From 535a3b6af7a41ce33356c36296acd26786de7e55 Mon Sep 17 00:00:00 2001 From: Timm Date: Fri, 20 Sep 2013 20:51:08 +0200 Subject: [PATCH] Nokogiri leaves '<' unescaped, so the assert_select looking for '<' will never work. Switched to assert_matching the reponse body. --- .../test/controller/request_forgery_protection_test.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/actionpack/test/controller/request_forgery_protection_test.rb b/actionpack/test/controller/request_forgery_protection_test.rb index f9935bf893..58b8e96a4e 100644 --- a/actionpack/test/controller/request_forgery_protection_test.rb +++ b/actionpack/test/controller/request_forgery_protection_test.rb @@ -386,10 +386,11 @@ class RequestForgeryProtectionControllerUsingResetSessionTest < ActionController end test 'should emit a csrf-param meta tag and a csrf-token meta tag' do - SecureRandom.stubs(:base64).returns(@token + 'U+003c=U+0022U+003fU+0022') # '<="?"' + SecureRandom.stubs(:base64).returns(@token + '<=?') # '<="?"' get :meta assert_select 'meta[name=?][content=?]', 'csrf-param', 'custom_authenticity_token' - assert_select 'meta[name=?][content=?]', 'csrf-token', 'cf50faa3fe97702ca1aeU+003c=U+0022U+003fU+0022' + assert_select 'meta[name=?]', 'csrf-token' + assert_match(/cf50faa3fe97702ca1ae<=\?/, @response.body) end end