summaryrefslogtreecommitdiff
path: root/test/functional/api
diff options
context:
space:
mode:
Diffstat (limited to 'test/functional/api')
-rw-r--r--test/functional/api/certs_controller_test.rb6
-rw-r--r--test/functional/api/sessions_controller_test.rb3
2 files changed, 8 insertions, 1 deletions
diff --git a/test/functional/api/certs_controller_test.rb b/test/functional/api/certs_controller_test.rb
index f23b4c8..25ceb8e 100644
--- a/test/functional/api/certs_controller_test.rb
+++ b/test/functional/api/certs_controller_test.rb
@@ -57,4 +57,10 @@ class Api::CertsControllerTest < ApiControllerTest
returns(cert)
return cert
end
+
+ # overwrite defaults from ApiController because we don't do json here.
+ def add_api_defaults(args)
+ add_defaults args, version: '2'
+ end
+
end
diff --git a/test/functional/api/sessions_controller_test.rb b/test/functional/api/sessions_controller_test.rb
index 03a1ef9..06a3c22 100644
--- a/test/functional/api/sessions_controller_test.rb
+++ b/test/functional/api/sessions_controller_test.rb
@@ -44,7 +44,8 @@ class Api::SessionsControllerTest < ApiControllerTest
api_post :update, :id => @user.login, :client_auth => @client_hex
- assert_nil session[:handshake]
+ assert_nil session[:handshake],
+ 'session should be cleared to prevent session fixation attacks'
assert_response :success
assert json_response.keys.include?("id")
assert json_response.keys.include?("token")