kotovalexarian-likes-github/rails--rails
1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00
Code Releases Activity
rails--rails/actionpack/test/controller
History
Jon Leighton a500b4796f Improve logging when Origin header doesn't match 
I came up against this while dealing with a misconfigured server. The
browser was setting the Origin header to "https://example.com", but the
Rails app returned "http://example.com" from request.base_url (because
it was failing to detect that HTTPS was used).

This caused verify_authenticity_token to fail, but the message in the
log was "Can't verify CSRF token", which is confusing because the
failure had nothing to do with the CSRF token sent in the request. This
made it very hard to identify the issue, so hopefully this will make it
more obvious for the next person.
2017-04-06 16:03:35 +01:00
..
api Add test to make sure subclasses also get helpers 2017-03-29 12:40:57 -04:00
controller_fixtures
metal
mime Correct spelling 2017-02-05 19:00:18 -06:00
new_base "Use assert_nil if expecting nil. This will fail in minitest 6." 2016-12-25 02:29:52 +09:00
parameters Add aliases for reverse_merge to with_defaults 2017-03-29 15:55:09 -05:00
request ⚠️ "Use assert_nil if expecting nil. This will fail in MT6." 2017-01-18 17:30:46 +09:00
action_pack_assertions_test.rb fix with_routing when testing api only controllers 2016-12-29 20:46:30 +01:00
base_test.rb Do not include default response headers for AC::Metal 2017-03-29 19:26:39 -04:00
caching_test.rb Add more rubocop rules about whitespaces 2016-10-29 01:17:49 -02:00
content_type_test.rb
default_url_options_with_before_action_test.rb
filters_test.rb Correct spelling 2017-02-05 19:00:18 -06:00
flash_hash_test.rb "Use assert_nil if expecting nil from ...:in `...'. This will fail in MT6." 2016-12-25 09:59:16 +09:00
flash_test.rb
force_ssl_test.rb
form_builder_test.rb
helper_test.rb
http_basic_authentication_test.rb
http_digest_authentication_test.rb Add more rubocop rules about whitespaces 2016-10-29 01:17:49 -02:00
http_token_authentication_test.rb "Use assert_nil if expecting nil from ...:in `...'. This will fail in minitest 6." 2016-12-25 13:15:56 +09:00
integration_test.rb Correct spelling 2017-02-05 19:00:18 -06:00
live_stream_test.rb Add more missing requires 2017-02-22 14:05:37 +00:00
localized_templates_test.rb
log_subscriber_test.rb
metal_test.rb Do not include default response headers for AC::Metal 2017-03-29 19:26:39 -04:00
output_escaping_test.rb
parameter_encoding_test.rb Document and update API for skip_parameter_encoding 2016-12-21 12:04:00 -08:00
params_wrapper_test.rb Fix store accessors in parameters test 2017-03-22 08:20:18 +09:00
permitted_params_test.rb
redirect_test.rb Use response#location instead of #location in redirect. 2017-02-20 18:10:28 +01:00
render_js_test.rb
render_json_test.rb Add more rubocop rules about whitespaces 2016-10-29 01:17:49 -02:00
render_test.rb make render work with AC::Params 2017-01-15 14:37:39 +09:00
render_xml_test.rb
renderer_test.rb Fixes ActionController::Rendering#with_defaults 2017-03-12 22:38:20 +09:00
renderers_test.rb Add more rubocop rules about whitespaces 2016-10-29 01:17:49 -02:00
request_forgery_protection_test.rb Improve logging when Origin header doesn't match 2017-04-06 16:03:35 +01:00
required_params_test.rb
rescue_test.rb Privatize unneededly protected methods in Action Pack tests 2016-12-23 23:49:11 +09:00
resources_test.rb Privatize unneededly protected methods in Action Pack tests 2016-12-23 23:49:11 +09:00
routing_test.rb Add more rubocop rules about whitespaces 2016-10-29 01:17:49 -02:00
runner_test.rb
send_file_test.rb Only default the response charset when it is first set 2016-12-20 05:01:42 +10:30
show_exceptions_test.rb
streaming_test.rb
test_case_test.rb Fix test assertion 2017-03-21 16:51:56 -04:00
url_for_integration_test.rb Add more rubocop rules about whitespaces 2016-10-29 01:17:49 -02:00
url_for_test.rb self. is not needed when calling its own instance method 2017-01-05 19:58:52 +09:00
url_rewriter_test.rb
webservice_test.rb