Move spec files to conventional locations

2023-03-27 23:18:01 -04:00 · 2014-09-03 02:19:12 +02:00 · 2014-09-03 02:19:12 +02:00 · f39fad4d66
commit f39fad4d66
parent 78e12243aa
14 changed files with 14 additions and 14 deletions
--- a/rack-protection/spec/lib/rack/protection/http_origin_spec.rb
+++ b/rack-protection/spec/lib/rack/protection/http_origin_spec.rb
@ -0,0 +1,38 @@
+require 'spec_helper'
+
+describe Rack::Protection::HttpOrigin do
+  it_behaves_like "any rack application"
+
+  before(:each) do
+    mock_app do
+      use Rack::Protection::HttpOrigin
+      run DummyApp
+    end
+  end
+
+  %w(GET HEAD POST PUT DELETE).each do |method|
+    it "accepts #{method} requests with no Origin" do
+      expect(send(method.downcase, '/')).to be_ok
+    end
+  end
+
+  %w(GET HEAD).each do |method|
+    it "accepts #{method} requests with non-whitelisted Origin" do
+      expect(send(method.downcase, '/', {}, 'HTTP_ORIGIN' => 'http://malicious.com')).to be_ok
+    end
+  end
+
+  %w(POST PUT DELETE).each do |method|
+    it "denies #{method} requests with non-whitelisted Origin" do
+      expect(send(method.downcase, '/', {}, 'HTTP_ORIGIN' => 'http://malicious.com')).not_to be_ok
+    end
+
+    it "accepts #{method} requests with whitelisted Origin" do
+      mock_app do
+        use Rack::Protection::HttpOrigin, :origin_whitelist => ['http://www.friend.com']
+        run DummyApp
+      end
+      expect(send(method.downcase, '/', {}, 'HTTP_ORIGIN' => 'http://www.friend.com')).to be_ok
+    end
+  end
+end