diff options
| author | Claude Paroz <claude@2xlibre.net> | 2012-10-29 17:26:10 +0100 |
|---|---|---|
| committer | Claude Paroz <claude@2xlibre.net> | 2012-10-29 17:29:28 +0100 |
| commit | 8c556a32f232ef9e9a3581d7129bd15d4f495d9f (patch) | |
| tree | 1e8b0c7cdf9f9d872f232b56f09ea4e1c0c26ccd | |
| parent | d7d7ad2881b66d2c6be45ab0b055f492d3b589e9 (diff) | |
[1.5.x] Fixed #19172 -- Isolated poisoned_http_host tests from 500 handlers
Thanks bernardofontes for the report.
Backport of b774c5993 from master.
| -rw-r--r-- | django/contrib/auth/tests/views.py | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/django/contrib/auth/tests/views.py b/django/contrib/auth/tests/views.py index bb17576d31..b97d4a7cdf 100644 --- a/django/contrib/auth/tests/views.py +++ b/django/contrib/auth/tests/views.py @@ -115,6 +115,8 @@ class PasswordResetTest(AuthViewsTestCase): self.assertTrue("http://adminsite.com" in mail.outbox[0].body) self.assertEqual(settings.DEFAULT_FROM_EMAIL, mail.outbox[0].from_email) + # Skip any 500 handler action (like sending more mail...) + @override_settings(DEBUG_PROPAGATE_EXCEPTIONS=True) def test_poisoned_http_host(self): "Poisoned HTTP_HOST headers can't be used for reset emails" # This attack is based on the way browsers handle URLs. The colon @@ -131,6 +133,8 @@ class PasswordResetTest(AuthViewsTestCase): ) self.assertEqual(len(mail.outbox), 0) + # Skip any 500 handler action (like sending more mail...) + @override_settings(DEBUG_PROPAGATE_EXCEPTIONS=True) def test_poisoned_http_host_admin_site(self): "Poisoned HTTP_HOST headers can't be used for reset emails on admin views" with self.assertRaises(SuspiciousOperation): |
