X-Git-Url: https://git.openstreetmap.org./rails.git/blobdiff_plain/dc2a2c8ebd1a11e4a64555fda22c6859a51defff..c3ad6aa2923c03aeeea0b57033b0a9238d262aa2:/test/controllers/node_controller_test.rb diff --git a/test/controllers/node_controller_test.rb b/test/controllers/node_controller_test.rb index 5ea1dd5a4..0cfc2267c 100644 --- a/test/controllers/node_controller_test.rb +++ b/test/controllers/node_controller_test.rb @@ -466,8 +466,8 @@ class NodeControllerTest < ActionController::TestCase # try and put something into a string that the API might # use unquoted and therefore allow code injection... content "" + - '' + - "" + '' + + "" put :create assert_require_public_data "Shouldn't be able to create with non-public user" @@ -478,8 +478,8 @@ class NodeControllerTest < ActionController::TestCase # try and put something into a string that the API might # use unquoted and therefore allow code injection... content "" + - '' + - "" + '' + + "" put :create assert_response :success nodeid = @response.body @@ -499,14 +499,6 @@ class NodeControllerTest < ActionController::TestCase assert apinode.tags.include?("\#{@user.inspect}") end - def basic_authorization(user, pass) - @request.env["HTTP_AUTHORIZATION"] = "Basic %s" % Base64.encode64("#{user}:#{pass}") - end - - def content(c) - @request.env["RAW_POST_DATA"] = c.to_s - end - ## # update the changeset_id of a node element def update_changeset(xml, changeset_id)