spec_file.rb in rack-1.4.1

- old
+ new

@@ -62,17 +62,19 @@
 
   should "not allow unsafe directory traversal" do
     req = Rack::MockRequest.new(Rack::Lint.new(Rack::File.new(DOCROOT)))
 
     res = req.get("/../README")
-    res.should.be.forbidden
+    res.should.be.client_error
 
     res = req.get("../test")
-    res.should.be.forbidden
+    res.should.be.client_error
 
     res = req.get("..")
-    res.should.be.forbidden
+    res.should.be.client_error
+
+    res.should.be.not_found
   end
 
   should "allow files with .. in their name" do
     req = Rack::MockRequest.new(Rack::Lint.new(Rack::File.new(DOCROOT)))
     res = req.get("/cgi/..test")
@@ -87,11 +89,12 @@
 
   should "not allow unsafe directory traversal with encoded periods" do
     res = Rack::MockRequest.new(Rack::Lint.new(Rack::File.new(DOCROOT))).
       get("/%2E%2E/README")
 
-    res.should.be.forbidden
+    res.should.be.client_error?
+    res.should.be.not_found
   end
 
   should "allow safe directory traversal with encoded periods" do
     res = Rack::MockRequest.new(Rack::Lint.new(Rack::File.new(DOCROOT))).
       get("/cgi/%2E%2E/cgi/test")
@@ -157,16 +160,24 @@
 
     forbidden = %w[post put delete]
     forbidden.each do |method|
 
       res = req.send(method, "/cgi/test")
-      res.should.be.forbidden
+      res.should.be.client_error
+      res.should.be.method_not_allowed
     end
 
     allowed = %w[get head]
     allowed.each do |method|
       res = req.send(method, "/cgi/test")
       res.should.be.successful
     end
+  end
+
+  should "set Content-Length correctly for HEAD requests" do
+    req = Rack::MockRequest.new(Rack::Lint.new(Rack::File.new(DOCROOT)))
+    res = req.head "/cgi/test"
+    res.should.be.successful
+    res['Content-Length'].should.equal "193"
   end
 
 end