mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-23 18:29:12 +00:00
Code Issues 32 Releases Wiki Activity

[2.0.x] Split django.utils.http tests into separate test classes.

Browse Source 
Backport of 0e212a705e6b2e49a246b16286036c40ec2ac4f8 from master
This commit is contained in:
François Freitag 2017-10-05 11:20:23 -07:00 committed by Tim Graham
parent dc112bf530
commit 2a55063dcc
1 changed files with 122 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

214
tests/utils_tests/test_http.py
View File

@ -1,79 +1,91 @@
import unittest import unittest
from datetime import datetime from datetime import datetime
from django.test import ignore_warnings from django.test import SimpleTestCase, ignore_warnings
from django.utils import http from django.utils import http
from django.utils.datastructures import MultiValueDict from django.utils.datastructures import MultiValueDict
from django.utils.deprecation import RemovedInDjango21Warning from django.utils.deprecation import RemovedInDjango21Warning
from django.utils.http import (
base36_to_int, cookie_date, http_date, int_to_base36, is_safe_url,
is_same_domain, parse_etags, parse_http_date, quote_etag, urlencode,
urlquote, urlquote_plus, urlsafe_base64_decode, urlsafe_base64_encode,
urlunquote, urlunquote_plus,
)
class TestUtilsHttp(unittest.TestCase): class URLEncodeTests(unittest.TestCase):
def test_tuples(self):
self.assertEqual(urlencode((('a', 1), ('b', 2), ('c', 3))), 'a=1&b=2&c=3')
def test_urlencode(self): def test_dict(self):
# 2-tuples (the norm) result = urlencode({'a': 1, 'b': 2, 'c': 3})
result = http.urlencode((('a', 1), ('b', 2), ('c', 3))) # Dictionaries are treated as unordered.
self.assertEqual(result, 'a=1&b=2&c=3') self.assertIn(result, [
# A dictionary
result = http.urlencode({'a': 1, 'b': 2, 'c': 3})
acceptable_results = [
# Need to allow all of these as dictionaries have to be treated as
# unordered
'a=1&b=2&c=3', 'a=1&b=2&c=3',
'a=1&c=3&b=2', 'a=1&c=3&b=2',
'b=2&a=1&c=3', 'b=2&a=1&c=3',
'b=2&c=3&a=1', 'b=2&c=3&a=1',
'c=3&a=1&b=2', 'c=3&a=1&b=2',
'c=3&b=2&a=1' 'c=3&b=2&a=1',
] ])
self.assertIn(result, acceptable_results)
result = http.urlencode({'a': [1, 2]}, doseq=False)
self.assertEqual(result, 'a=%5B%271%27%2C+%272%27%5D')
result = http.urlencode({'a': [1, 2]}, doseq=True)
self.assertEqual(result, 'a=1&a=2')
result = http.urlencode({'a': []}, doseq=True)
self.assertEqual(result, '')
# A MultiValueDict def test_dict_containing_sequence_not_doseq(self):
result = http.urlencode(MultiValueDict({ self.assertEqual(urlencode({'a': [1, 2]}, doseq=False), 'a=%5B%271%27%2C+%272%27%5D')
def test_dict_containing_sequence_doseq(self):
self.assertEqual(urlencode({'a': [1, 2]}, doseq=True), 'a=1&a=2')
def test_dict_containing_empty_sequence_doseq(self):
self.assertEqual(urlencode({'a': []}, doseq=True), '')
def test_multivaluedict(self):
result = urlencode(MultiValueDict({
'name': ['Adrian', 'Simon'], 'name': ['Adrian', 'Simon'],
'position': ['Developer'] 'position': ['Developer'],
}), doseq=True) }), doseq=True)
acceptable_results = [ # MultiValueDicts are similarly unordered.
# MultiValueDicts are similarly unordered self.assertIn(result, [
'name=Adrian&name=Simon&position=Developer', 'name=Adrian&name=Simon&position=Developer',
'position=Developer&name=Adrian&name=Simon' 'position=Developer&name=Adrian&name=Simon',
] ])
self.assertIn(result, acceptable_results)
def test_base36(self):
# reciprocity works class Base36IntTests(SimpleTestCase):
def test_roundtrip(self):
for n in [0, 1, 1000, 1000000]: for n in [0, 1, 1000, 1000000]:
self.assertEqual(n, http.base36_to_int(http.int_to_base36(n))) self.assertEqual(n, base36_to_int(int_to_base36(n)))
# bad input def test_negative_input(self):
with self.assertRaises(ValueError): with self.assertRaisesMessage(ValueError, 'Negative base36 conversion input.'):
http.int_to_base36(-1) int_to_base36(-1)
def test_to_base36_errors(self):
for n in ['1', 'foo', {1: 2}, (1, 2, 3), 3.141]: for n in ['1', 'foo', {1: 2}, (1, 2, 3), 3.141]:
with self.assertRaises(TypeError): with self.assertRaises(TypeError):
http.int_to_base36(n) int_to_base36(n)
def test_invalid_literal(self):
for n in ['#', ' ']: for n in ['#', ' ']:
with self.assertRaises(ValueError): with self.assertRaisesMessage(ValueError, "invalid literal for int() with base 36: '%s'" % n):
http.base36_to_int(n) base36_to_int(n)
with self.assertRaises(ValueError) as cm:
http.base36_to_int('1' * 14) def test_input_too_large(self):
self.assertEqual('Base36 input too large', str(cm.exception)) with self.assertRaisesMessage(ValueError, 'Base36 input too large'):
base36_to_int('1' * 14)
def test_to_int_errors(self):
for n in [123, {1: 2}, (1, 2, 3), 3.141]: for n in [123, {1: 2}, (1, 2, 3), 3.141]:
with self.assertRaises(TypeError): with self.assertRaises(TypeError):
http.base36_to_int(n) base36_to_int(n)
# more explicit output testing def test_values(self):
for n, b36 in [(0, '0'), (1, '1'), (42, '16'), (818469960, 'django')]: for n, b36 in [(0, '0'), (1, '1'), (42, '16'), (818469960, 'django')]:
self.assertEqual(http.int_to_base36(n), b36) self.assertEqual(int_to_base36(n), b36)
self.assertEqual(http.base36_to_int(b36), n) self.assertEqual(base36_to_int(b36), n)
def test_is_safe_url(self):
class IsSafeURLTests(unittest.TestCase):
def test_bad_urls(self):
bad_urls = ( bad_urls = (
'http://example.com', 'http://example.com',
'http:///example.com', 'http:///example.com',
@ -107,13 +119,12 @@ class TestUtilsHttp(unittest.TestCase):
'http://2001:cdba:0000:0000:0000:0000:3257:9652]/', 'http://2001:cdba:0000:0000:0000:0000:3257:9652]/',
) )
for bad_url in bad_urls: for bad_url in bad_urls:
with self.subTest(url=bad_url):
with ignore_warnings(category=RemovedInDjango21Warning): with ignore_warnings(category=RemovedInDjango21Warning):
self.assertFalse(http.is_safe_url(bad_url, host='testserver'), "%s should be blocked" % bad_url) self.assertIs(http.is_safe_url(bad_url, host='testserver'), False)
self.assertFalse( self.assertIs(is_safe_url(bad_url, allowed_hosts={'testserver', 'testserver2'}), False)
http.is_safe_url(bad_url, allowed_hosts={'testserver', 'testserver2'}),
"%s should be blocked" % bad_url,
)
def test_good_urls(self):
good_urls = ( good_urls = (
'/view/?param=http://example.com', '/view/?param=http://example.com',
'/view/?param=https://example.com', '/view/?param=https://example.com',
@ -127,55 +138,70 @@ class TestUtilsHttp(unittest.TestCase):
'path/http:2222222222', 'path/http:2222222222',
) )
for good_url in good_urls: for good_url in good_urls:
with self.subTest(url=good_url):
with ignore_warnings(category=RemovedInDjango21Warning): with ignore_warnings(category=RemovedInDjango21Warning):
self.assertTrue(http.is_safe_url(good_url, host='testserver'), "%s should be allowed" % good_url) self.assertIs(http.is_safe_url(good_url, host='testserver'), True)
self.assertTrue( self.assertIs(is_safe_url(good_url, allowed_hosts={'otherserver', 'testserver'}), True)
http.is_safe_url(good_url, allowed_hosts={'otherserver', 'testserver'}),
"%s should be allowed" % good_url,
)
def test_basic_auth(self):
# Valid basic auth credentials are allowed. # Valid basic auth credentials are allowed.
self.assertTrue(http.is_safe_url(r'http://user:pass@testserver/', allowed_hosts={'user:pass@testserver'})) self.assertIs(is_safe_url(r'http://user:pass@testserver/', allowed_hosts={'user:pass@testserver'}), True)
# A path without host is allowed.
self.assertTrue(http.is_safe_url('/confirm/me@example.com'))
# Basic auth without host is not allowed.
self.assertFalse(http.is_safe_url(r'http://testserver\@example.com'))
def test_is_safe_url_secure_param_https_urls(self): def test_no_allowed_hosts(self):
# A path without host is allowed.
self.assertIs(is_safe_url('/confirm/me@example.com'), True)
# Basic auth without host is not allowed.
self.assertIs(is_safe_url(r'http://testserver\@example.com'), False)
def test_secure_param_https_urls(self):
secure_urls = ( secure_urls = (
'https://example.com/p', 'https://example.com/p',
'HTTPS://example.com/p', 'HTTPS://example.com/p',
'/view/?param=http://example.com', '/view/?param=http://example.com',
) )
for url in secure_urls: for url in secure_urls:
self.assertTrue(http.is_safe_url(url, allowed_hosts={'example.com'}, require_https=True)) with self.subTest(url=url):
self.assertIs(is_safe_url(url, allowed_hosts={'example.com'}, require_https=True), True)
def test_is_safe_url_secure_param_non_https_urls(self): def test_secure_param_non_https_urls(self):
not_secure_urls = ( insecure_urls = (
'http://example.com/p', 'http://example.com/p',
'ftp://example.com/p', 'ftp://example.com/p',
'//example.com/p', '//example.com/p',
) )
for url in not_secure_urls: for url in insecure_urls:
self.assertFalse(http.is_safe_url(url, allowed_hosts={'example.com'}, require_https=True)) with self.subTest(url=url):
self.assertIs(is_safe_url(url, allowed_hosts={'example.com'}, require_https=True), False)
def test_urlsafe_base64_roundtrip(self):
class URLSafeBase64Tests(unittest.TestCase):
def test_roundtrip(self):
bytestring = b'foo' bytestring = b'foo'
encoded = http.urlsafe_base64_encode(bytestring) encoded = urlsafe_base64_encode(bytestring)
decoded = http.urlsafe_base64_decode(encoded) decoded = urlsafe_base64_decode(encoded)
self.assertEqual(bytestring, decoded) self.assertEqual(bytestring, decoded)
def test_urlquote(self):
self.assertEqual(http.urlquote('Paris & Orl\xe9ans'), 'Paris%20%26%20Orl%C3%A9ans')
self.assertEqual(http.urlquote('Paris & Orl\xe9ans', safe="&"), 'Paris%20&%20Orl%C3%A9ans')
self.assertEqual(http.urlunquote('Paris%20%26%20Orl%C3%A9ans'), 'Paris & Orl\xe9ans')
self.assertEqual(http.urlunquote('Paris%20&%20Orl%C3%A9ans'), 'Paris & Orl\xe9ans')
self.assertEqual(http.urlquote_plus('Paris & Orl\xe9ans'), 'Paris+%26+Orl%C3%A9ans')
self.assertEqual(http.urlquote_plus('Paris & Orl\xe9ans', safe="&"), 'Paris+&+Orl%C3%A9ans')
self.assertEqual(http.urlunquote_plus('Paris+%26+Orl%C3%A9ans'), 'Paris & Orl\xe9ans')
self.assertEqual(http.urlunquote_plus('Paris+&+Orl%C3%A9ans'), 'Paris & Orl\xe9ans')
def test_is_same_domain_good(self): class URLQuoteTests(unittest.TestCase):
def test_quote(self):
self.assertEqual(urlquote('Paris & Orl\xe9ans'), 'Paris%20%26%20Orl%C3%A9ans')
self.assertEqual(urlquote('Paris & Orl\xe9ans', safe="&"), 'Paris%20&%20Orl%C3%A9ans')
def test_unquote(self):
self.assertEqual(urlunquote('Paris%20%26%20Orl%C3%A9ans'), 'Paris & Orl\xe9ans')
self.assertEqual(urlunquote('Paris%20&%20Orl%C3%A9ans'), 'Paris & Orl\xe9ans')
def test_quote_plus(self):
self.assertEqual(urlquote_plus('Paris & Orl\xe9ans'), 'Paris+%26+Orl%C3%A9ans')
self.assertEqual(urlquote_plus('Paris & Orl\xe9ans', safe="&"), 'Paris+&+Orl%C3%A9ans')
def test_unquote_plus(self):
self.assertEqual(urlunquote_plus('Paris+%26+Orl%C3%A9ans'), 'Paris & Orl\xe9ans')
self.assertEqual(urlunquote_plus('Paris+&+Orl%C3%A9ans'), 'Paris & Orl\xe9ans')
class IsSameDomainTests(unittest.TestCase):
def test_good(self):
for pair in ( for pair in (
('example.com', 'example.com'), ('example.com', 'example.com'),
('example.com', '.example.com'), ('example.com', '.example.com'),
@ -184,51 +210,51 @@ class TestUtilsHttp(unittest.TestCase):
('example.com:8888', '.example.com:8888'), ('example.com:8888', '.example.com:8888'),
('foo.example.com:8888', '.example.com:8888'), ('foo.example.com:8888', '.example.com:8888'),
): ):
self.assertTrue(http.is_same_domain(*pair)) self.assertIs(is_same_domain(*pair), True)
def test_is_same_domain_bad(self): def test_bad(self):
for pair in ( for pair in (
('example2.com', 'example.com'), ('example2.com', 'example.com'),
('foo.example.com', 'example.com'), ('foo.example.com', 'example.com'),
('example.com:9999', 'example.com:8888'), ('example.com:9999', 'example.com:8888'),
): ):
self.assertFalse(http.is_same_domain(*pair)) self.assertIs(is_same_domain(*pair), False)
class ETagProcessingTests(unittest.TestCase): class ETagProcessingTests(unittest.TestCase):
def test_parsing(self): def test_parsing(self):
self.assertEqual( self.assertEqual(
http.parse_etags(r'"" , "etag", "e\\tag", W/"weak"'), parse_etags(r'"" , "etag", "e\\tag", W/"weak"'),
['""', '"etag"', r'"e\\tag"', 'W/"weak"'] ['""', '"etag"', r'"e\\tag"', 'W/"weak"']
) )
self.assertEqual(http.parse_etags('*'), ['*']) self.assertEqual(parse_etags('*'), ['*'])
# Ignore RFC 2616 ETags that are invalid according to RFC 7232. # Ignore RFC 2616 ETags that are invalid according to RFC 7232.
self.assertEqual(http.parse_etags(r'"etag", "e\"t\"ag"'), ['"etag"']) self.assertEqual(parse_etags(r'"etag", "e\"t\"ag"'), ['"etag"'])
def test_quoting(self): def test_quoting(self):
self.assertEqual(http.quote_etag('etag'), '"etag"') # unquoted self.assertEqual(quote_etag('etag'), '"etag"') # unquoted
self.assertEqual(http.quote_etag('"etag"'), '"etag"') # quoted self.assertEqual(quote_etag('"etag"'), '"etag"') # quoted
self.assertEqual(http.quote_etag('W/"etag"'), 'W/"etag"') # quoted, weak self.assertEqual(quote_etag('W/"etag"'), 'W/"etag"') # quoted, weak
class HttpDateProcessingTests(unittest.TestCase): class HttpDateProcessingTests(unittest.TestCase):
def test_http_date(self): def test_http_date(self):
t = 1167616461.0 t = 1167616461.0
self.assertEqual(http.http_date(t), 'Mon, 01 Jan 2007 01:54:21 GMT') self.assertEqual(http_date(t), 'Mon, 01 Jan 2007 01:54:21 GMT')
def test_cookie_date(self): def test_cookie_date(self):
t = 1167616461.0 t = 1167616461.0
self.assertEqual(http.cookie_date(t), 'Mon, 01-Jan-2007 01:54:21 GMT') self.assertEqual(cookie_date(t), 'Mon, 01-Jan-2007 01:54:21 GMT')
def test_parsing_rfc1123(self): def test_parsing_rfc1123(self):
parsed = http.parse_http_date('Sun, 06 Nov 1994 08:49:37 GMT') parsed = parse_http_date('Sun, 06 Nov 1994 08:49:37 GMT')
self.assertEqual(datetime.utcfromtimestamp(parsed), datetime(1994, 11, 6, 8, 49, 37)) self.assertEqual(datetime.utcfromtimestamp(parsed), datetime(1994, 11, 6, 8, 49, 37))
def test_parsing_rfc850(self): def test_parsing_rfc850(self):
parsed = http.parse_http_date('Sunday, 06-Nov-94 08:49:37 GMT') parsed = parse_http_date('Sunday, 06-Nov-94 08:49:37 GMT')
self.assertEqual(datetime.utcfromtimestamp(parsed), datetime(1994, 11, 6, 8, 49, 37)) self.assertEqual(datetime.utcfromtimestamp(parsed), datetime(1994, 11, 6, 8, 49, 37))
def test_parsing_asctime(self): def test_parsing_asctime(self):
parsed = http.parse_http_date('Sun Nov 6 08:49:37 1994') parsed = parse_http_date('Sun Nov 6 08:49:37 1994')
self.assertEqual(datetime.utcfromtimestamp(parsed), datetime(1994, 11, 6, 8, 49, 37)) self.assertEqual(datetime.utcfromtimestamp(parsed), datetime(1994, 11, 6, 8, 49, 37))