From d03b8179f536788fc9f3730657dab9e1c7e954bb Mon Sep 17 00:00:00 2001
From: Benjamin Fleischer <github@benjaminfleischer.com>
Date: Mon, 14 Dec 2015 21:36:52 -0600
Subject: [PATCH] Adjust test for Rails versions that address CVE-2014-4671

Compare
https://github.com/rails/rails/blob/3-2-stable/actionpack/lib/action_controller/metal/renderers.rb#L94
to
https://github.com/rails/rails/blob/4-0-stable/actionpack/lib/action_controller/metal/renderers.rb#L97
---
 test/serialization_test.rb | 10 +++++++---
 test/serializer_test.rb    |  3 +--
 test/test_fakes.rb         |  2 +-
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/test/serialization_test.rb b/test/serialization_test.rb
index 121e7fd8..1465585d 100644
--- a/test/serialization_test.rb
+++ b/test/serialization_test.rb
@@ -242,9 +242,13 @@ class RenderJsonTest < ActionController::TestCase
 
   def test_render_json_with_callback
     get :render_json_hello_world_with_callback
-    assert_equal '/**/alert({"hello":"world"})', @response.body
-    # For JSONP, Rails 3 uses application/json, but Rails 4 uses text/javascript
-    assert_match %r(application/json|text/javascript), @response.content_type.to_s
+    if Rails::VERSION::MAJOR == 3
+      assert_equal 'alert({"hello":"world"})', @response.body
+      assert_match %r(application/json), @response.content_type.to_s
+    else
+      assert_equal '/**/alert({"hello":"world"})', @response.body
+      assert_match %r(text/javascript), @response.content_type.to_s
+    end
   end
 
   def test_render_json_with_custom_content_type
diff --git a/test/serializer_test.rb b/test/serializer_test.rb
index 27de686b..7e3e5aff 100644
--- a/test/serializer_test.rb
+++ b/test/serializer_test.rb
@@ -1363,7 +1363,6 @@ class SerializerTest < ActiveModel::TestCase
   def test_inheritance_does_not_used_cached_attributes
     parent = Class.new(ActiveModel::Serializer) do
       attributes :title
-      alias :read_attribute_for_serialization :send
     end
 
     child = Class.new(parent) do
@@ -1371,8 +1370,8 @@ class SerializerTest < ActiveModel::TestCase
     end
 
     data_class = Class.new do
+      include ActiveModel::Serializers::JSON
       attr_accessor :title, :body
-      alias :read_attribute_for_serialization :send
     end
 
     item = data_class.new
diff --git a/test/test_fakes.rb b/test/test_fakes.rb
index 98228ef8..366790e0 100644
--- a/test/test_fakes.rb
+++ b/test/test_fakes.rb
@@ -199,7 +199,7 @@ class SomeSerializer < ActiveModel::Serializer
 end
 
 class SomeObject < Struct.new(:some)
-  alias :read_attribute_for_serialization :send
+  include ActiveModel::Serializers::JSON
 end
 
 # Set up some classes for polymorphic testing