Fix #3539: Open redirect vulnerabilities.

2018-02-07 17:11:52 -06:00
parent 583520b97c
commit 84a0a89f4b
4 changed files with 29 additions and 17 deletions
--- a/test/functional/tags_controller_test.rb
+++ b/test/functional/tags_controller_test.rb
@@ -40,6 +40,14 @@ class TagsControllerTest < ActionController::TestCase
          assert_response :success
        end
      end
+
+      context "with blank search parameters" do
+        should "strip the blank parameters with a redirect" do
+          get :index, { search: { name: "touhou", category: "" } }
+
+          assert_redirected_to tags_path(search: { name: "touhou" })
+        end
+      end
    end

    context "autocomplete action" do