Explicitly render a 404 on non-JS requests to messages#quote (#39999).

Patch by Holger Just (@hjust). git-svn-id: https://svn.redmine.org/redmine/trunk@22584 e93f8b46-1217-0410-a6f0-8f06a7374b81
author: Marius Balteanu <marius.balteanu@zitec.com> 2024-01-03 01:19:25 +0000
committer: Marius Balteanu <marius.balteanu@zitec.com> 2024-01-03 01:19:25 +0000
commit: fe9fd97f6d0ee80a536a61b9f7cbe3f9a6bce262 (patch)
tree: 0ee3fd14f87ab750ccc9a82b6f296333cf433ce0 /test/functional/messages_controller_test.rb
parent: 73477b41eb2c5062431c82e8718eb2ef89d7be99 (diff)
download: redmine-fe9fd97f6d0ee80a536a61b9f7cbe3f9a6bce262.tar.gz
redmine-fe9fd97f6d0ee80a536a61b9f7cbe3f9a6bce262.zip
1 files changed, 13 insertions, 0 deletions
diff --git a/test/functional/messages_controller_test.rb b/test/functional/messages_controller_test.rb
index 2535e570b..4e146e4e6 100644
--- a/test/functional/messages_controller_test.rb
+++ b/test/functional/messages_controller_test.rb
@@ -311,6 +311,19 @@ class MessagesControllerTest < Redmine::ControllerTest
     assert_include '> An other reply', response.body
   end
 
+  def test_quote_as_html_should_respond_with_404
+    @request.session[:user_id] = 2
+    get(
+      :quote,
+      :params => {
+        :board_id => 1,
+        :id => 3
+      },
+    )
+
+    assert_response 404
+  end
+
   def test_preview_new
     @request.session[:user_id] = 2
     post(
author	Marius Balteanu <marius.balteanu@zitec.com>	2024-01-03 01:19:25 +0000
committer	Marius Balteanu <marius.balteanu@zitec.com>	2024-01-03 01:19:25 +0000
commit	fe9fd97f6d0ee80a536a61b9f7cbe3f9a6bce262 (patch)
tree	0ee3fd14f87ab750ccc9a82b6f296333cf433ce0 /test/functional/messages_controller_test.rb
parent	73477b41eb2c5062431c82e8718eb2ef89d7be99 (diff)
download	redmine-fe9fd97f6d0ee80a536a61b9f7cbe3f9a6bce262.tar.gz redmine-fe9fd97f6d0ee80a536a61b9f7cbe3f9a6bce262.zip