[rspec-users] [Cucumber] ssl requirement

Wincent Colaiuta win at wincent.com
Sun Feb 15 10:37:28 EST 2009


El 14/2/2009, a las 21:56, James Byrne <lists at ruby-forum.com> escribió:

> Wincent Colaiuta wrote:
>
>>   # always return false for tests
>>   return false if RAILS_ENV == 'test'
>>
>> I brand this as "hideous" because it commits the heinous crime of
>> dynamically modifying application behaviour only when execution  
>> within
>> the testing context is detected. Ugh.
>>
>> For the time being, though, looks like the only way to get my  
>> Cucumber
>> features working. At least until I find out a better way.
>>
>> Cheers,
>> Wincent
>
> I am reluctant to go forward on this because I have not yet dealt with
> this problem first hand.  However, I looked into this issue briefly in
> the past and it seemed to me that the behaviour you wish to test might
> be triggered by setting one or more of the following environment
> variables. Since you can set these outside your application code then
> this might satisfy your desire to avoid custom test code therein.
>
> It appears that either one of these is sufficient by itself:
>
> HTTPS = ?on?
> HTTP_X_FORWARDED_PROTO = ?https?
>
> I read somewhere that this one might prove necessary in addition to  
> the
> foregoing.
>
> HTTP_X_FORWARDED_SSL = ?on?
>
> As I wrote, I have not tested any of this.


I haven't (yet) tested it either, but from looking at the Rails source  
code it looks like you could be right. The "ssl?" method is defined in  
actionpack/lib/action_controller/request.rb as follows:

     # Is this an SSL request?
     def ssl?
       @env['HTTPS'] == 'on' || @env['HTTP_X_FORWARDED_PROTO'] ==  
'https'
     end

That's in ActionController::Request, which  
ActionController::TestRequest inherits from (see vendor/rails/ 
actionpack/lib/action_controller/test_process.rb). So you would think  
that setting the environment variable should indeed work.

Further snooping in the source (actionpack/lib/action_controller/ 
integration.rb) shows that while using integration tests, at least,  
you should also be able to do a "session.https!" to indicate that  
you're simulating an HTTPS request. So in Cucumber stories that should  
work too (I gather that Cucumber just wraps Rails' built-in  
integration testing).

[Goes off to test if this actually works...]

Ok, so I tried just sticking an "ENV['HTTPS'] = 'on'" in my spec/ 
spec_helper.rb file and re-running my spec suite. Looks like this is  
not enough in itself, as I got about 77 spec failures, all of them  
apparently caused by "ssl?" returning false and producing unwanted  
redirects.

It appears that setting ENV in spec/spec_helper.rb has no effect on  
the @env instance variable inside ActionController::AbstractRequest.  
Setting it "sooner" (ie. from the command line with "HTTPS=on rake  
spec") is evidently not the solution either. I'll need to pore over  
the labyrinthine source code a little more to figure out exactly how  
and where @env is getting set up.

Ok... had to dig a little bit outside of Rails, into the Rack gem  
installed on the system, to find out where @env is getting set up.  
Looks like it's getting passed in as a parameter to  
Rack::Request.initialize, but looks like it's not coming from the  
environment, and the backtrace I get is totally useless (only one  
frame in it!). So I guess I'm going to put further investigation on  
hold.

Cheers,
Wincent



More information about the rspec-users mailing list