projects / feedcatcher.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Updated README.rdoc again
[feedcatcher.git] / vendor / rails / actionpack / test / controller / request_test.rb
1 require 'abstract_unit'
2
3 class RequestTest < ActiveSupport::TestCase
4 def setup
5 ActionController::Base.relative_url_root = nil
6 @request = ActionController::TestRequest.new
7 end
8
9 def teardown
10 ActionController::Base.relative_url_root = nil
11 end
12
13 def test_remote_ip
14 assert_equal '0.0.0.0', @request.remote_ip
15
16 @request.remote_addr = '1.2.3.4'
17 assert_equal '1.2.3.4', @request.remote_ip
18
19 @request.remote_addr = '1.2.3.4,3.4.5.6'
20 assert_equal '1.2.3.4', @request.remote_ip
21
22 @request.env['HTTP_CLIENT_IP'] = '2.3.4.5'
23 assert_equal '1.2.3.4', @request.remote_ip
24
25 @request.remote_addr = '192.168.0.1'
26 assert_equal '2.3.4.5', @request.remote_ip
27 @request.env.delete 'HTTP_CLIENT_IP'
28
29 @request.remote_addr = '1.2.3.4'
30 @request.env['HTTP_X_FORWARDED_FOR'] = '3.4.5.6'
31 assert_equal '1.2.3.4', @request.remote_ip
32
33 @request.remote_addr = '127.0.0.1'
34 @request.env['HTTP_X_FORWARDED_FOR'] = '3.4.5.6'
35 assert_equal '3.4.5.6', @request.remote_ip
36
37 @request.env['HTTP_X_FORWARDED_FOR'] = 'unknown,3.4.5.6'
38 assert_equal '3.4.5.6', @request.remote_ip
39
40 @request.env['HTTP_X_FORWARDED_FOR'] = '172.16.0.1,3.4.5.6'
41 assert_equal '3.4.5.6', @request.remote_ip
42
43 @request.env['HTTP_X_FORWARDED_FOR'] = '192.168.0.1,3.4.5.6'
44 assert_equal '3.4.5.6', @request.remote_ip
45
46 @request.env['HTTP_X_FORWARDED_FOR'] = '10.0.0.1,3.4.5.6'
47 assert_equal '3.4.5.6', @request.remote_ip
48
49 @request.env['HTTP_X_FORWARDED_FOR'] = '10.0.0.1, 10.0.0.1, 3.4.5.6'
50 assert_equal '3.4.5.6', @request.remote_ip
51
52 @request.env['HTTP_X_FORWARDED_FOR'] = '127.0.0.1,3.4.5.6'
53 assert_equal '3.4.5.6', @request.remote_ip
54
55 @request.env['HTTP_X_FORWARDED_FOR'] = 'unknown,192.168.0.1'
56 assert_equal 'unknown', @request.remote_ip
57
58 @request.env['HTTP_X_FORWARDED_FOR'] = '9.9.9.9, 3.4.5.6, 10.0.0.1, 172.31.4.4'
59 assert_equal '3.4.5.6', @request.remote_ip
60
61 @request.env['HTTP_CLIENT_IP'] = '8.8.8.8'
62 e = assert_raise(ActionController::ActionControllerError) {
63 @request.remote_ip
64 }
65 assert_match /IP spoofing attack/, e.message
66 assert_match /HTTP_X_FORWARDED_FOR="9.9.9.9, 3.4.5.6, 10.0.0.1, 172.31.4.4"/, e.message
67 assert_match /HTTP_CLIENT_IP="8.8.8.8"/, e.message
68
69 # turn IP Spoofing detection off.
70 # This is useful for sites that are aimed at non-IP clients. The typical
71 # example is WAP. Since the cellular network is not IP based, it's a
72 # leap of faith to assume that their proxies are ever going to set the
73 # HTTP_CLIENT_IP/HTTP_X_FORWARDED_FOR headers properly.
74 ActionController::Base.ip_spoofing_check = false
75 assert_equal('8.8.8.8', @request.remote_ip)
76 ActionController::Base.ip_spoofing_check = true
77
78 @request.env['HTTP_X_FORWARDED_FOR'] = '8.8.8.8, 9.9.9.9'
79 assert_equal '8.8.8.8', @request.remote_ip
80
81 @request.env.delete 'HTTP_CLIENT_IP'
82 @request.env.delete 'HTTP_X_FORWARDED_FOR'
83 end
84
85 def test_domains
86 @request.host = "www.rubyonrails.org"
87 assert_equal "rubyonrails.org", @request.domain
88
89 @request.host = "www.rubyonrails.co.uk"
90 assert_equal "rubyonrails.co.uk", @request.domain(2)
91
92 @request.host = "192.168.1.200"
93 assert_nil @request.domain
94
95 @request.host = "foo.192.168.1.200"
96 assert_nil @request.domain
97
98 @request.host = "192.168.1.200.com"
99 assert_equal "200.com", @request.domain
100
101 @request.host = nil
102 assert_nil @request.domain
103 end
104
105 def test_subdomains
106 @request.host = "www.rubyonrails.org"
107 assert_equal %w( www ), @request.subdomains
108
109 @request.host = "www.rubyonrails.co.uk"
110 assert_equal %w( www ), @request.subdomains(2)
111
112 @request.host = "dev.www.rubyonrails.co.uk"
113 assert_equal %w( dev www ), @request.subdomains(2)
114
115 @request.host = "foobar.foobar.com"
116 assert_equal %w( foobar ), @request.subdomains
117
118 @request.host = "192.168.1.200"
119 assert_equal [], @request.subdomains
120
121 @request.host = "foo.192.168.1.200"
122 assert_equal [], @request.subdomains
123
124 @request.host = "192.168.1.200.com"
125 assert_equal %w( 192 168 1 ), @request.subdomains
126
127 @request.host = nil
128 assert_equal [], @request.subdomains
129 end
130
131 def test_port_string
132 @request.port = 80
133 assert_equal "", @request.port_string
134
135 @request.port = 8080
136 assert_equal ":8080", @request.port_string
137 end
138
139 def test_request_uri
140 @request.env['SERVER_SOFTWARE'] = 'Apache 42.342.3432'
141
142 @request.set_REQUEST_URI "http://www.rubyonrails.org/path/of/some/uri?mapped=1"
143 assert_equal "/path/of/some/uri?mapped=1", @request.request_uri
144 assert_equal "/path/of/some/uri", @request.path
145
146 @request.set_REQUEST_URI "http://www.rubyonrails.org/path/of/some/uri"
147 assert_equal "/path/of/some/uri", @request.request_uri
148 assert_equal "/path/of/some/uri", @request.path
149
150 @request.set_REQUEST_URI "/path/of/some/uri"
151 assert_equal "/path/of/some/uri", @request.request_uri
152 assert_equal "/path/of/some/uri", @request.path
153
154 @request.set_REQUEST_URI "/"
155 assert_equal "/", @request.request_uri
156 assert_equal "/", @request.path
157
158 @request.set_REQUEST_URI "/?m=b"
159 assert_equal "/?m=b", @request.request_uri
160 assert_equal "/", @request.path
161
162 @request.set_REQUEST_URI "/"
163 @request.env['SCRIPT_NAME'] = "/dispatch.cgi"
164 assert_equal "/", @request.request_uri
165 assert_equal "/", @request.path
166
167 ActionController::Base.relative_url_root = "/hieraki"
168 @request.set_REQUEST_URI "/hieraki/"
169 @request.env['SCRIPT_NAME'] = "/hieraki/dispatch.cgi"
170 assert_equal "/hieraki/", @request.request_uri
171 assert_equal "/", @request.path
172 ActionController::Base.relative_url_root = nil
173
174 ActionController::Base.relative_url_root = "/collaboration/hieraki"
175 @request.set_REQUEST_URI "/collaboration/hieraki/books/edit/2"
176 @request.env['SCRIPT_NAME'] = "/collaboration/hieraki/dispatch.cgi"
177 assert_equal "/collaboration/hieraki/books/edit/2", @request.request_uri
178 assert_equal "/books/edit/2", @request.path
179 ActionController::Base.relative_url_root = nil
180
181 # The following tests are for when REQUEST_URI is not supplied (as in IIS)
182 @request.env['PATH_INFO'] = "/path/of/some/uri?mapped=1"
183 @request.env['SCRIPT_NAME'] = nil #"/path/dispatch.rb"
184 @request.set_REQUEST_URI nil
185 assert_equal "/path/of/some/uri?mapped=1", @request.request_uri
186 assert_equal "/path/of/some/uri", @request.path
187
188 ActionController::Base.relative_url_root = '/path'
189 @request.env['PATH_INFO'] = "/path/of/some/uri?mapped=1"
190 @request.env['SCRIPT_NAME'] = "/path/dispatch.rb"
191 @request.set_REQUEST_URI nil
192 assert_equal "/path/of/some/uri?mapped=1", @request.request_uri
193 assert_equal "/of/some/uri", @request.path
194 ActionController::Base.relative_url_root = nil
195
196 @request.env['PATH_INFO'] = "/path/of/some/uri"
197 @request.env['SCRIPT_NAME'] = nil
198 @request.set_REQUEST_URI nil
199 assert_equal "/path/of/some/uri", @request.request_uri
200 assert_equal "/path/of/some/uri", @request.path
201
202 @request.env['PATH_INFO'] = "/"
203 @request.set_REQUEST_URI nil
204 assert_equal "/", @request.request_uri
205 assert_equal "/", @request.path
206
207 @request.env['PATH_INFO'] = "/?m=b"
208 @request.set_REQUEST_URI nil
209 assert_equal "/?m=b", @request.request_uri
210 assert_equal "/", @request.path
211
212 @request.env['PATH_INFO'] = "/"
213 @request.env['SCRIPT_NAME'] = "/dispatch.cgi"
214 @request.set_REQUEST_URI nil
215 assert_equal "/", @request.request_uri
216 assert_equal "/", @request.path
217
218 ActionController::Base.relative_url_root = '/hieraki'
219 @request.env['PATH_INFO'] = "/hieraki/"
220 @request.env['SCRIPT_NAME'] = "/hieraki/dispatch.cgi"
221 @request.set_REQUEST_URI nil
222 assert_equal "/hieraki/", @request.request_uri
223 assert_equal "/", @request.path
224 ActionController::Base.relative_url_root = nil
225
226 @request.set_REQUEST_URI '/hieraki/dispatch.cgi'
227 ActionController::Base.relative_url_root = '/hieraki'
228 assert_equal "/dispatch.cgi", @request.path
229 ActionController::Base.relative_url_root = nil
230
231 @request.set_REQUEST_URI '/hieraki/dispatch.cgi'
232 ActionController::Base.relative_url_root = '/foo'
233 assert_equal "/hieraki/dispatch.cgi", @request.path
234 ActionController::Base.relative_url_root = nil
235
236 # This test ensures that Rails uses REQUEST_URI over PATH_INFO
237 ActionController::Base.relative_url_root = nil
238 @request.env['REQUEST_URI'] = "/some/path"
239 @request.env['PATH_INFO'] = "/another/path"
240 @request.env['SCRIPT_NAME'] = "/dispatch.cgi"
241 assert_equal "/some/path", @request.request_uri
242 assert_equal "/some/path", @request.path
243 end
244
245 def test_host_with_default_port
246 @request.host = "rubyonrails.org"
247 @request.port = 80
248 assert_equal "rubyonrails.org", @request.host_with_port
249 end
250
251 def test_host_with_non_default_port
252 @request.host = "rubyonrails.org"
253 @request.port = 81
254 assert_equal "rubyonrails.org:81", @request.host_with_port
255 end
256
257 def test_server_software
258 assert_equal nil, @request.server_software
259
260 @request.env['SERVER_SOFTWARE'] = 'Apache3.422'
261 assert_equal 'apache', @request.server_software
262
263 @request.env['SERVER_SOFTWARE'] = 'lighttpd(1.1.4)'
264 assert_equal 'lighttpd', @request.server_software
265 end
266
267 def test_xml_http_request
268 assert !@request.xml_http_request?
269 assert !@request.xhr?
270
271 @request.env['HTTP_X_REQUESTED_WITH'] = "DefinitelyNotAjax1.0"
272 assert !@request.xml_http_request?
273 assert !@request.xhr?
274
275 @request.env['HTTP_X_REQUESTED_WITH'] = "XMLHttpRequest"
276 assert @request.xml_http_request?
277 assert @request.xhr?
278 end
279
280 def test_reports_ssl
281 assert !@request.ssl?
282 @request.env['HTTPS'] = 'on'
283 assert @request.ssl?
284 end
285
286 def test_reports_ssl_when_proxied_via_lighttpd
287 assert !@request.ssl?
288 @request.env['HTTP_X_FORWARDED_PROTO'] = 'https'
289 assert @request.ssl?
290 end
291
292 def test_symbolized_request_methods
293 [:get, :post, :put, :delete].each do |method|
294 self.request_method = method
295 assert_equal method, @request.method
296 end
297 end
298
299 def test_invalid_http_method_raises_exception
300 assert_raise(ActionController::UnknownHttpMethod) do
301 self.request_method = :random_method
302 @request.request_method
303 end
304 end
305
306 def test_allow_method_hacking_on_post
307 [:get, :head, :options, :put, :post, :delete].each do |method|
308 self.request_method = method
309 assert_equal(method == :head ? :get : method, @request.method)
310 end
311 end
312
313 def test_invalid_method_hacking_on_post_raises_exception
314 assert_raise(ActionController::UnknownHttpMethod) do
315 self.request_method = :_random_method
316 @request.request_method
317 end
318 end
319
320 def test_restrict_method_hacking
321 @request.instance_eval { @parameters = { :_method => 'put' } }
322 [:get, :put, :delete].each do |method|
323 self.request_method = method
324 assert_equal method, @request.method
325 end
326 end
327
328 def test_head_masquerading_as_get
329 self.request_method = :head
330 assert_equal :get, @request.method
331 assert @request.get?
332 assert @request.head?
333 end
334
335 def test_xml_format
336 @request.instance_eval { @parameters = { :format => 'xml' } }
337 assert_equal Mime::XML, @request.format
338 end
339
340 def test_xhtml_format
341 @request.instance_eval { @parameters = { :format => 'xhtml' } }
342 assert_equal Mime::HTML, @request.format
343 end
344
345 def test_txt_format
346 @request.instance_eval { @parameters = { :format => 'txt' } }
347 assert_equal Mime::TEXT, @request.format
348 end
349
350 def test_nil_format
351 ActionController::Base.use_accept_header, old =
352 false, ActionController::Base.use_accept_header
353
354 @request.instance_eval { @parameters = {} }
355 @request.env["HTTP_X_REQUESTED_WITH"] = "XMLHttpRequest"
356 assert @request.xhr?
357 assert_equal Mime::JS, @request.format
358
359 ensure
360 ActionController::Base.use_accept_header = old
361 end
362
363 def test_content_type
364 @request.env["CONTENT_TYPE"] = "text/html"
365 assert_equal Mime::HTML, @request.content_type
366 end
367
368 def test_format_assignment_should_set_format
369 @request.instance_eval { self.format = :txt }
370 assert !@request.format.xml?
371 @request.instance_eval { self.format = :xml }
372 assert @request.format.xml?
373 end
374
375 def test_content_no_type
376 assert_equal nil, @request.content_type
377 end
378
379 def test_content_type_xml
380 @request.env["CONTENT_TYPE"] = "application/xml"
381 assert_equal Mime::XML, @request.content_type
382 end
383
384 def test_content_type_with_charset
385 @request.env["CONTENT_TYPE"] = "application/xml; charset=UTF-8"
386 assert_equal Mime::XML, @request.content_type
387 end
388
389 def test_user_agent
390 assert_not_nil @request.user_agent
391 end
392
393 def test_parameters
394 @request.stubs(:request_parameters).returns({ "foo" => 1 })
395 @request.stubs(:query_parameters).returns({ "bar" => 2 })
396
397 assert_equal({"foo" => 1, "bar" => 2}, @request.parameters)
398 assert_equal({"foo" => 1}, @request.request_parameters)
399 assert_equal({"bar" => 2}, @request.query_parameters)
400 end
401
402 protected
403 def request_method=(method)
404 @request.env['REQUEST_METHOD'] = method.to_s.upcase
405 @request.request_method = nil # Reset the ivar cache
406 end
407 end
Feedcatcher RSS server