Post by Peter Cooper on June 18th, 2006

How to force and test POST vs GET methods for dangerous actions in Rails

Specify Rails Response Type via the URL
Test Driven RJS with “ARTS: Another RJS Testing System”
Write functional tests in Rails using CSS selectors

View All Jobs | Post a Job

Permanent Link | book mark How to force and test POST vs GET methods for dangerous actions in Rails in del.icio.us

Click here to add on del.icio.us | No Comments - Leave One Now!

mly from caboo.se looks at how to quickly protect certain controller actions from GET requests in Rails, and presents a couple of useful test helpers to make testing for POST vs GET compliance simple. His code lets you then do a simple test like so:

def test_update__with_get
  assert_method_not_allowed(:update, {:good => :post, :bad => :get})
end

This test ensures that 'update' will only accept a POST request and not a GET.

This entry was posted on Sunday, June 18th, 2006 at 1:31 pm and is filed under Elsewhere, Ruby on Rails. Responses are currently closed, but you can trackback from your own site.