diff options
| author | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2013-01-26 18:37:09 +0000 |
|---|---|---|
| committer | Jean-Philippe Lang <jp_lang@yahoo.fr> | 2013-01-26 18:37:09 +0000 |
| commit | 9f127793be20c1e23f31c66b5efd4a0acaea2642 (patch) | |
| tree | c3b45ebf7959f1fb6c9693077e12d829567109f8 /test/integration/api_test | |
| parent | 134b66cb290f084a06a8a4ad7a21913cf002ca85 (diff) | |
| download | redmine-9f127793be20c1e23f31c66b5efd4a0acaea2642.tar.gz redmine-9f127793be20c1e23f31c66b5efd4a0acaea2642.zip | |
Make JSONP support optional and disabled by default (#12992).
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11272 e93f8b46-1217-0410-a6f0-8f06a7374b81
Diffstat (limited to 'test/integration/api_test')
| -rw-r--r-- | test/integration/api_test/jsonp_test.rb | 26 |
1 files changed, 22 insertions, 4 deletions
diff --git a/test/integration/api_test/jsonp_test.rb b/test/integration/api_test/jsonp_test.rb index 3007a2db8..df3be427c 100644 --- a/test/integration/api_test/jsonp_test.rb +++ b/test/integration/api_test/jsonp_test.rb @@ -20,8 +20,20 @@ require File.expand_path('../../../test_helper', __FILE__) class Redmine::ApiTest::JsonpTest < Redmine::ApiTest::Base fixtures :trackers + def test_should_ignore_jsonp_callback_with_jsonp_disabled + with_settings :jsonp_enabled => '0' do + get '/trackers.json?jsonp=handler' + end + + assert_response :success + assert_match %r{^\{"trackers":.+\}$}, response.body + assert_equal 'application/json; charset=utf-8', response.headers['Content-Type'] + end + def test_jsonp_should_accept_callback_param - get '/trackers.json?callback=handler' + with_settings :jsonp_enabled => '1' do + get '/trackers.json?callback=handler' + end assert_response :success assert_match %r{^handler\(\{"trackers":.+\}\)$}, response.body @@ -29,7 +41,9 @@ class Redmine::ApiTest::JsonpTest < Redmine::ApiTest::Base end def test_jsonp_should_accept_jsonp_param - get '/trackers.json?jsonp=handler' + with_settings :jsonp_enabled => '1' do + get '/trackers.json?jsonp=handler' + end assert_response :success assert_match %r{^handler\(\{"trackers":.+\}\)$}, response.body @@ -37,7 +51,9 @@ class Redmine::ApiTest::JsonpTest < Redmine::ApiTest::Base end def test_jsonp_should_strip_invalid_characters_from_callback - get '/trackers.json?callback=+-aA$1_' + with_settings :jsonp_enabled => '1' do + get '/trackers.json?callback=+-aA$1_' + end assert_response :success assert_match %r{^aA1_\(\{"trackers":.+\}\)$}, response.body @@ -45,7 +61,9 @@ class Redmine::ApiTest::JsonpTest < Redmine::ApiTest::Base end def test_jsonp_without_callback_should_return_json - get '/trackers.json?callback=' + with_settings :jsonp_enabled => '1' do + get '/trackers.json?callback=' + end assert_response :success assert_match %r{^\{"trackers":.+\}$}, response.body |