mirror of
https://github.com/django/django.git
synced 2025-06-05 11:39:13 +00:00
Refs #22804 -- Made an unsafe value of 'sep' in Signer an exception.
Per deprecation timeline.
This commit is contained in:
parent
9114fe8ada
commit
e6cfa08f2d
@ -40,13 +40,11 @@ import datetime
|
|||||||
import json
|
import json
|
||||||
import re
|
import re
|
||||||
import time
|
import time
|
||||||
import warnings
|
|
||||||
import zlib
|
import zlib
|
||||||
|
|
||||||
from django.conf import settings
|
from django.conf import settings
|
||||||
from django.utils import baseconv
|
from django.utils import baseconv
|
||||||
from django.utils.crypto import constant_time_compare, salted_hmac
|
from django.utils.crypto import constant_time_compare, salted_hmac
|
||||||
from django.utils.deprecation import RemovedInDjango110Warning
|
|
||||||
from django.utils.encoding import force_bytes, force_str, force_text
|
from django.utils.encoding import force_bytes, force_str, force_text
|
||||||
from django.utils.module_loading import import_string
|
from django.utils.module_loading import import_string
|
||||||
|
|
||||||
@ -158,8 +156,10 @@ class Signer(object):
|
|||||||
self.key = key or settings.SECRET_KEY
|
self.key = key or settings.SECRET_KEY
|
||||||
self.sep = force_str(sep)
|
self.sep = force_str(sep)
|
||||||
if _SEP_UNSAFE.match(self.sep):
|
if _SEP_UNSAFE.match(self.sep):
|
||||||
warnings.warn('Unsafe Signer separator: %r (cannot be empty or consist of only A-z0-9-_=)' % sep,
|
raise ValueError(
|
||||||
RemovedInDjango110Warning)
|
'Unsafe Signer separator: %r (cannot be empty or consist of '
|
||||||
|
'only A-z0-9-_=)' % sep,
|
||||||
|
)
|
||||||
self.salt = force_str(salt or
|
self.salt = force_str(salt or
|
||||||
'%s.%s' % (self.__class__.__module__, self.__class__.__name__))
|
'%s.%s' % (self.__class__.__module__, self.__class__.__name__))
|
||||||
|
|
||||||
|
@ -1,7 +1,6 @@
|
|||||||
from __future__ import unicode_literals
|
from __future__ import unicode_literals
|
||||||
|
|
||||||
import datetime
|
import datetime
|
||||||
import warnings
|
|
||||||
|
|
||||||
from django.core import signing
|
from django.core import signing
|
||||||
from django.test import SimpleTestCase
|
from django.test import SimpleTestCase
|
||||||
@ -121,14 +120,11 @@ class TestSigner(SimpleTestCase):
|
|||||||
|
|
||||||
def test_invalid_sep(self):
|
def test_invalid_sep(self):
|
||||||
"""should warn on invalid separator"""
|
"""should warn on invalid separator"""
|
||||||
|
msg = 'Unsafe Signer separator: %r (cannot be empty or consist of only A-z0-9-_=)'
|
||||||
separators = ['', '-', 'abc']
|
separators = ['', '-', 'abc']
|
||||||
for sep in separators:
|
for sep in separators:
|
||||||
with warnings.catch_warnings(record=True) as recorded:
|
with self.assertRaisesMessage(ValueError, msg % sep):
|
||||||
warnings.simplefilter('always')
|
|
||||||
signing.Signer(sep=sep)
|
signing.Signer(sep=sep)
|
||||||
self.assertEqual(len(recorded), 1)
|
|
||||||
msg = str(recorded[0].message)
|
|
||||||
self.assertTrue(msg.startswith('Unsafe Signer separator'))
|
|
||||||
|
|
||||||
|
|
||||||
class TestTimestampSigner(SimpleTestCase):
|
class TestTimestampSigner(SimpleTestCase):
|
||||||
|
Loading…
x
Reference in New Issue
Block a user