Discourse/discourse
Discourse/discourse
0
0
Fork 0
mirror of https://gh.wpcy.net/https://github.com/discourse/discourse.git synced 2026-05-07 10:56:41 +08:00
Code Packages Activity Actions
discourse/spec/integration/discourse_cookie_store_spec.rb
Loïc Guitaut 2d4320895e DEV: Debug cookie overflows 
This patch logs what’s in the cookie when there is an overflow, as it
happens sometimes during auth workflows. This should help us better
understand what’s happening.
2025-09-01 09:38:52 +02:00

36 lines
1.1 KiB
Ruby
Raw Permalink Blame History

# frozen_string_literal: true
describe ActionDispatch::Session::DiscourseCookieStore, type: :request do
it "only writes session cookie when changed" do
get "/session/csrf.json"
expect(response.status).to eq(200)
expect(response.cookies["_forum_session"]).to be_present
csrf_token = session[:_csrf_token]
expect(csrf_token).to be_present
get "/session/csrf.json"
expect(response.status).to eq(200)
expect(response.cookies["_forum_session"]).not_to be_present
expect(session[:_csrf_token]).to eq(csrf_token)
end
describe "Cookie overflow" do
context "when cookie size exceeds limit" do
let(:fake_logger) { FakeLogger.new }
before do
Rails.logger.broadcast_to(fake_logger)
allow_any_instance_of(ActionController::RequestForgeryProtection).to receive(
:generate_csrf_token,
).and_return(SecureRandom.urlsafe_base64(4097))
end
after { Rails.logger.stop_broadcasting_to(fake_logger) }
it "logs an error" do
get "/session/csrf.json"
expect(fake_logger.errors).to include(/Cookie overflow occurred.*"_csrf_token"=>/)
end
end
end
end
View git blame Copy permalink