kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity

Protect #filter_parameters created by filter_parameter_logging [José Valim] [#196 state:resolved]

Browse source
This commit is contained in:
Joshua Peek 2008-05-14 13:00:09 -05:00
parent 49846f8586
commit 8d37bd08ee
2 changed files with 39 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
actionpack/lib/action_controller/base.rb
View file

@ -504,6 +504,7 @@ module ActionController #:nodoc:
filtered_parameters filtered_parameters
end end
protected :filter_parameters
end end
# Don't render layouts for templates with the given extensions. # Don't render layouts for templates with the given extensions.

10
actionpack/test/controller/filter_params_test.rb
View file

@ -27,7 +27,7 @@ class FilterParamTest < Test::Unit::TestCase
test_hashes.each do |before_filter, after_filter, filter_words| test_hashes.each do |before_filter, after_filter, filter_words|
FilterParamController.filter_parameter_logging(*filter_words) FilterParamController.filter_parameter_logging(*filter_words)
assert_equal after_filter, @controller.filter_parameters(before_filter) assert_equal after_filter, @controller.send!(:filter_parameters, before_filter)
filter_words.push('blah') filter_words.push('blah')
FilterParamController.filter_parameter_logging(*filter_words) do |key, value| FilterParamController.filter_parameter_logging(*filter_words) do |key, value|
@ -37,7 +37,13 @@ class FilterParamTest < Test::Unit::TestCase
before_filter['barg'] = {'bargain'=>'gain', 'blah'=>'bar', 'bar'=>{'bargain'=>{'blah'=>'foo'}}} before_filter['barg'] = {'bargain'=>'gain', 'blah'=>'bar', 'bar'=>{'bargain'=>{'blah'=>'foo'}}}
after_filter['barg'] = {'bargain'=>'niag', 'blah'=>'[FILTERED]', 'bar'=>{'bargain'=>{'blah'=>'[FILTERED]'}}} after_filter['barg'] = {'bargain'=>'niag', 'blah'=>'[FILTERED]', 'bar'=>{'bargain'=>{'blah'=>'[FILTERED]'}}}
assert_equal after_filter, @controller.filter_parameters(before_filter) assert_equal after_filter, @controller.send!(:filter_parameters, before_filter)
end end
end end
def test_filter_parameters_is_protected
FilterParamController.filter_parameter_logging
assert !@controller.send!(:action_methods).include?(:filter_parameters)
assert (begin @controller.filter_parameters rescue true end)
end
end end