1 files changed, 69 insertions, 0 deletions
diff --git a/src/couch/test/eunit/couchdb_cookie_domain_tests.erl b/src/couch/test/eunit/couchdb_cookie_domain_tests.erl
new file mode 100755
index 000000000..e66ab31e6
--- /dev/null
+++ b/src/couch/test/eunit/couchdb_cookie_domain_tests.erl
@@ -0,0 +1,69 @@
+% Licensed under the Apache License, Version 2.0 (the "License"); you may not
+% use this file except in compliance with the License. You may obtain a copy of
+% the License at
+%
+%   http://www.apache.org/licenses/LICENSE-2.0
+%
+% Unless required by applicable law or agreed to in writing, software
+% distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+% WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+% License for the specific language governing permissions and limitations under
+% the License.
+
+-module(couchdb_cookie_domain_tests).
+
+-include_lib("couch/include/couch_eunit.hrl").
+-include_lib("couch/include/couch_db.hrl").
+
+-define(USER, "cookie_domain_test_admin").
+-define(PASS, "pass").
+
+setup() ->
+    Ctx = test_util:start_couch([chttpd]),
+    Hashed = couch_passwords:hash_admin_password(?PASS),
+    ok = config:set("admins", ?USER, ?b2l(Hashed), _Persist=false),
+    Addr = config:get("httpd", "bind_address", "127.0.0.1"),
+    Port = mochiweb_socket_server:get(chttpd, port),
+    Url = ?l2b(io_lib:format("http://~s:~b/_session", [Addr, Port])),
+    ContentType = [{"Content-Type", "application/json"}],
+    Payload = jiffy:encode({[{name, ?l2b(?USER)}, {password, ?l2b(?PASS)}]}),
+    {ok, ?b2l(Url), ContentType, ?b2l(Payload), Ctx}.
+
+teardown({ok, _, _, _, Ctx}) ->
+    ok = config:delete("admins", ?USER, _Persist=false),
+    test_util:stop_couch(Ctx).
+
+cookie_test_() ->
+    {
+        "Cookie domain tests",
+        {
+            setup,
+            fun setup/0,
+            fun teardown/1,
+            fun({ok, Url, ContentType, Payload, _}) ->
+                [
+                    should_set_cookie_domain(Url, ContentType, Payload),
+                    should_not_set_cookie_domain(Url, ContentType, Payload)
+                ]
+            end
+        }
+    }.
+
+should_set_cookie_domain(Url, ContentType, Payload) ->
+    ?_test(begin
+        ok = config:set("couch_httpd_auth", "cookie_domain",
+            "example.com", false),
+        {ok, Code, Headers, _} = test_request:post(Url, ContentType, Payload),
+        ?assertEqual(200, Code),
+        Cookie = proplists:get_value("Set-Cookie", Headers),
+        ?assert(string:str(Cookie, "; Domain=example.com") > 0)
+    end).
+
+should_not_set_cookie_domain(Url, ContentType, Payload) ->
+    ?_test(begin
+        ok = config:set("couch_httpd_auth", "cookie_domain", "", false),
+        {ok, Code, Headers, _} = test_request:post(Url, ContentType, Payload),
+        ?assertEqual(200, Code),
+        Cookie = proplists:get_value("Set-Cookie", Headers),
+        ?assertEqual(0, string:str(Cookie, "; Domain="))
+    end).