diff options
| -rw-r--r-- | config/application.rb | 2 | ||||
| -rw-r--r-- | spec/integration/cookie_stripping_spec.rb | 12 |
2 files changed, 13 insertions, 1 deletions
diff --git a/config/application.rb b/config/application.rb index 92fd30685..ad5d4b03f 100644 --- a/config/application.rb +++ b/config/application.rb @@ -70,6 +70,6 @@ module Alaveteli # Insert a bit of middleware code to prevent uneeded cookie setting. require "#{Rails.root}/lib/whatdotheyknow/strip_empty_sessions" - config.middleware.insert_before ActionDispatch::Session::CookieStore, WhatDoTheyKnow::StripEmptySessions, :key => '_wdtk_cookie_session', :path => "/", :httponly => true + config.middleware.insert_before ::ActionDispatch::Cookies, WhatDoTheyKnow::StripEmptySessions, :key => '_wdtk_cookie_session', :path => "/", :httponly => true end end diff --git a/spec/integration/cookie_stripping_spec.rb b/spec/integration/cookie_stripping_spec.rb new file mode 100644 index 000000000..897899fd5 --- /dev/null +++ b/spec/integration/cookie_stripping_spec.rb @@ -0,0 +1,12 @@ +require File.expand_path(File.dirname(__FILE__) + '/../spec_helper') +require File.expand_path(File.dirname(__FILE__) + '/alaveteli_dsl') + +describe 'when making stripping cookies' do + + it 'should not set a cookie when no significant session data is set' do + get 'country_message' + response.headers['Set-Cookie'].should be_blank + end + +end + |