summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAymeric Augustin <aymeric.augustin@m4x.org>2012-03-31 12:26:46 +0000
committerAymeric Augustin <aymeric.augustin@m4x.org>2012-03-31 12:26:46 +0000
commitdec21a1d4b37238d1f036e83bcd0a3e7eddc33c2 (patch)
treeb017670ff12680da8ba2ef6f056a874132181acd
parentc7229c681e648ea810e907784855eb91d47a7bfb (diff)
Removed deprecated and undocumented function django.contrib.formtools.utils.security_hash().
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17841 bcc190cf-cafb-0310-a4f2-bffc1f526a37
-rw-r--r--django/contrib/formtools/tests/__init__.py33
-rw-r--r--django/contrib/formtools/utils.py34
2 files changed, 0 insertions, 67 deletions
diff --git a/django/contrib/formtools/tests/__init__.py b/django/contrib/formtools/tests/__init__.py
index 25a55a41b9..604797f01c 100644
--- a/django/contrib/formtools/tests/__init__.py
+++ b/django/contrib/formtools/tests/__init__.py
@@ -172,39 +172,6 @@ class PreviewTests(FormToolsTestCase):
self.assertNotEqual(response.content, success_string)
-class SecurityHashTests(unittest.TestCase):
- def setUp(self):
- self._warnings_state = get_warnings_state()
- warnings.filterwarnings('ignore', category=DeprecationWarning,
- module='django.contrib.formtools.utils')
-
- def tearDown(self):
- restore_warnings_state(self._warnings_state)
-
- def test_textfield_hash(self):
- """
- Regression test for #10034: the hash generation function should ignore
- leading/trailing whitespace so as to be friendly to broken browsers that
- submit it (usually in textareas).
- """
- f1 = HashTestForm({'name': 'joe', 'bio': 'Nothing notable.'})
- f2 = HashTestForm({'name': ' joe', 'bio': 'Nothing notable. '})
- hash1 = utils.security_hash(None, f1)
- hash2 = utils.security_hash(None, f2)
- self.assertEqual(hash1, hash2)
-
- def test_empty_permitted(self):
- """
- Regression test for #10643: the security hash should allow forms with
- empty_permitted = True, or forms where data has not changed.
- """
- f1 = HashTestBlankForm({})
- f2 = HashTestForm({}, empty_permitted=True)
- hash1 = utils.security_hash(None, f1)
- hash2 = utils.security_hash(None, f2)
- self.assertEqual(hash1, hash2)
-
-
class FormHmacTests(unittest.TestCase):
"""
Same as SecurityHashTests, but with form_hmac
diff --git a/django/contrib/formtools/utils.py b/django/contrib/formtools/utils.py
index 3c0f7dba7f..572a0969ee 100644
--- a/django/contrib/formtools/utils.py
+++ b/django/contrib/formtools/utils.py
@@ -3,43 +3,9 @@ try:
except ImportError:
import pickle
-import hashlib
-from django.conf import settings
from django.utils.crypto import salted_hmac
-def security_hash(request, form, *args):
- """
- Calculates a security hash for the given Form instance.
-
- This creates a list of the form field names/values in a deterministic
- order, pickles the result with the SECRET_KEY setting, then takes an md5
- hash of that.
- """
- import warnings
- warnings.warn("security_hash is deprecated; use form_hmac instead",
- DeprecationWarning)
- data = []
- for bf in form:
- # Get the value from the form data. If the form allows empty or hasn't
- # changed then don't call clean() to avoid trigger validation errors.
- if form.empty_permitted and not form.has_changed():
- value = bf.data or ''
- else:
- value = bf.field.clean(bf.data) or ''
- if isinstance(value, basestring):
- value = value.strip()
- data.append((bf.name, value))
-
- data.extend(args)
- data.append(settings.SECRET_KEY)
-
- # Use HIGHEST_PROTOCOL because it's the most efficient.
- pickled = pickle.dumps(data, pickle.HIGHEST_PROTOCOL)
-
- return hashlib.md5(pickled).hexdigest()
-
-
def form_hmac(form):
"""
Calculates a security hash for the given Form instance.