Merge branch 'bugfix/send-406-on-unsupported-format' into 'develop'

Bugfix/send 406 on unsupported format See merge request !5
author: azul <azul@riseup.net> 2016-08-19 10:40:37 +0000
committer: azul <azul@riseup.net> 2016-08-19 10:40:37 +0000
commit: 67302ca1986a66a6d278c34216ad33f4c65a018e (patch)
tree: d55e4c4dd3a6612e04e0fd40e736c8b6d4342762 /test/functional/api/sessions_controller_test.rb
parent: 44910c0909f28791fe6725fa76301e5111ece3b4 (diff)
parent: fbad882075e745ab7afbe5f89c67544fb3c607c3 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/test/functional/api/sessions_controller_test.rb b/test/functional/api/sessions_controller_test.rb
index 03a1ef9..06a3c22 100644
--- a/test/functional/api/sessions_controller_test.rb
+++ b/test/functional/api/sessions_controller_test.rb
@@ -44,7 +44,8 @@ class Api::SessionsControllerTest < ApiControllerTest
 
     api_post :update, :id => @user.login, :client_auth => @client_hex
 
-    assert_nil session[:handshake]
+    assert_nil session[:handshake],
+      'session should be cleared to prevent session fixation attacks'
     assert_response :success
     assert json_response.keys.include?("id")
     assert json_response.keys.include?("token")
author	azul <azul@riseup.net>	2016-08-19 10:40:37 +0000
committer	azul <azul@riseup.net>	2016-08-19 10:40:37 +0000
commit	67302ca1986a66a6d278c34216ad33f4c65a018e (patch)
tree	d55e4c4dd3a6612e04e0fd40e736c8b6d4342762 /test/functional/api/sessions_controller_test.rb
parent	44910c0909f28791fe6725fa76301e5111ece3b4 (diff)
parent	fbad882075e745ab7afbe5f89c67544fb3c607c3 (diff)