From c578f8c3ed0ca23b03ccde146cb13cfaf24f17cd Mon Sep 17 00:00:00 2001
From: Misko Hevery
Date: Thu, 10 Mar 2011 13:50:00 -0800
Subject: Added XSRF prevention logic to $xhr service

---
 test/service/xhrSpec.js | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'test/service')

diff --git a/test/service/xhrSpec.js b/test/service/xhrSpec.js
index 66dbe94d..39bc1c66 100644
--- a/test/service/xhrSpec.js
+++ b/test/service/xhrSpec.js
@@ -101,4 +101,21 @@ describe('$xhr', function() {
 
     expect(response).toEqual([1, 'abc', {foo:'bar'}]);
   });
+
+  describe('xsrf', function(){
+    it('should copy the XSRF cookie into a XSRF Header', function(){
+      var code, response;
+      $browserXhr
+        .expectPOST('URL', 'DATA', {'X-XSRF-TOKEN': 'secret'})
+        .respond(234, 'OK');
+      $browser.cookies('XSRF-TOKEN', 'secret');
+      $xhr('POST', 'URL', 'DATA', function(c, r){
+        code = c;
+        response = r;
+      });
+      $browserXhr.flush();
+      expect(code).toEqual(234);
+      expect(response).toEqual('OK');
+    });
+  });
 });
-- 
cgit v1.2.3