/
rack-iframe_spec.rb
218 lines (169 loc) · 7.5 KB
/
rack-iframe_spec.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
require 'spec_helper'
# == References:
# - http://tempe.st/tag/ruby-on-rails
# - http://groups.google.com/group/rack-devel/browse_thread/thread/11da5971522b107b
# - http://grack.com/blog/2010/01/06/3rd-party-cookies-dom-storage-and-privacy
# - http://anantgarg.com/2010/02/18/cross-domain-cookies-in-safari
describe Rack::Iframe do
describe "VERSION" do
it 'should be defined' do
defined?(::Rack::Iframe::VERSION)
end
it 'should be a valid version string (e.g. "0.0.1", or "0.0.1.rc1")' do
valid_version_string = /^\d+\.\d+\.\d+/
Rack::Iframe::VERSION.must_match valid_version_string
end
end
describe "Middleware" do
before do
@app = CachedApp.new
end
describe "without Rack::Iframe" do
before do
@user_agents = all_user_agents
end
it 'should not have P3P headers' do
@user_agents.each do |user_agent|
request = mock_request(user_agent)
response = @app.call(request)
status, headers, body = response
headers.key?('P3P').must_equal false
end
end
end
describe "with Rack::Iframe" do
describe "browsers that require the P3P header: IE, Safari" do
before do
@user_agents = [:ie, :safari]
end
describe "without any HTTP-cache headers" do
it 'should send P3P header - modified (200 OK)' do
@user_agents.each do |user_agent|
request = mock_request(user_agent)
response = Rack::Iframe.new(@app).call(request)
status, headers, body = response
headers['P3P'].must_equal %(CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV")
status.must_equal 200 # modified
end
end
end
# NOTE: P3P headers with HTTP-cache headers don't work well.
describe "with HTTP-cache headers" do
describe "If-None-Match (Etag)" do
it 'should send P3P header - modified (200 OK)' do
@user_agents.each do |user_agent|
@app = mock_app('Etag' => '123')
request = mock_request(user_agent, 'HTTP_IF_NONE_MATCH' => '123')
response = Rack::Iframe.new(@app).call(request)
status, headers, body = response
headers['P3P'].must_equal %(CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV")
status.must_equal 200 # modified
end
end
end
describe "Last-Modified" do
it 'should send P3P header - modified (200 OK)' do
skip
# @user_agents.each do |user_agent|
# @app = mock_app('Last-Modified' => Chronic.parse('0 minutes ago').rfc2822)
# request = mock_request(user_agent, 'HTTP_IF_MODIFIED_SINCE' => Chronic.parse('1 minute ago').rfc2822)
# response = Rack::Iframe.new(@app).call(request)
# status, headers, body = response
# headers['P3P'].must_equal %(CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV")
# status.must_equal 200 # modified
# end
end
end
end
describe "custom middleware-arguments" do
it 'should use custom P3P header if specified via options as :p3p' do
request = mock_request(:ie)
response = Rack::Iframe.new(@app, :p3p => %(CP="NOI DSP LAW NID")).call(request)
status, headers, body = response
headers['P3P'].must_equal %(CP="NOI DSP LAW NID")
end
end
end
describe "browsers that don't require the P3P header: Chrome, Firefox, Opera" do
before do
@user_agents = all_user_agents - [:ie, :safari]
end
describe "without any HTTP-cache headers" do
it 'should not send P3P header - modified (200 OK)' do
@user_agents.each do |user_agent|
@app = mock_app()
request = mock_request(user_agent)
response = Rack::Iframe.new(@app).call(request)
status, headers, body = response
headers.key?('P3P').must_equal false
status.must_equal 200 # modified
end
end
end
describe "with HTTP-cache headers" do
describe "If-None-Match (Etag)" do
it 'should not send P3P header - not modified (304 Not Modified)' do
@user_agents.each do |user_agent|
@app = mock_app('Etag' => '123')
request = mock_request(user_agent, 'HTTP_IF_NONE_MATCH' => '123')
response = Rack::Iframe.new(@app).call(request)
status, headers, body = response
headers.key?('P3P').must_equal false
status.must_equal 304 # not modified
# browser = Rack::Test::Session.new(Rack::MockSession.new(CachedApp))
# browser.get '/', {}, 'HTTP_IF_NONE_MATCH' => '123'
# browser.last_response.headers.key?('P3P').must_equal false
# browser.last_response.status.must_equal 304
end
end
end
describe "Last-Modified" do
it 'should not send P3P header - not modified (304 Not Modified)' do
skip
# @user_agents.each do |user_agent|
# @app = mock_app('Last-Modified' => Chronic.parse('1 minute ago').rfc2822)
# request = mock_request(user_agent, 'HTTP_IF_MODIFIED_SINCE' => Chronic.parse('0 minutes ago').rfc2822)
# response = Rack::Iframe.new(@app).call(request)
# status, headers, body = response
# ap headers
# headers.key?('P3P').must_equal false
# status.must_equal 304 # not modified
# # response = Rack::Iframe.new(@app).call(request)
# # status, headers, body = response
# # ap headers
# # headers.key?('P3P').must_equal false
# # status.must_equal 304 # not modified
# # browser = Rack::Test::Session.new(Rack::MockSession.new(CachedApp))
# # browser.get '/', {}, 'HTTP_IF_MODIFIED_SINCE' => Chronic.parse('1 minute ago')
# # browser.last_response.headers.key?('P3P').must_equal false
# # browser.last_response.status.must_equal 200
# end
end
end
end
end
describe "any browser: Iframe session cookie hack" do
before do
@user_agents = [:safari]
end
it 'should respond to * /iframe_session with P3P header - modified (200 OK)' do
@user_agents.each do |user_agent|
request = mock_request(user_agent, {}, '/iframe_session')
response = Rack::Iframe.new(@app).call(request)
status, headers, body = response
headers['P3P'].must_equal %(CP="ALL DSP COR CURa ADMa DEVa OUR IND COM NAV")
status.must_equal 200 # modified
end
end
it 'should set session variable :iframe_session on request to /iframe_session' do
@user_agents.each do |user_agent|
browser = Rack::Test::Session.new(Rack::MockSession.new(SessionIframeApp))
browser.get '/iframe_session', {}, 'HTTP_USER_AGENT' => user_agent_string(user_agent)
browser.get '/test_iframe_session', {}, 'HTTP_USER_AGENT' => user_agent_string(user_agent)
browser.last_response.body.must_equal "true"
end
end
end
end
end
end