mirror of
https://github.com/django/django.git
synced 2025-10-24 14:16:09 +00:00
[5.2.x] Fixed #36179 -- Unhexed entries and removed duplicates in auth/common-passwords.txt.gz.
Backport of 727731d76d
from main.
This commit is contained in:
Binary file not shown.
@@ -222,7 +222,7 @@ class CommonPasswordValidator:
|
|||||||
|
|
||||||
The password is rejected if it occurs in a provided list of passwords,
|
The password is rejected if it occurs in a provided list of passwords,
|
||||||
which may be gzipped. The list Django ships with contains 20000 common
|
which may be gzipped. The list Django ships with contains 20000 common
|
||||||
passwords (lowercased and deduplicated), created by Royce Williams:
|
passwords (unhexed, lowercased and deduplicated), created by Royce Williams:
|
||||||
https://gist.github.com/roycewilliams/226886fd01572964e1431ac8afc999ce
|
https://gist.github.com/roycewilliams/226886fd01572964e1431ac8afc999ce
|
||||||
The password list must be lowercased to match the comparison in validate().
|
The password list must be lowercased to match the comparison in validate().
|
||||||
"""
|
"""
|
||||||
|
@@ -273,6 +273,15 @@ class CommonPasswordValidatorTest(SimpleTestCase):
|
|||||||
CommonPasswordValidator().validate("godzilla")
|
CommonPasswordValidator().validate("godzilla")
|
||||||
self.assertEqual(cm.exception.messages, [expected_error])
|
self.assertEqual(cm.exception.messages, [expected_error])
|
||||||
|
|
||||||
|
def test_common_hexed_codes(self):
|
||||||
|
expected_error = "This password is too common."
|
||||||
|
common_hexed_passwords = ["asdfjkl:", "ठ:"]
|
||||||
|
for password in common_hexed_passwords:
|
||||||
|
with self.subTest(password=password):
|
||||||
|
with self.assertRaises(ValidationError) as cm:
|
||||||
|
CommonPasswordValidator().validate(password)
|
||||||
|
self.assertEqual(cm.exception.messages, [expected_error])
|
||||||
|
|
||||||
def test_validate_custom_list(self):
|
def test_validate_custom_list(self):
|
||||||
path = os.path.join(
|
path = os.path.join(
|
||||||
os.path.dirname(os.path.realpath(__file__)), "common-passwords-custom.txt"
|
os.path.dirname(os.path.realpath(__file__)), "common-passwords-custom.txt"
|
||||||
|
Reference in New Issue
Block a user