1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

Accessing nonexistant cookies through the signed jar should not raise an

exception
This commit is contained in:
Joshua Peek 2010-01-17 21:30:38 -06:00
parent 6ce538d485
commit eeba755a11
2 changed files with 8 additions and 1 deletions

View file

@ -176,7 +176,9 @@ module ActionDispatch
end end
def [](name) def [](name)
@verifier.verify(@parent_jar[name]) if value = @parent_jar[name]
@verifier.verify(value)
end
end end
def []=(key, options) def []=(key, options)

View file

@ -141,6 +141,11 @@ class CookieTest < ActionController::TestCase
assert_equal 45, @controller.send(:cookies).signed[:user_id] assert_equal 45, @controller.send(:cookies).signed[:user_id]
end end
def test_accessing_nonexistant_signed_cookie_should_not_raise_an_invalid_signature
get :set_signed_cookie
assert_nil @controller.send(:cookies).signed[:non_existant_attribute]
end
def test_permanent_signed_cookie def test_permanent_signed_cookie
get :set_permanent_signed_cookie get :set_permanent_signed_cookie
assert_match %r(#{20.years.from_now.utc.year}), @response.headers["Set-Cookie"] assert_match %r(#{20.years.from_now.utc.year}), @response.headers["Set-Cookie"]