summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAzul <azul@riseup.net>2017-03-21 10:19:08 +0100
committerAzul <azul@riseup.net>2017-03-21 10:31:16 +0100
commit47c945b101a01bf438024ede594b3a039c4eca66 (patch)
treef2eae1401adccf77cb244d0b642f7ee66f3d1a46
parent3fd52ccca46310c32ecfabb69b41630cb41dca7e (diff)
fix: 404 on key request with non html content-type
-rw-r--r--app/controllers/keys_controller.rb7
-rw-r--r--config/routes.rb4
-rw-r--r--test/functional/keys_controller_test.rb12
3 files changed, 14 insertions, 9 deletions
diff --git a/app/controllers/keys_controller.rb b/app/controllers/keys_controller.rb
index fb28901..dbb5d96 100644
--- a/app/controllers/keys_controller.rb
+++ b/app/controllers/keys_controller.rb
@@ -3,15 +3,16 @@ class KeysController < ApplicationController
#
# Render the user's key as plain text, without a layout.
#
- # We will show blank page if user doesn't have key (which shouldn't generally occur)
- # and a 404 error if user doesn't exist
+ # 404 error if user doesn't exist
+ #
+ # blank result if user doesn't have key (which shouldn't generally occur)
#
def show
user = User.find_by_login(params[:login])
if user
render text: user.public_key, content_type: 'text/text'
else
- raise ActionController::RoutingError.new('Not Found')
+ head 404
end
end
diff --git a/config/routes.rb b/config/routes.rb
index de328db..d3d2cec 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -61,6 +61,8 @@ LeapWeb::Application.routes.draw do
get "/.well-known/host-meta" => 'webfinger#host_meta'
get "/webfinger" => 'webfinger#search'
- get "/key/:login" => 'keys#show', :constraints => { :login => /[^\/]+/ }
+ get "/key/:login" => 'keys#show',
+ :constraints => { :login => /[^\/]+/ },
+ :defaults => { :format => :text }
end
diff --git a/test/functional/keys_controller_test.rb b/test/functional/keys_controller_test.rb
index f5e2691..1d437e7 100644
--- a/test/functional/keys_controller_test.rb
+++ b/test/functional/keys_controller_test.rb
@@ -3,7 +3,10 @@ require 'test_helper'
class KeysControllerTest < ActionController::TestCase
test "get key for username with dot" do
- assert_recognizes({controller: 'keys', action: 'show', login: 'username.with.dot'}, 'key/username.with.dot')
+ assert_routing 'key/username.with.dot', controller: 'keys',
+ action: 'show',
+ login: 'username.with.dot',
+ format: :text
end
test "get existing public key" do
@@ -27,10 +30,9 @@ class KeysControllerTest < ActionController::TestCase
end
test "get public key for non-existing user" do
- # raise 404 error if user doesn't exist (doesn't need to be this routing error, but seems fine to assume for now):
- assert_raise(ActionController::RoutingError) {
- get :show, :login => 'asdkljslksjfdlskfj'
- }
+ # raise 404 error if user doesn't exist
+ get :show, :login => 'asdkljslksjfdlskfj'
+ assert_response :not_found
end
end