From 43bd77a1ad43d7cb24117bf3973f841221fd2c6e Mon Sep 17 00:00:00 2001 From: Seb Bacon Date: Thu, 12 Jan 2012 07:47:16 +0000 Subject: Return 403 when attachment "folders" are spidered. Fixes #340 --- spec/integration/errors_spec.rb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'spec/integration/errors_spec.rb') diff --git a/spec/integration/errors_spec.rb b/spec/integration/errors_spec.rb index bfb7e5fb5..f8f9162c1 100644 --- a/spec/integration/errors_spec.rb +++ b/spec/integration/errors_spec.rb @@ -45,5 +45,9 @@ describe "When rendering errors" do get("/request/#{ir.url_title}") response.code.should == "500" end + it "should render a 403 for attempts at directory listing for attachments" do + get("/request/5/response/4/attach/html/3/" ) + response.code.should == "403" + end end -- cgit v1.2.3 From f158e9c96d2af74c940a8d775799fcb9755d0b12 Mon Sep 17 00:00:00 2001 From: Seb Bacon Date: Thu, 12 Jan 2012 08:05:57 +0000 Subject: Return 404 for non-existent 'details' pages. Fixes #325 --- spec/integration/errors_spec.rb | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'spec/integration/errors_spec.rb') diff --git a/spec/integration/errors_spec.rb b/spec/integration/errors_spec.rb index f8f9162c1..8084bb35a 100644 --- a/spec/integration/errors_spec.rb +++ b/spec/integration/errors_spec.rb @@ -49,5 +49,9 @@ describe "When rendering errors" do get("/request/5/response/4/attach/html/3/" ) response.code.should == "403" end + it "should render a 404 for non-existent 'details' pages for requests" do + get("/details/request/wobble" ) + response.code.should == "404" + end end -- cgit v1.2.3