diff options
| author | Matthew Somerville <matthew@mysociety.org> | 2016-06-15 20:14:51 +0100 |
|---|---|---|
| committer | Matthew Somerville <matthew-github@dracos.co.uk> | 2016-07-06 12:58:57 +0100 |
| commit | 9d8ae07980bccd58e11acbc82e60b651ed20c181 (patch) | |
| tree | ccfa198d3ec4bc0a0d903b8c59d89efa32c3ccc7 /t/app/controller/photo.t | |
| parent | f0911da291b55801e69132a4d6f0a312089fdc18 (diff) | |
Improve CSRF tokens and add to more forms.
Diffstat (limited to 't/app/controller/photo.t')
| -rw-r--r-- | t/app/controller/photo.t | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/t/app/controller/photo.t b/t/app/controller/photo.t index 425e3c4df..4cec82c44 100644 --- a/t/app/controller/photo.t +++ b/t/app/controller/photo.t @@ -40,11 +40,15 @@ subtest "Check multiple upload worked" => sub { # submit the main form # can't post_ok as we lose the Content_Type header # (TODO rewrite with HTTP::Request::Common and request_ok) + $mech->get_ok('/report/new?lat=53.4031156&lon=-2.9840579'); + my ($csrf) = $mech->content =~ /name="token" value="([^"]*)"/; + $mech->post( '/report/new', Content_Type => 'form-data', Content => { submit_problem => 1, + token => $csrf, title => 'Test', lat => 53.4031156, lon => -2.9840579, # in Liverpool pc => 'L1 4LN', @@ -57,9 +61,6 @@ subtest "Check multiple upload worked" => sub { email => 'test@example.com', phone => '', category => 'Street lighting', - #password_sign_in => '', - #password_register => '', - #remember_me => undef, } ); ok $mech->success, 'Made request with multiple photo upload'; |