测试 Rails 中防止伪造的控制器方法
我正在尝试测试我的应用程序中的方法,但我不知道如何对受伪造保护的方法进行单元测试,请看一下:
def index
@alumnos = Alumno.paginate :per_page => 20,
:page => params[:page], :order => :nombre
respond_to do |format|
format.html # index.html.erb
format.xml { render :xml => @alumnos }
end
end
在index.html.erb中我有这一行:
<%= javascript_tag "window._token = '#{form_authenticity_token}'" %>
所以,当我尝试用功能测试来测试它时,似乎会话没有导致测试失败的秘密工作,有人有测试这种方法的经验吗?
I'm trying to test a method I have in my application, but I don't know how to unit test a method that is being protected from forgery, take a look at this:
def index
@alumnos = Alumno.paginate :per_page => 20,
:page => params[:page], :order => :nombre
respond_to do |format|
format.html # index.html.erb
format.xml { render :xml => @alumnos }
end
end
In the index.html.erb I have this line:
<%= javascript_tag "window._token = '#{form_authenticity_token}'" %>
So, when I try to test it with a functional test, it seems that the session doesn't have the secret work which will cause the test to fail, does anyone have experience testing this methods?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这是一个解决方案(或解决方法):
在你的controllers/application.rb中
Here is one solution (or a workaround) :
in your controllers/application.rb