Sha256: 59aeea6001b1c1aae0077acd369f5f5fb55379be2579691fbfb6e32f80fd62c3

Contents?: true

Size: 1.2 KB

Versions: 14

Compression:

Stored size: 1.2 KB

Contents

require File.expand_path('../spec_helper.rb', __FILE__)

describe Rack::Protection::EscapedParams do
  it_behaves_like "any rack application"

  context 'escaping' do
    it 'escapes html entities' do
      mock_app do |env|
        request = Rack::Request.new(env)
        [200, {'Content-Type' => 'text/plain'}, [request.params['foo']]]
      end
      get '/', :foo => "<bar>"
      body.should == '&lt;bar&gt;'
    end

    it 'leaves normal params untouched' do
      mock_app do |env|
        request = Rack::Request.new(env)
        [200, {'Content-Type' => 'text/plain'}, [request.params['foo']]]
      end
      get '/', :foo => "bar"
      body.should == 'bar'
    end

    it 'copes with nested arrays' do
      mock_app do |env|
        request = Rack::Request.new(env)
        [200, {'Content-Type' => 'text/plain'}, [request.params['foo']['bar']]]
      end
      get '/', :foo => {:bar => "<bar>"}
      body.should == '&lt;bar&gt;'
    end

    it 'leaves cache-breaker params untouched' do
      mock_app do |env|
        request = Rack::Request.new(env)
        [200, {'Content-Type' => 'text/plain'}, ['hi']]
      end

      get '/?95df8d9bf5237ad08df3115ee74dcb10'
      body.should == 'hi'
    end
  end
end

Version data entries

14 entries across 12 versions & 3 rubygems

Version Path
mango-0.8.0 vendor/bundler/ruby/2.1.0/gems/rack-protection-1.5.1/spec/escaped_params_spec.rb
mango-0.7.1 vendor/bundler/ruby/2.0.0/gems/rack-protection-1.5.1/spec/escaped_params_spec.rb
mango-0.7.0 vendor/bundler/ruby/2.0.0/gems/rack-protection-1.5.1/spec/escaped_params_spec.rb
rack-protection-1.5.1 spec/escaped_params_spec.rb
torquebox-console-0.3.0 vendor/bundle/jruby/1.9/gems/rack-protection-1.4.0/spec/escaped_params_spec.rb
torquebox-console-0.2.5 vendor/bundle/jruby/1.9/gems/rack-protection-1.4.0/spec/escaped_params_spec.rb
torquebox-console-0.2.5 vendor/bundle/ruby/1.8/gems/rack-protection-1.4.0/spec/escaped_params_spec.rb
rack-protection-1.5.0 spec/escaped_params_spec.rb
torquebox-console-0.2.4 vendor/bundle/jruby/1.9/gems/rack-protection-1.4.0/spec/escaped_params_spec.rb
torquebox-console-0.2.4 vendor/bundle/ruby/1.8/gems/rack-protection-1.4.0/spec/escaped_params_spec.rb
torquebox-console-0.2.3 vendor/bundle/jruby/1.9/gems/rack-protection-1.4.0/spec/escaped_params_spec.rb
rack-protection-1.4.0 spec/escaped_params_spec.rb
rack-protection-1.3.2 spec/escaped_params_spec.rb
rack-protection-1.3.1 spec/escaped_params_spec.rb