Re: [Rails] protect_from_forgery error not manifesting in test environment

Ruby on Rails Monday, January 29, 2018

Hi,

On Mon, Jan 29, 2018, at 23:51, Rob Jonson wrote:
>
> however - what concerns me is that the bug triggered an exception in
> production which was not caught in test.
>
> steps to trigger the bug are
>
> 1) create an account
> 2) log out
> 3) sign in
>
> I test this explicitly in an rspec capybara test using chrome with
> javascript enabled.
> In the test, I don't get the exception.
>
> can anyone explain why?
>

There's this setting (in "config/environments/test.rb" for test env):

config.action_controller.allow_forgery_protection = false (default for test env)

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/1517240485.2766764.1251921520.14898AB0%40webmail.messagingengine.com.
For more options, visit https://groups.google.com/d/optout.

Posted by Ruby on Rails at 7:41 AM

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)