个人中心
gpt4 book ai didi

ruby-on-rails - 如何使用 minitest 测试 ssl 是否强制执行?

转载 作者:太空宇宙 更新时间:2023-11-03 13:39:01 24 4
gpt4 key购买 nike

我最初的天真方法给了我一堆误导性错误,说路由不存在但确实存在。

camdennarzt@SECUR-T:~/Developer/Ruby/m2 [master L|✚ 1] $ rake test test/integration/application_test.rb
Run options: --seed 55863

# Running:

EEEEEEEEE

Fabulous run in 0.224684s, 44.5070 runs/s, 8.9014 assertions/s.

  1) Error:
ApplicationTest#test_enforces_ssl_for_SubscriptionsController#new_path:
ActionController::UrlGenerationError: No route matches {:action=>"new", :controller=>"SubscriptionsController"}
    test/integration/application_test.rb:16:in `block (3 levels) in <class:ApplicationTest>'


  2) Error:
ApplicationTest#test_enforces_ssl_for_WelcomeController#index_path:
ActionController::UrlGenerationError: No route matches {:action=>"index", :controller=>"WelcomeController"}
    test/integration/application_test.rb:16:in `block (3 levels) in <class:ApplicationTest>'


  3) Error:
ApplicationTest#test_enforces_ssl_for_SubscriptionsController#update_path:
ActionController::UrlGenerationError: No route matches {:action=>"update", :controller=>"SubscriptionsController"}
    test/integration/application_test.rb:16:in `block (3 levels) in <class:ApplicationTest>'


  4) Error:
ApplicationTest#test_enforces_ssl_for_SubscriptionsController#confirm_path:
ActionController::UrlGenerationError: No route matches {:action=>"confirm", :controller=>"SubscriptionsController"}
    test/integration/application_test.rb:16:in `block (3 levels) in <class:ApplicationTest>'


  5) Error:
ApplicationTest#test_enforces_ssl_for_SubscriptionsController#destroy_path:
ActionController::UrlGenerationError: No route matches {:action=>"destroy", :controller=>"SubscriptionsController"}
    test/integration/application_test.rb:16:in `block (3 levels) in <class:ApplicationTest>'


  6) Error:
ApplicationTest#test_enforces_ssl_for_SubscriptionsController#index_path:
ActionController::UrlGenerationError: No route matches {:action=>"index", :controller=>"SubscriptionsController"}
    test/integration/application_test.rb:16:in `block (3 levels) in <class:ApplicationTest>'


  7) Error:
ApplicationTest#test_enforces_ssl_for_SubscriptionsController#show_path:
ActionController::UrlGenerationError: No route matches {:action=>"show", :controller=>"SubscriptionsController"}
    test/integration/application_test.rb:16:in `block (3 levels) in <class:ApplicationTest>'


  8) Error:
ApplicationTest#test_enforces_ssl_for_SubscriptionsController#edit_path:
ActionController::UrlGenerationError: No route matches {:action=>"edit", :controller=>"SubscriptionsController"}
    test/integration/application_test.rb:16:in `block (3 levels) in <class:ApplicationTest>'


  9) Error:
ApplicationTest#test_enforces_ssl_for_SubscriptionsController#create_path:
ActionController::UrlGenerationError: No route matches {:action=>"create", :controller=>"SubscriptionsController"}
    test/integration/application_test.rb:16:in `block (3 levels) in <class:ApplicationTest>'

9 runs, 0 assertions, 0 failures, 9 errors, 0 skips

camdennarzt@SECUR-T:~/Developer/Ruby/m2 [master L|✚ 1] $ rake routes
                     Prefix Verb   URI Pattern                            Controller#Action
              subscriptions GET    /subscriptions(.:format)               subscriptions#index
                            POST   /subscriptions(.:format)               subscriptions#create
           new_subscription GET    /subscriptions/new(.:format)           subscriptions#new
          edit_subscription GET    /subscriptions/:id/edit(.:format)      subscriptions#edit
               subscription GET    /subscriptions/:id(.:format)           subscriptions#show
                            PATCH  /subscriptions/:id(.:format)           subscriptions#update
                            PUT    /subscriptions/:id(.:format)           subscriptions#update
                            DELETE /subscriptions/:id(.:format)           subscriptions#destroy
       confirm_subscription GET    /subscriptions/confirm/:id(.:format)   subscriptions#confirm
           new_user_session GET    /users/sign_in(.:format)               devise/sessions#new
               user_session POST   /users/sign_in(.:format)               devise/sessions#create
       destroy_user_session DELETE /users/sign_out(.:format)              devise/sessions#destroy
              user_password POST   /users/password(.:format)              devise/passwords#create
          new_user_password GET    /users/password/new(.:format)          devise/passwords#new
         edit_user_password GET    /users/password/edit(.:format)         devise/passwords#edit
                            PATCH  /users/password(.:format)              devise/passwords#update
                            PUT    /users/password(.:format)              devise/passwords#update
   cancel_user_registration GET    /users/cancel(.:format)                devise/registrations#cancel
          user_registration POST   /users(.:format)                       devise/registrations#create
      new_user_registration GET    /users/sign_up(.:format)               devise/registrations#new
     edit_user_registration GET    /users/edit(.:format)                  devise/registrations#edit
                            PATCH  /users(.:format)                       devise/registrations#update
                            PUT    /users(.:format)                       devise/registrations#update
                            DELETE /users(.:format)                       devise/registrations#destroy
          user_confirmation POST   /users/confirmation(.:format)          devise/confirmations#create
      new_user_confirmation GET    /users/confirmation/new(.:format)      devise/confirmations#new
                            GET    /users/confirmation(.:format)          devise/confirmations#show
                user_unlock POST   /users/unlock(.:format)                devise/unlocks#create
            new_user_unlock GET    /users/unlock/new(.:format)            devise/unlocks#new
                            GET    /users/unlock(.:format)                devise/unlocks#show
                       root GET    /                                      welcome#index
             metahealthzone GET    /metahealthzone(.:format)              welcome#metahealthzone
                 contact_us GET    /contact_us(.:format)                  welcome#contact_us
              customer_care GET    /customer-care(.:format)               customer_care/welcome#customer_care
customer_care_metabolistics GET    /customer-care/metabolistics(.:format) customer_care/welcome#metabolistics
     customer_care_glossary GET    /customer-care/glossary(.:format)      customer_care/welcome#glossary
     customer_care_research GET    /customer-care/research(.:format)      customer_care/welcome#research
                       info GET    /info(.:format)                        info/welcome#info
              info_patients GET    /info/patients(.:format)               info/welcome#patients
         info_professionals GET    /info/professionals(.:format)          info/welcome#professionals
          info_distributors GET    /info/distributors(.:format)           info/welcome#distributors

我的测试实现:

require 'test_helper'

class ApplicationTest < ActionDispatch::IntegrationTest
  Rails.application.eager_load!
  ApplicationController.descendants.each do |c|
    c.action_methods.each do |a|
      test "enforces ssl for #{c}\##{a} path" do
        get url_for(controller: c, action: a)
        assert_response :success
        assert https?, 'not https'
        assert_empty response.body.split('"').select {|e| e.include? 'http:'}
      end
    end
  end
end

我该如何解决这个问题,以便 a) 它运行,并且 b) 它测试 ssl 是否已强制执行。 (我知道使用带 https! 的 ssl 发出测试请求,但我想看到 http 调用以 https 或重定向响应)

最佳答案

我认为,您可以将其用作测试主体:

# http request
get url_for(controller: c, action: a)
refute https?, 'is https!'
assert_response :redirect
assert_equal request.url.gsub("http://","https://"), response.headers['Location']

follow_redirect!
assert https?, 'not https'

关于ruby-on-rails - 如何使用 minitest 测试 ssl 是否强制执行?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/30929485/

24 4 0
文章推荐: java - Java Servlet 中的 SSL 握手 (HttpsURLConnection)
文章推荐: c# - 使用枚举列表作为委托(delegate)方法
文章推荐: python - uWSGI + Django + Python : no module named uwsgi
文章推荐: c# - LINQ 查询(按项目组分组)
太空宇宙
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com