Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

[fixes #319] cookies http_only deprecated. Use httponly instead.

  • Loading branch information...
commit cb83a51e215b63101702b43da7eaa8aeec139dbb 1 parent 20f4f9f
authored June 07, 2012
4  lib/authlogic/session/cookies.rb
@@ -168,7 +168,7 @@ def save_cookie
168 168
               :value => "#{record.persistence_token}::#{record.send(record.class.primary_key)}",
169 169
               :expires => remember_me_until,
170 170
               :secure => secure,
171  
-              :http_only => httponly,
  171
+              :httponly => httponly,
172 172
               :domain => controller.cookie_domain
173 173
             }
174 174
           end
@@ -179,4 +179,4 @@ def destroy_cookie
179 179
       end
180 180
     end
181 181
   end
182  
-end
  182
+end
39  test/session_test/cookies_test.rb
@@ -6,35 +6,35 @@ class ConfiTest < ActiveSupport::TestCase
6 6
       def test_cookie_key
7 7
         UserSession.cookie_key = "my_cookie_key"
8 8
         assert_equal "my_cookie_key", UserSession.cookie_key
9  
-    
  9
+
10 10
         UserSession.cookie_key "user_credentials"
11 11
         assert_equal "user_credentials", UserSession.cookie_key
12 12
       end
13  
-    
  13
+
14 14
       def test_default_cookie_key
15 15
         assert_equal "user_credentials", UserSession.cookie_key
16 16
         assert_equal "back_office_user_credentials", BackOfficeUserSession.cookie_key
17 17
       end
18  
-    
  18
+
19 19
       def test_remember_me
20 20
         UserSession.remember_me = true
21 21
         assert_equal true, UserSession.remember_me
22 22
         session = UserSession.new
23 23
         assert_equal true, session.remember_me
24  
-    
  24
+
25 25
         UserSession.remember_me false
26 26
         assert_equal false, UserSession.remember_me
27 27
         session = UserSession.new
28 28
         assert_equal false, session.remember_me
29 29
       end
30  
-  
  30
+
31 31
       def test_remember_me_for
32 32
         UserSession.remember_me_for = 3.years
33 33
         assert_equal 3.years, UserSession.remember_me_for
34 34
         session = UserSession.new
35 35
         session.remember_me = true
36 36
         assert_equal 3.years, session.remember_me_for
37  
-    
  37
+
38 38
         UserSession.remember_me_for 3.months
39 39
         assert_equal 3.months, UserSession.remember_me_for
40 40
         session = UserSession.new
@@ -42,48 +42,48 @@ def test_remember_me_for
42 42
         assert_equal 3.months, session.remember_me_for
43 43
       end
44 44
     end
45  
-    
  45
+
46 46
     class InstanceMethodsTest < ActiveSupport::TestCase
47 47
       def test_credentials
48 48
         session = UserSession.new
49 49
         session.credentials = {:remember_me => true}
50 50
         assert_equal true, session.remember_me
51 51
       end
52  
-    
  52
+
53 53
       def test_remember_me
54 54
         session = UserSession.new
55 55
         assert_equal false, session.remember_me
56 56
         assert !session.remember_me?
57  
-      
  57
+
58 58
         session.remember_me = false
59 59
         assert_equal false, session.remember_me
60 60
         assert !session.remember_me?
61  
-      
  61
+
62 62
         session.remember_me = true
63 63
         assert_equal true, session.remember_me
64 64
         assert session.remember_me?
65  
-      
  65
+
66 66
         session.remember_me = nil
67 67
         assert_nil session.remember_me
68 68
         assert !session.remember_me?
69  
-      
  69
+
70 70
         session.remember_me = "1"
71 71
         assert_equal "1", session.remember_me
72 72
         assert session.remember_me?
73  
-      
  73
+
74 74
         session.remember_me = "true"
75 75
         assert_equal "true", session.remember_me
76 76
         assert session.remember_me?
77 77
       end
78  
-    
  78
+
79 79
       def test_remember_me_until
80 80
         session = UserSession.new
81 81
         assert_nil session.remember_me_until
82  
-      
  82
+
83 83
         session.remember_me = true
84 84
         assert 3.months.from_now <= session.remember_me_until
85 85
       end
86  
-    
  86
+
87 87
       def test_persist_persist_by_cookie
88 88
         ben = users(:ben)
89 89
         assert !UserSession.find
@@ -91,14 +91,15 @@ def test_persist_persist_by_cookie
91 91
         assert session = UserSession.find
92 92
         assert_equal ben, session.record
93 93
       end
94  
-    
  94
+
95 95
       def test_after_save_save_cookie
96 96
         ben = users(:ben)
97 97
         session = UserSession.new(ben)
98 98
         assert session.save
99 99
         assert_equal "#{ben.persistence_token}::#{ben.id}", controller.cookies["user_credentials"]
  100
+        assert_equal false, controller.cookies["httponly"]
100 101
       end
101  
-    
  102
+
102 103
       def test_after_destroy_destroy_cookie
103 104
         ben = users(:ben)
104 105
         set_cookie_for(ben)
@@ -109,4 +110,4 @@ def test_after_destroy_destroy_cookie
109 110
       end
110 111
     end
111 112
   end
112  
-end
  113
+end

0 notes on commit cb83a51

Please sign in to comment.
Something went wrong with that request. Please try again.