From 43bd77a1ad43d7cb24117bf3973f841221fd2c6e Mon Sep 17 00:00:00 2001 From: Seb Bacon Date: Thu, 12 Jan 2012 07:47:16 +0000 Subject: Return 403 when attachment "folders" are spidered. Fixes #340 --- spec/integration/errors_spec.rb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'spec/integration/errors_spec.rb') diff --git a/spec/integration/errors_spec.rb b/spec/integration/errors_spec.rb index bfb7e5fb5..f8f9162c1 100644 --- a/spec/integration/errors_spec.rb +++ b/spec/integration/errors_spec.rb @@ -45,5 +45,9 @@ describe "When rendering errors" do get("/request/#{ir.url_title}") response.code.should == "500" end + it "should render a 403 for attempts at directory listing for attachments" do + get("/request/5/response/4/attach/html/3/" ) + response.code.should == "403" + end end -- cgit v1.2.3