Sha256: 9fececb7e72177af9c774cae1a7f2f785d0e4e54a889516e6febc3f8119c2297
Contents?: true
Size: 549 Bytes
Versions: 2
Compression:
Stored size: 549 Bytes
Contents
require 'test_helper'
class SecurityTest < ActiveSupport::IntegrationCase
test 'does not show database.yml' do
step = "%2E%2F%2E%2E%2F%2E%2E%2Fconfig%2Fdatabase%2Eyml"
assert_raise(Wicked::Wizard::InvalidStepError) do
visit(bar_path(step))
end
end
# only works on *nix systems
test 'does not show arbitrary system file' do
root = '%2E%2F%2E' * 100 # root of system
step = root + '%2Fusr%2Fshare%2Fdict%2Fwords'
assert_raise(Wicked::Wizard::InvalidStepError) do
visit(bar_path(step))
end
end
end
Version data entries
2 entries across 2 versions & 1 rubygems
| Version | Path |
|---|---|
| wicked-2.0.0 | test/integration/security_test.rb |
| wicked-1.4.0 | test/integration/security_test.rb |