diff options
author | Z.J. van de Weg <git@zjvandeweg.nl> | 2016-11-18 14:08:30 +0300 |
---|---|---|
committer | Z.J. van de Weg <git@zjvandeweg.nl> | 2016-11-18 14:30:32 +0300 |
commit | dd826a5f20837f33263c658e41a4def0fc932069 (patch) | |
tree | 0b5a37b5a5f9c12bfef330e5286a165eae90fe2f /spec/requests | |
parent | f749fb7fe0574d07eeb38561b9af62754e518281 (diff) |
Return a consistent not found message
This prevents leakage of project names on an endpoint which is
unauthenticated and thus open to the world.
Diffstat (limited to 'spec/requests')
-rw-r--r-- | spec/requests/api/services_spec.rb | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/spec/requests/api/services_spec.rb b/spec/requests/api/services_spec.rb index 765d662e52b..782d76db318 100644 --- a/spec/requests/api/services_spec.rb +++ b/spec/requests/api/services_spec.rb @@ -95,9 +95,10 @@ describe API::API, api: true do context 'no service is available' do it 'returns a not found message' do - post api("/projects/#{project.id}/services/mattermost_command/trigger") + post api("/projects/#{project.id}/services/idonotexist/trigger") expect(response).to have_http_status(404) + expect(json_response["message"]).to eq("404 Service Not Found") end end @@ -139,7 +140,7 @@ describe API::API, api: true do post api("/projects/404/services/mattermost_command/trigger"), params expect(response).to have_http_status(404) - expect(json_response["message"]).to eq '404 Not Found' + expect(json_response["message"]).to eq("404 Service Not Found") end end end |