Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

Fix 319 http only #320

Merged
merged 1 commit into from

4 participants

@glennr

Fixes #319

Added a spec.

Also tested on Rails 2.3.14 (but no version older than that.)

@ladelfa

+1

@binarylogic binarylogic merged commit 8f81fab into binarylogic:rails2
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jun 7, 2012
This page is out of date. Refresh to see the latest.
Showing with 22 additions and 21 deletions.
  1. +2 −2 lib/authlogic/session/cookies.rb
  2. +20 −19 test/session_test/cookies_test.rb
View
4 lib/authlogic/session/cookies.rb
@@ -168,7 +168,7 @@ def save_cookie
:value => "#{record.persistence_token}::#{record.send(record.class.primary_key)}",
:expires => remember_me_until,
:secure => secure,
- :http_only => httponly,
+ :httponly => httponly,
:domain => controller.cookie_domain
}
end
@@ -179,4 +179,4 @@ def destroy_cookie
end
end
end
-end
+end
View
39 test/session_test/cookies_test.rb
@@ -6,35 +6,35 @@ class ConfiTest < ActiveSupport::TestCase
def test_cookie_key
UserSession.cookie_key = "my_cookie_key"
assert_equal "my_cookie_key", UserSession.cookie_key
-
+
UserSession.cookie_key "user_credentials"
assert_equal "user_credentials", UserSession.cookie_key
end
-
+
def test_default_cookie_key
assert_equal "user_credentials", UserSession.cookie_key
assert_equal "back_office_user_credentials", BackOfficeUserSession.cookie_key
end
-
+
def test_remember_me
UserSession.remember_me = true
assert_equal true, UserSession.remember_me
session = UserSession.new
assert_equal true, session.remember_me
-
+
UserSession.remember_me false
assert_equal false, UserSession.remember_me
session = UserSession.new
assert_equal false, session.remember_me
end
-
+
def test_remember_me_for
UserSession.remember_me_for = 3.years
assert_equal 3.years, UserSession.remember_me_for
session = UserSession.new
session.remember_me = true
assert_equal 3.years, session.remember_me_for
-
+
UserSession.remember_me_for 3.months
assert_equal 3.months, UserSession.remember_me_for
session = UserSession.new
@@ -42,48 +42,48 @@ def test_remember_me_for
assert_equal 3.months, session.remember_me_for
end
end
-
+
class InstanceMethodsTest < ActiveSupport::TestCase
def test_credentials
session = UserSession.new
session.credentials = {:remember_me => true}
assert_equal true, session.remember_me
end
-
+
def test_remember_me
session = UserSession.new
assert_equal false, session.remember_me
assert !session.remember_me?
-
+
session.remember_me = false
assert_equal false, session.remember_me
assert !session.remember_me?
-
+
session.remember_me = true
assert_equal true, session.remember_me
assert session.remember_me?
-
+
session.remember_me = nil
assert_nil session.remember_me
assert !session.remember_me?
-
+
session.remember_me = "1"
assert_equal "1", session.remember_me
assert session.remember_me?
-
+
session.remember_me = "true"
assert_equal "true", session.remember_me
assert session.remember_me?
end
-
+
def test_remember_me_until
session = UserSession.new
assert_nil session.remember_me_until
-
+
session.remember_me = true
assert 3.months.from_now <= session.remember_me_until
end
-
+
def test_persist_persist_by_cookie
ben = users(:ben)
assert !UserSession.find
@@ -91,14 +91,15 @@ def test_persist_persist_by_cookie
assert session = UserSession.find
assert_equal ben, session.record
end
-
+
def test_after_save_save_cookie
ben = users(:ben)
session = UserSession.new(ben)
assert session.save
assert_equal "#{ben.persistence_token}::#{ben.id}", controller.cookies["user_credentials"]
+ assert_equal false, controller.cookies["httponly"]
end
-
+
def test_after_destroy_destroy_cookie
ben = users(:ben)
set_cookie_for(ben)
@@ -109,4 +110,4 @@ def test_after_destroy_destroy_cookie
end
end
end
-end
+end
Something went wrong with that request. Please try again.