
|
assert request.xhr?
|
2005-06-21 03:02:30 -04:00
|
|
|
end
|
2006-01-23 00:32:59 -05:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "reports ssl" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request
|
|
|
|
assert !request.ssl?
|
|
|
|
|
|
|
|
request = stub_request 'HTTPS' => 'on'
|
|
|
|
assert request.ssl?
|
2006-01-23 00:32:59 -05:00
|
|
|
end
|
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "reports ssl when proxied via lighttpd" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request
|
|
|
|
assert !request.ssl?
|
|
|
|
|
|
|
|
request = stub_request 'HTTP_X_FORWARDED_PROTO' => 'https'
|
|
|
|
assert request.ssl?
|
2006-01-23 00:32:59 -05:00
|
|
|
end
|
2006-07-31 23:02:31 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "symbolized request methods" do
|
2006-11-23 18:24:47 -05:00
|
|
|
[:get, :post, :put, :delete].each do |method|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'REQUEST_METHOD' => method.to_s.upcase
|
|
|
|
assert_equal method, request.method
|
2006-07-31 23:02:31 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "invalid http method raises exception" do
|
2009-03-08 16:11:58 -04:00
|
|
|
assert_raise(ActionController::UnknownHttpMethod) do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'REQUEST_METHOD' => 'RANDOM_METHOD'
|
|
|
|
request.request_method
|
2007-11-28 21:08:51 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "allow method hacking on post" do
|
2010-01-15 13:35:18 -05:00
|
|
|
[:get, :options, :put, :post, :delete].each do |method|
|
2009-04-13 18:18:45 -04:00
|
|
|
request = stub_request "REQUEST_METHOD" => method.to_s.upcase
|
2009-03-24 11:41:45 -04:00
|
|
|
assert_equal(method == :head ? :get : method, request.method)
|
2007-11-28 21:08:51 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "invalid method hacking on post raises exception" do
|
2009-04-13 18:18:45 -04:00
|
|
|
assert_raise(ActionController::UnknownHttpMethod) do
|
|
|
|
request = stub_request "REQUEST_METHOD" => "_RANDOM_METHOD"
|
|
|
|
request.request_method
|
2006-07-31 23:02:31 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "restrict method hacking" do
|
2006-11-23 18:24:47 -05:00
|
|
|
[:get, :put, :delete].each do |method|
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'REQUEST_METHOD' => method.to_s.upcase,
|
2009-04-30 14:45:12 -04:00
|
|
|
'action_dispatch.request.request_parameters' => { :_method => 'put' }
|
2009-03-24 11:41:45 -04:00
|
|
|
assert_equal method, request.method
|
2006-07-31 23:02:31 -04:00
|
|
|
end
|
|
|
|
end
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "head masquerading as get" do
|
2010-01-15 13:35:18 -05:00
|
|
|
request = stub_request 'REQUEST_METHOD' => 'GET', "rack.methodoverride.original_method" => "HEAD"
|
2009-03-24 11:41:45 -04:00
|
|
|
assert_equal :get, request.method
|
|
|
|
assert request.get?
|
|
|
|
assert request.head?
|
2006-11-23 18:24:47 -05:00
|
|
|
end
|
2006-07-31 23:02:31 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "xml format" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request
|
|
|
|
request.expects(:parameters).at_least_once.returns({ :format => 'xml' })
|
|
|
|
assert_equal Mime::XML, request.format
|
2007-04-12 16:25:32 -04:00
|
|
|
end
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "xhtml format" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request
|
|
|
|
request.expects(:parameters).at_least_once.returns({ :format => 'xhtml' })
|
|
|
|
assert_equal Mime::HTML, request.format
|
2007-04-12 16:25:32 -04:00
|
|
|
end
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "txt format" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request
|
|
|
|
request.expects(:parameters).at_least_once.returns({ :format => 'txt' })
|
|
|
|
assert_equal Mime::TEXT, request.format
|
2007-04-12 16:25:32 -04:00
|
|
|
end
|
2007-01-12 15:54:04 -05:00
|
|
|
|
2009-04-13 18:18:45 -04:00
|
|
|
test "XMLHttpRequest" do
|
2009-08-15 01:32:40 -04:00
|
|
|
request = stub_request 'HTTP_X_REQUESTED_WITH' => 'XMLHttpRequest',
|
|
|
|
'HTTP_ACCEPT' =>
|
|
|
|
[Mime::JS, Mime::HTML, Mime::XML, 'text/xml', Mime::ALL].join(",")
|
|
|
|
request.expects(:parameters).at_least_once.returns({})
|
|
|
|
assert request.xhr?
|
|
|
|
assert_equal Mime::JS, request.format
|
2006-12-02 18:07:04 -05:00
|
|
|
end
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "content type" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'CONTENT_TYPE' => 'text/html'
|
|
|
|
assert_equal Mime::HTML, request.content_type
|
2007-03-05 13:24:17 -05:00
|
|
|
end
|
|
|
|
|
2009-04-13 18:18:45 -04:00
|
|
|
test "can override format with parameter" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request
|
|
|
|
request.expects(:parameters).at_least_once.returns({ :format => :txt })
|
|
|
|
assert !request.format.xml?
|
|
|
|
|
|
|
|
request = stub_request
|
|
|
|
request.expects(:parameters).at_least_once.returns({ :format => :xml })
|
|
|
|
assert request.format.xml?
|
2008-02-07 11:46:50 -05:00
|
|
|
end
|
|
|
|
|
2009-04-13 18:18:45 -04:00
|
|
|
test "no content type" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request
|
|
|
|
assert_equal nil, request.content_type
|
2007-03-05 13:24:17 -05:00
|
|
|
end
|
2007-05-18 02:24:50 -04:00
|
|
|
|
2009-04-13 18:18:45 -04:00
|
|
|
test "content type is XML" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'CONTENT_TYPE' => 'application/xml'
|
|
|
|
assert_equal Mime::XML, request.content_type
|
2007-03-05 13:24:17 -05:00
|
|
|
end
|
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "content type with charset" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'CONTENT_TYPE' => 'application/xml; charset=UTF-8'
|
|
|
|
assert_equal Mime::XML, request.content_type
|
2007-03-05 13:24:17 -05:00
|
|
|
end
|
2008-07-24 14:41:51 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "user agent" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request 'HTTP_USER_AGENT' => 'TestAgent'
|
|
|
|
assert_equal 'TestAgent', request.user_agent
|
2007-09-06 23:45:54 -04:00
|
|
|
end
|
2008-07-24 14:41:51 -04:00
|
|
|
|
2009-01-28 23:50:46 -05:00
|
|
|
test "parameters" do
|
2009-03-24 11:41:45 -04:00
|
|
|
request = stub_request
|
|
|
|
request.stubs(:request_parameters).returns({ "foo" => 1 })
|
|
|
|
request.stubs(:query_parameters).returns({ "bar" => 2 })
|
2008-07-24 14:41:51 -04:00
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
assert_equal({"foo" => 1, "bar" => 2}, request.parameters)
|
|
|
|
assert_equal({"foo" => 1}, request.request_parameters)
|
|
|
|
assert_equal({"bar" => 2}, request.query_parameters)
|
|
|
|
end
|
|
|
|
|
2009-07-29 04:09:21 -04:00
|
|
|
test "formats with accept header" do
|
2009-08-15 01:32:40 -04:00
|
|
|
request = stub_request 'HTTP_ACCEPT' => 'text/html'
|
|
|
|
request.expects(:parameters).at_least_once.returns({})
|
|
|
|
assert_equal [ Mime::HTML ], request.formats
|
2009-07-29 03:53:02 -04:00
|
|
|
|
2009-08-15 01:32:40 -04:00
|
|
|
request = stub_request 'CONTENT_TYPE' => 'application/xml; charset=UTF-8',
|
|
|
|
'HTTP_X_REQUESTED_WITH' => "XMLHttpRequest"
|
|
|
|
request.expects(:parameters).at_least_once.returns({})
|
|
|
|
assert_equal with_set(Mime::XML), request.formats
|
|
|
|
|
|
|
|
request = stub_request
|
|
|
|
request.expects(:parameters).at_least_once.returns({ :format => :txt })
|
|
|
|
assert_equal with_set(Mime::TEXT), request.formats
|
2009-11-08 15:12:45 -05:00
|
|
|
|
|
|
|
request = stub_request
|
|
|
|
request.expects(:parameters).at_least_once.returns({ :format => :unknown })
|
|
|
|
assert request.formats.empty?
|
2009-07-29 03:53:02 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
test "negotiate_mime" do
|
2009-08-15 01:32:40 -04:00
|
|
|
request = stub_request 'HTTP_ACCEPT' => 'text/html',
|
|
|
|
'HTTP_X_REQUESTED_WITH' => "XMLHttpRequest"
|
|
|
|
|
|
|
|
request.expects(:parameters).at_least_once.returns({})
|
|
|
|
|
|
|
|
assert_equal nil, request.negotiate_mime([Mime::XML, Mime::JSON])
|
|
|
|
assert_equal Mime::HTML, request.negotiate_mime([Mime::XML, Mime::HTML])
|
|
|
|
assert_equal Mime::HTML, request.negotiate_mime([Mime::XML, Mime::ALL])
|
|
|
|
|
|
|
|
request = stub_request 'CONTENT_TYPE' => 'application/xml; charset=UTF-8',
|
|
|
|
'HTTP_X_REQUESTED_WITH' => "XMLHttpRequest"
|
|
|
|
request.expects(:parameters).at_least_once.returns({})
|
|
|
|
assert_equal Mime::XML, request.negotiate_mime([Mime::XML, Mime::CSV])
|
2009-07-29 03:53:02 -04:00
|
|
|
end
|
2010-01-21 05:39:57 -05:00
|
|
|
|
|
|
|
test "process parameter filter" do
|
2010-01-20 16:37:10 -05:00
|
|
|
test_hashes = [
|
|
|
|
[{'foo'=>'bar'},{'foo'=>'bar'},%w'food'],
|
|
|
|
[{'foo'=>'bar'},{'foo'=>'[FILTERED]'},%w'foo'],
|
|
|
|
[{'foo'=>'bar', 'bar'=>'foo'},{'foo'=>'[FILTERED]', 'bar'=>'foo'},%w'foo baz'],
|
|
|
|
[{'foo'=>'bar', 'baz'=>'foo'},{'foo'=>'[FILTERED]', 'baz'=>'[FILTERED]'},%w'foo baz'],
|
|
|
|
[{'bar'=>{'foo'=>'bar','bar'=>'foo'}},{'bar'=>{'foo'=>'[FILTERED]','bar'=>'foo'}},%w'fo'],
|
|
|
|
[{'foo'=>{'foo'=>'bar','bar'=>'foo'}},{'foo'=>'[FILTERED]'},%w'f banana'],
|
2010-02-21 08:40:48 -05:00
|
|
|
[{'baz'=>[{'foo'=>'baz'}, "1"]}, {'baz'=>[{'foo'=>'[FILTERED]'}, "1"]}, [/foo/]]]
|
2010-01-20 16:37:10 -05:00
|
|
|
|
|
|
|
test_hashes.each do |before_filter, after_filter, filter_words|
|
2010-01-21 10:50:11 -05:00
|
|
|
request = stub_request('action_dispatch.parameter_filter' => filter_words)
|
2010-01-21 05:39:57 -05:00
|
|
|
assert_equal after_filter, request.send(:process_parameter_filter, before_filter)
|
2010-01-20 16:37:10 -05:00
|
|
|
|
2010-01-21 10:50:11 -05:00
|
|
|
filter_words << 'blah'
|
|
|
|
filter_words << lambda { |key, value|
|
2010-01-20 16:37:10 -05:00
|
|
|
value.reverse! if key =~ /bargain/
|
2010-01-21 10:50:11 -05:00
|
|
|
}
|
2010-01-20 16:37:10 -05:00
|
|
|
|
2010-01-21 10:50:11 -05:00
|
|
|
request = stub_request('action_dispatch.parameter_filter' => filter_words)
|
2010-01-20 16:37:10 -05:00
|
|
|
before_filter['barg'] = {'bargain'=>'gain', 'blah'=>'bar', 'bar'=>{'bargain'=>{'blah'=>'foo'}}}
|
2010-01-21 05:39:57 -05:00
|
|
|
after_filter['barg'] = {'bargain'=>'niag', 'blah'=>'[FILTERED]', 'bar'=>{'bargain'=>{'blah'=>'[FILTERED]'}}}
|
2010-01-20 16:37:10 -05:00
|
|
|
|
2010-01-21 05:39:57 -05:00
|
|
|
assert_equal after_filter, request.send(:process_parameter_filter, before_filter)
|
2010-01-20 16:37:10 -05:00
|
|
|
end
|
|
|
|
end
|
2009-07-29 03:53:02 -04:00
|
|
|
|
2010-01-21 05:39:57 -05:00
|
|
|
test "filtered_parameters returns params filtered" do
|
2010-01-21 10:50:11 -05:00
|
|
|
request = stub_request('action_dispatch.request.parameters' =>
|
|
|
|
{ 'lifo' => 'Pratik', 'amount' => '420', 'step' => '1' },
|
|
|
|
'action_dispatch.parameter_filter' => [:lifo, :amount])
|
2010-01-21 05:39:57 -05:00
|
|
|
|
|
|
|
params = request.filtered_parameters
|
|
|
|
assert_equal "[FILTERED]", params["lifo"]
|
|
|
|
assert_equal "[FILTERED]", params["amount"]
|
|
|
|
assert_equal "1", params["step"]
|
|
|
|
end
|
|
|
|
|
|
|
|
test "filtered_env filters env as a whole" do
|
2010-01-21 10:50:11 -05:00
|
|
|
request = stub_request('action_dispatch.request.parameters' =>
|
|
|
|
{ 'amount' => '420', 'step' => '1' }, "RAW_POST_DATA" => "yada yada",
|
|
|
|
'action_dispatch.parameter_filter' => [:lifo, :amount])
|
2010-01-21 05:39:57 -05:00
|
|
|
|
2010-01-21 10:50:11 -05:00
|
|
|
request = stub_request(request.filtered_env)
|
2010-01-21 05:39:57 -05:00
|
|
|
|
|
|
|
assert_equal "[FILTERED]", request.raw_post
|
|
|
|
assert_equal "[FILTERED]", request.params["amount"]
|
|
|
|
assert_equal "1", request.params["step"]
|
|
|
|
end
|
|
|
|
|
2009-03-24 11:41:45 -04:00
|
|
|
protected
|
|
|
|
|
2010-03-02 21:57:02 -05:00
|
|
|
def stub_request(env = {})
|
2009-04-13 18:18:45 -04:00
|
|
|
ActionDispatch::Request.new(env)
|
2007-10-22 17:10:56 -04:00
|
|
|
end
|
2006-12-02 18:07:04 -05:00
|
|
|
|
2009-07-29 03:53:02 -04:00
|
|
|
def with_set(*args)
|
2009-08-09 08:46:50 -04:00
|
|
|
args
|
2009-07-29 03:53:02 -04:00
|
|
|
end
|
|
|
|
|
2009-07-29 04:09:21 -04:00
|
|
|
def with_accept_header(value)
|
|
|
|
ActionController::Base.use_accept_header, old = value, ActionController::Base.use_accept_header
|
|
|
|
yield
|
|
|
|
ensure
|
|
|
|
ActionController::Base.use_accept_header = old
|
|
|
|
end
|
2005-02-27 12:11:05 -05:00
|
|
|
end
|