trying to fix the broken specs. still doesn't pass but it may be due to changes in capybara

spec/support/capybara_shared.rb

@@ -40,7 +40,9 @@ def login(user)
     fill_in 'email', :with => user.email
     fill_in 'password', :with => user.clear_password
   end
-  click_on 'Login'
+  within('.actions') do
+    click_on 'Login'
+  end
 end
 
 ##Hack to fix PhantomJS errors on Mavericks - https://gist.github.com/ericboehs/7125105

spec/vulnerabilities/broken_auth_spec.rb

@@ -12,7 +12,9 @@ feature 'broken_auth' do
       fill_in 'email', :with => @normal_user.email + 'not'
       fill_in 'password', :with => @normal_user.clear_password
     end
-    click_on 'Login'
+    within('.actions') do
+      click_on 'Login'
+    end
     pending(:if => verifying_fixed?) { find('div#flash_notice').text.should == "#{@normal_user.email}not doesn't exist!" }
   end
 
@@ -22,7 +24,9 @@ feature 'broken_auth' do
       fill_in 'email', :with => @normal_user.email
       fill_in 'password', :with => @normal_user.clear_password + 'not'
     end
-    click_on 'Login'
+    within('.actions') do
+      click_on 'Login'
+    end
     pending(:if => verifying_fixed?) { find('div#flash_notice').text.should == 'Incorrect Password!' }
   end
 end

spec/vulnerabilities/unvalidated_redirects_spec.rb

@@ -12,8 +12,9 @@ feature 'unvalidated redirect' do
       fill_in 'email', :with => @normal_user.email
       fill_in 'password', :with => @normal_user.clear_password
     end
-    click_on 'Login'
+    within('.actions') do
-
+      click_on 'Login'
+    end
     pending(:if => verifying_fixed?) { current_url.should == 'http://example.com/do/evil/things' }
   end
 end