From 3affd6ab3d29bf2e86c9d4b00733499d060af20c Mon Sep 17 00:00:00 2001
From: Seb Bacon <seb.bacon@gmail.com>
Date: Tue, 17 Jan 2012 13:31:22 +0000
Subject: Don't allow directory listings (better fix for and closes #340).

---
 spec/integration/errors_spec.rb | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

(limited to 'spec/integration/errors_spec.rb')

diff --git a/spec/integration/errors_spec.rb b/spec/integration/errors_spec.rb
index 705c1fff8..d03323445 100644
--- a/spec/integration/errors_spec.rb
+++ b/spec/integration/errors_spec.rb
@@ -46,10 +46,13 @@ describe "When rendering errors" do
         response.code.should == "500"
     end
     it "should render a 403 for attempts at directory listing for attachments" do
-        get("/request/5/response/4/attach/html/3/" )
-        response.code.should == "403"
-        get("/request/5/response/4/attach/html" )
+        # make a fake cache
+        foi_cache_path = File.join(File.dirname(__FILE__), '../../cache')
+        FileUtils.mkdir_p(File.join(foi_cache_path, "views/en/request/101/101/response/1/attach/html/1"))
+        get("/request/101/response/1/attach/html/1/" )
         response.code.should == "403"
+        get("/request/101/response/1/attach/html" )
+        response.code.should == "403" 
     end
     it "should render a 404 for non-existent 'details' pages for requests" do
         get("/details/request/wobble" )
-- 
cgit v1.2.3