Permalink
Browse files

Accessing nonexistant cookies through the signed jar should not raise an

exception
  • Loading branch information...
1 parent 6ce538d commit eeba755a11dbdbf90afd4fd815e215bd7e9826e6 @josh josh committed Jan 18, 2010
@@ -176,7 +176,9 @@ def initialize(parent_jar)
end
def [](name)
- @verifier.verify(@parent_jar[name])
+ if value = @parent_jar[name]
+ @verifier.verify(value)
+ end
end
def []=(key, options)
@@ -141,6 +141,11 @@ def test_signed_cookie
assert_equal 45, @controller.send(:cookies).signed[:user_id]
end
+ def test_accessing_nonexistant_signed_cookie_should_not_raise_an_invalid_signature
+ get :set_signed_cookie
+ assert_nil @controller.send(:cookies).signed[:non_existant_attribute]
+ end
+
def test_permanent_signed_cookie
get :set_permanent_signed_cookie
assert_match %r(#{20.years.from_now.utc.year}), @response.headers["Set-Cookie"]

0 comments on commit eeba755

Please sign in to comment.