Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

2.13.3

  • Loading branch information...
commit daf568c2f7a4c7dfcb56fb79eb0e4d16a5c54d07 1 parent 1616289
Braintree Open Source braintreeps authored
5 CHANGELOG.rdoc
Source Rendered
... ... @@ -1,3 +1,8 @@
  1 +== 2.13.3
  2 +
  3 +* Exposes plan_id on transactions
  4 +* Fixes GitHub issue #19 - Unescapes escaped characters in query string
  5 +
1 6 == 2.13.2
2 7
3 8 * Added error code for invalid purchase order number
1  lib/braintree/transaction.rb
@@ -53,6 +53,7 @@ module Type # :nodoc:
53 53 attr_reader :merchant_account_id
54 54 attr_reader :order_id
55 55 attr_reader :billing_details, :shipping_details
  56 + attr_reader :plan_id
56 57 # The authorization code from the processor.
57 58 attr_reader :processor_authorization_code
58 59 # The response code from the processor.
1  lib/braintree/transparent_redirect_gateway.rb
@@ -40,6 +40,7 @@ def create_customer_data(params)
40 40 def parse_and_validate_query_string(query_string) # :nodoc:
41 41 params = Util.symbolize_keys(Util.parse_query_string(query_string))
42 42 query_string_without_hash = query_string.split("&").reject{|param| param =~ /\Ahash=/}.join("&")
  43 + query_string_without_hash = Util.url_decode(query_string_without_hash)
43 44
44 45 if params[:http_status] == nil
45 46 raise UnexpectedError, "expected query string to have an http_status param"
4 lib/braintree/util.rb
@@ -25,6 +25,10 @@ def self.parse_query_string(qs)
25 25 end
26 26 end
27 27
  28 + def self.url_decode(text)
  29 + CGI.unescape text.to_s
  30 + end
  31 +
28 32 def self.url_encode(text)
29 33 CGI.escape text.to_s
30 34 end
2  lib/braintree/version.rb
@@ -2,7 +2,7 @@ module Braintree
2 2 module Version
3 3 Major = 2
4 4 Minor = 13
5   - Tiny = 1
  5 + Tiny = 3
6 6
7 7 String = "#{Major}.#{Minor}.#{Tiny}"
8 8 end
4 spec/integration/braintree/transaction_spec.rb
@@ -577,7 +577,7 @@
577 577 end
578 578 end
579 579
580   - it "snapshots add_ons and discounts from subscription" do
  580 + it "snapshots plan, add_ons and discounts from subscription" do
581 581 customer = Braintree::Customer.create!(
582 582 :credit_card => {
583 583 :number => Braintree::Test::CreditCardNumbers::Visa,
@@ -619,6 +619,8 @@
619 619 result.success?.should be_true
620 620 transaction = result.subscription.transactions.first
621 621
  622 + transaction.plan_id.should == SpecHelper::TriallessPlan[:id]
  623 +
622 624 transaction.add_ons.size.should == 2
623 625 add_ons = transaction.add_ons.sort_by { |add_on| add_on.id }
624 626
13 spec/unit/braintree/transparent_redirect_spec.rb
@@ -65,6 +65,19 @@
65 65 end.to raise_error(Braintree::ForgedQueryString)
66 66 end
67 67
  68 + it "does not raise ForgedQueryString if any parameter is url encoded" do
  69 + url_encoded_query_string_without_hash = "http_status=200&nested_param%5Bsub_param%5D=testing"
  70 + url_decoded_query_string_without_hash = Braintree::Util.url_decode(url_encoded_query_string_without_hash)
  71 +
  72 + hash = Braintree::Digest.hexdigest(Braintree::Configuration.private_key, url_decoded_query_string_without_hash)
  73 +
  74 + url_encoded_query_string = "#{url_encoded_query_string_without_hash}&hash=#{hash}"
  75 +
  76 + expect do
  77 + Braintree::Configuration.gateway.transparent_redirect.parse_and_validate_query_string url_encoded_query_string
  78 + end.to_not raise_error(Braintree::ForgedQueryString)
  79 + end
  80 +
68 81 it "raises an AuthenticationError if authentication fails" do
69 82 expect do
70 83 Braintree::Configuration.gateway.transparent_redirect.parse_and_validate_query_string add_hash_to_query_string("http_status=401")
6 spec/unit/braintree/util_spec.rb
@@ -257,4 +257,10 @@
257 257 Braintree::Util.url_encode("foo?bar").should == "foo%3Fbar"
258 258 end
259 259 end
  260 +
  261 + describe "self.url_decode" do
  262 + it "url encodes the given text" do
  263 + Braintree::Util.url_decode("foo%3Fbar").should == "foo?bar"
  264 + end
  265 + end
260 266 end

0 comments on commit daf568c

Please sign in to comment.
Something went wrong with that request. Please try again.