From 45f25290e2e4a1f33ec5d3df6ecfb40300318ece Mon Sep 17 00:00:00 2001
From: Louise Crow <louise.crow@gmail.com>
Date: Fri, 31 Oct 2014 15:16:05 +0000
Subject: Use rack-utf8_sanitizer gem

This sanitises non utf-8 params before they're processed by Rails.
---
 spec/integration/errors_spec.rb | 14 ++++++--------
 1 file changed, 6 insertions(+), 8 deletions(-)

(limited to 'spec/integration/errors_spec.rb')

diff --git a/spec/integration/errors_spec.rb b/spec/integration/errors_spec.rb
index 4fa12fb21..b36e08b2b 100644
--- a/spec/integration/errors_spec.rb
+++ b/spec/integration/errors_spec.rb
@@ -62,14 +62,12 @@ describe "When errors occur" do
            response.body.should match(%Q(invalid value for Integer))
         end
 
-        # it 'should handle non utf-8 parameters' do
-        #     pending 'until we sanitize non utf-8 parameters for Ruby >= 1.9' do
-        #         get ('/%d3')
-        #         response.should render_template('general/exception_caught')
-        #         response.code.should == '404'
-        #         response.body.should match("Sorry, we couldn't find that page")
-        #     end
-        # end
+        it 'should handle non utf-8 parameters' do
+            get ('/%d3')
+            response.should render_template('general/exception_caught')
+            response.code.should == '404'
+            response.body.should match("Sorry, we couldn't find that page")
+        end
 
 
         it "should render a 500 for general errors using the general/exception_caught template" do
-- 
cgit v1.2.3


From 9f5f602fbb38a32619dad93464c1ab263b1a66d7 Mon Sep 17 00:00:00 2001
From: Louise Crow <louise.crow@gmail.com>
Date: Tue, 18 Nov 2014 16:21:47 +0000
Subject: Don't display specific error messages in production.

---
 spec/integration/errors_spec.rb | 3 ---
 1 file changed, 3 deletions(-)

(limited to 'spec/integration/errors_spec.rb')

diff --git a/spec/integration/errors_spec.rb b/spec/integration/errors_spec.rb
index 4fa12fb21..532576bb9 100644
--- a/spec/integration/errors_spec.rb
+++ b/spec/integration/errors_spec.rb
@@ -59,7 +59,6 @@ describe "When errors occur" do
            response.should render_template('general/exception_caught')
            response.code.should == '404'
            response.body.should match("Sorry, we couldn't find that page")
-           response.body.should match(%Q(invalid value for Integer))
         end
 
         # it 'should handle non utf-8 parameters' do
@@ -76,7 +75,6 @@ describe "When errors occur" do
             InfoRequest.stub!(:find_by_url_title!).and_raise("An example error")
             get("/request/example")
             response.should render_template('general/exception_caught')
-            response.body.should match('An example error')
             response.code.should == "500"
         end
 
@@ -111,7 +109,6 @@ describe "When errors occur" do
             get("/es/request/example")
             response.should render_template('general/exception_caught')
             response.body.should match('Lo sentimos, hubo un problema procesando esta página')
-            response.body.should match('An example error')
         end
 
         it "should render a 403 with text body for attempts at directory listing for attachments" do
-- 
cgit v1.2.3


From 12aca5dd819653e596f7c13e587e6e7967d6ded3 Mon Sep 17 00:00:00 2001
From: Louise Crow <louise.crow@gmail.com>
Date: Fri, 12 Dec 2014 14:06:51 +0000
Subject: Use RESTful routing for index and show actions

---
 spec/integration/errors_spec.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'spec/integration/errors_spec.rb')

diff --git a/spec/integration/errors_spec.rb b/spec/integration/errors_spec.rb
index 110626058..a28b34da6 100644
--- a/spec/integration/errors_spec.rb
+++ b/spec/integration/errors_spec.rb
@@ -131,7 +131,7 @@ describe "When errors occur" do
 
             it 'should show a full trace for general errors' do
                 InfoRequest.stub!(:find).and_raise("An example error")
-                get("/admin/request/show/333")
+                get("/admin/requests/333")
                 response.body.should have_selector('div[id=traces]')
                 response.body.should match('An example error')
             end
-- 
cgit v1.2.3


From e822e7091e7e0153a68094898847b0793e58dedd Mon Sep 17 00:00:00 2001
From: Louise Crow <louise.crow@gmail.com>
Date: Mon, 22 Dec 2014 11:38:49 +0000
Subject: Revert "Use rack-utf8_sanitizer gem"

This reverts commit 45f25290e2e4a1f33ec5d3df6ecfb40300318ece.

Use of the :ruby_20 platform requires bundler 1.3, which is not
available on all our supported OSes as a package. See
https://github.com/mysociety/alaveteli/issues/1276 for details.
---
 spec/integration/errors_spec.rb | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

(limited to 'spec/integration/errors_spec.rb')

diff --git a/spec/integration/errors_spec.rb b/spec/integration/errors_spec.rb
index a28b34da6..39f1279ce 100644
--- a/spec/integration/errors_spec.rb
+++ b/spec/integration/errors_spec.rb
@@ -61,12 +61,14 @@ describe "When errors occur" do
            response.body.should match("Sorry, we couldn't find that page")
         end
 
-        it 'should handle non utf-8 parameters' do
-            get ('/%d3')
-            response.should render_template('general/exception_caught')
-            response.code.should == '404'
-            response.body.should match("Sorry, we couldn't find that page")
-        end
+        # it 'should handle non utf-8 parameters' do
+        #     pending 'until we sanitize non utf-8 parameters for Ruby >= 1.9' do
+        #         get ('/%d3')
+        #         response.should render_template('general/exception_caught')
+        #         response.code.should == '404'
+        #         response.body.should match("Sorry, we couldn't find that page")
+        #     end
+        # end
 
 
         it "should render a 500 for general errors using the general/exception_caught template" do
-- 
cgit v1.2.3