Fix anonymous visitors getting a session cookie on first visit (#24584)
This commit is contained in:
Claire
GitHub
parent
6084461cd0
commit
276c39361b
8 changed files with 64 additions and 26 deletions
|
|
@ -132,25 +132,6 @@ describe ApplicationController, type: :controller do
|
|||
include_examples 'respond_with_error', 422
|
||||
end
|
||||
|
||||
describe 'before_action :store_current_location' do
|
||||
it 'stores location for user if it is not devise controller' do
|
||||
routes.draw { get 'success' => 'anonymous#success' }
|
||||
get 'success'
|
||||
expect(controller.stored_location_for(:user)).to eq '/success'
|
||||
end
|
||||
|
||||
context do
|
||||
controller Devise::SessionsController do
|
||||
end
|
||||
|
||||
it 'does not store location for user if it is devise controller' do
|
||||
@request.env['devise.mapping'] = Devise.mappings[:user]
|
||||
get 'create'
|
||||
expect(controller.stored_location_for(:user)).to be_nil
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'before_action :check_suspension' do
|
||||
before do
|
||||
routes.draw { get 'success' => 'anonymous#success' }
|
||||
|
|
|
|||
44
spec/requests/anonymous_cookies_spec.rb
Normal file
44
spec/requests/anonymous_cookies_spec.rb
Normal file
|
|
@ -0,0 +1,44 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'rails_helper'
|
||||
|
||||
context 'when visited anonymously' do
|
||||
around do |example|
|
||||
old = ActionController::Base.allow_forgery_protection
|
||||
ActionController::Base.allow_forgery_protection = true
|
||||
|
||||
example.run
|
||||
|
||||
ActionController::Base.allow_forgery_protection = old
|
||||
end
|
||||
|
||||
describe 'account pages' do
|
||||
it 'do not set cookies' do
|
||||
alice = Fabricate(:account, username: 'alice', display_name: 'Alice')
|
||||
_status = Fabricate(:status, account: alice, text: 'Hello World')
|
||||
|
||||
get '/@alice'
|
||||
|
||||
expect(response.cookies).to be_empty
|
||||
end
|
||||
end
|
||||
|
||||
describe 'status pages' do
|
||||
it 'do not set cookies' do
|
||||
alice = Fabricate(:account, username: 'alice', display_name: 'Alice')
|
||||
status = Fabricate(:status, account: alice, text: 'Hello World')
|
||||
|
||||
get short_account_status_url(alice, status)
|
||||
|
||||
expect(response.cookies).to be_empty
|
||||
end
|
||||
end
|
||||
|
||||
describe 'the /about page' do
|
||||
it 'does not set cookies' do
|
||||
get '/about'
|
||||
|
||||
expect(response.cookies).to be_empty
|
||||
end
|
||||
end
|
||||
end
|
||||
Loading…
Add table
Add a link
Reference in a new issue