github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-25 00:32:52 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: CSRF vulnerabilities in Admin::BackupsController.

Browse Source
This commit is contained in:
Guo Xiang Tan
2017-03-23 10:29:35 +08:00
parent 11ce73b8ed
commit 3ef82bb32c
4 changed files with 49 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
spec/controllers/admin/backups_controller_spec.rb
View File

@ -75,18 +75,6 @@ describe Admin::BackupsController do
end
describe ".cancel" do
it "cancels an export" do
BackupRestore.expects(:cancel!)
xhr :delete, :cancel
expect(response).to be_success
end
end
describe ".show" do
it "uses send_file to transmit the backup" do
@ -212,18 +200,6 @@ describe Admin::BackupsController do
end
describe ".rollback" do
it "rolls back to previous working state" do
BackupRestore.expects(:rollback!)
xhr :get, :rollback
expect(response).to be_success
end
end
describe ".readonly" do
it "enables readonly mode" do