1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

Test if two different verifiers don't share the same secret

This commit is contained in:
Rafael Mendonça França 2013-12-02 20:16:39 -02:00
parent 05a011bd6b
commit d16e22478d

View file

@ -289,8 +289,18 @@ module ApplicationTests
app.config.session_store :disabled app.config.session_store :disabled
end end
assert_equal Rails.application.message_verifier.object_id, Rails.application.message_verifier.object_id default_verifier = app.message_verifier
assert_not_equal Rails.application.message_verifier.object_id, Rails.application.message_verifier('text').object_id text_verifier = app.message_verifier('text')
message = text_verifier.generate('some_value')
assert_equal 'some_value', text_verifier.verify(message)
assert_raises ActiveSupport::MessageVerifier::InvalidSignature do
default_verifier.verify(message)
end
assert_equal default_verifier.object_id, app.message_verifier.object_id
assert_not_equal default_verifier.object_id, text_verifier.object_id
end end
test "protect from forgery is the default in a new app" do test "protect from forgery is the default in a new app" do