mirror of
https://github.com/tenrok/axios.git
synced 2026-06-11 18:02:32 +03:00
Adding xsrf protection
This commit is contained in:
Matt Zabriskie
@@ -39,7 +39,9 @@ describe('axios', function () {
|
||||
});
|
||||
|
||||
it('should default common headers', function () {
|
||||
axios();
|
||||
axios({
|
||||
url: '/foo'
|
||||
});
|
||||
|
||||
var request = jasmine.Ajax.requests.mostRecent();
|
||||
var headers = axios.defaults.headers.common;
|
||||
@@ -52,7 +54,12 @@ describe('axios', function () {
|
||||
|
||||
it('should add extra headers for post', function () {
|
||||
axios({
|
||||
method: 'post'
|
||||
method: 'post',
|
||||
url: '/foo',
|
||||
data: {
|
||||
firstName: 'foo',
|
||||
lastName: 'bar'
|
||||
}
|
||||
});
|
||||
|
||||
var request = jasmine.Ajax.requests.mostRecent();
|
||||
@@ -63,6 +70,16 @@ describe('axios', function () {
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
it('should remove content-type if data is empty', function () {
|
||||
axios({
|
||||
method: 'post',
|
||||
url: '/foo'
|
||||
});
|
||||
|
||||
var request = jasmine.Ajax.requests.mostRecent();
|
||||
expect(request.requestHeaders['content-type']).toEqual(undefined);
|
||||
});
|
||||
});
|
||||
|
||||
describe('options', function () {
|
||||
@@ -71,7 +88,9 @@ describe('axios', function () {
|
||||
});
|
||||
|
||||
it('should default method to get', function () {
|
||||
axios();
|
||||
axios({
|
||||
url: '/foo'
|
||||
});
|
||||
|
||||
var request = jasmine.Ajax.requests.mostRecent();
|
||||
expect(request.method).toBe('get');
|
||||
@@ -79,6 +98,7 @@ describe('axios', function () {
|
||||
|
||||
it('should accept headers', function () {
|
||||
axios({
|
||||
url: '/foo',
|
||||
headers: {
|
||||
'X-Requested-With': 'XMLHttpRequest'
|
||||
}
|
||||
@@ -103,6 +123,7 @@ describe('axios', function () {
|
||||
|
||||
it('should allow overriding default headers', function () {
|
||||
axios({
|
||||
url: '/foo',
|
||||
headers: {
|
||||
'Accept': 'foo/bar'
|
||||
}
|
||||
@@ -112,4 +133,29 @@ describe('axios', function () {
|
||||
expect(request.requestHeaders['Accept']).toEqual('foo/bar');
|
||||
});
|
||||
});
|
||||
|
||||
describe('xsrf', function () {
|
||||
afterEach(function () {
|
||||
document.cookie = axios.defaults.xsrfCookieName + '=;expires=' + new Date(Date.now() - 86400000).toGMTString();
|
||||
});
|
||||
|
||||
it('should not set xsrf header if cookie is null', function () {
|
||||
axios({
|
||||
url: '/foo'
|
||||
});
|
||||
|
||||
var request = jasmine.Ajax.requests.mostRecent();
|
||||
expect(request.requestHeaders[axios.defaults.xsrfHeaderName]).toEqual(undefined);
|
||||
});
|
||||
|
||||
it('should set xsrf header if cookie is set', function () {
|
||||
document.cookie = axios.defaults.xsrfCookieName + '=12345';
|
||||
axios({
|
||||
url: '/foo'
|
||||
});
|
||||
|
||||
var request = jasmine.Ajax.requests.mostRecent();
|
||||
expect(request.requestHeaders[axios.defaults.xsrfHeaderName]).toEqual('12345');
|
||||
});
|
||||
});
|
||||
});
|
||||
@@ -7,6 +7,18 @@ module.exports = {
|
||||
test.done();
|
||||
},
|
||||
|
||||
testIsString: function (test) {
|
||||
test.equals(utils.isString(''), true);
|
||||
test.equals(utils.isString({toString: function () { return ''; }}), false);
|
||||
test.done();
|
||||
},
|
||||
|
||||
testIsNumber: function (test) {
|
||||
test.equals(utils.isNumber(123), true);
|
||||
test.equals(utils.isNumber('123'), false);
|
||||
test.done();
|
||||
},
|
||||
|
||||
testIsObject: function (test) {
|
||||
test.equals(utils.isObject({}), true);
|
||||
test.equals(utils.isObject(null), false);
|
||||
|
||||
Reference in New Issue
Block a user