1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
rails--rails/actionpack/test/controller/render_js_test.rb
Jeremy Kemper 1650bb3d56 CSRF protection from cross-origin <script> tags
Thanks to @homakov for sounding the alarm about JSONP-style data leaking
2013-12-17 13:14:17 -07:00

34 lines
744 B
Ruby

require 'abstract_unit'
require 'controller/fake_models'
require 'pathname'
class RenderJSTest < ActionController::TestCase
class TestController < ActionController::Base
protect_from_forgery
def self.controller_path
'test'
end
def render_vanilla_js_hello
render :js => "alert('hello')"
end
def show_partial
render :partial => 'partial'
end
end
tests TestController
def test_render_vanilla_js
xhr :get, :render_vanilla_js_hello
assert_equal "alert('hello')", @response.body
assert_equal "text/javascript", @response.content_type
end
def test_should_render_js_partial
xhr :get, :show_partial, :format => 'js'
assert_equal 'partial js', @response.body
end
end