diff options
| author | Sam McCall | 2013-02-05 13:37:36 +0100 |
|---|---|---|
| committer | Igor Minar | 2013-02-07 01:48:01 -0800 |
| commit | 8155c3a29ea0eb14806913b8ac08ba7727e1969c (patch) | |
| tree | 165bd3c4038eb02c2dd5c1eed8fe6eaebe3da270 /test/ng/httpSpec.js | |
| parent | b001c8ece5472626bf49cf82753e8ac1aafd2513 (diff) | |
| download | angular.js-8155c3a29ea0eb14806913b8ac08ba7727e1969c.tar.bz2 | |
feat($http): allow overriding the XSRF header and cookie name
Add 'xsrfCookieName' and 'xsrfHeaderName' property to $httpProvider.defaults and
http config object, which give the name of the cookie the XSRF token is found
in, and the name of the header it is sent in, respectively.
This allows interop with servers with built-in XSRF support that use different
names.
The defaults match the current hard-coded values of 'XSRF-TOKEN' and
'X-XSRF-TOKEN'.
Diffstat (limited to 'test/ng/httpSpec.js')
| -rw-r--r-- | test/ng/httpSpec.js | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/test/ng/httpSpec.js b/test/ng/httpSpec.js index 1473ab1c..3b4905f9 100644 --- a/test/ng/httpSpec.js +++ b/test/ng/httpSpec.js @@ -453,22 +453,27 @@ describe('$http', function() { it('should set the XSRF cookie into a XSRF header', inject(function($browser) { - function checkXSRF(secret) { + function checkXSRF(secret, header) { return function(headers) { - return headers['X-XSRF-TOKEN'] == secret; + return headers[header || 'X-XSRF-TOKEN'] == secret; }; } $browser.cookies('XSRF-TOKEN', 'secret'); + $browser.cookies('aCookie', 'secret2'); $httpBackend.expect('GET', '/url', undefined, checkXSRF('secret')).respond(''); $httpBackend.expect('POST', '/url', undefined, checkXSRF('secret')).respond(''); $httpBackend.expect('PUT', '/url', undefined, checkXSRF('secret')).respond(''); $httpBackend.expect('DELETE', '/url', undefined, checkXSRF('secret')).respond(''); + $httpBackend.expect('GET', '/url', undefined, checkXSRF('secret', 'aHeader')).respond(''); + $httpBackend.expect('GET', '/url', undefined, checkXSRF('secret2')).respond(''); $http({url: '/url', method: 'GET'}); $http({url: '/url', method: 'POST', headers: {'S-ome': 'Header'}}); $http({url: '/url', method: 'PUT', headers: {'Another': 'Header'}}); $http({url: '/url', method: 'DELETE', headers: {}}); + $http({url: '/url', method: 'GET', xsrfHeaderName: 'aHeader'}) + $http({url: '/url', method: 'GET', xsrfCookieName: 'aCookie'}) $httpBackend.flush(); })); |