summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorMalcolm Tredinnick <malcolm.tredinnick@gmail.com>2008-07-26 22:48:51 +0000
committerMalcolm Tredinnick <malcolm.tredinnick@gmail.com>2008-07-26 22:48:51 +0000
commit103d484807050c00d02641aa04670cea8d0e68a4 (patch)
treed108c735cee6847ac3b06fce3c6688cd37a011c2 /tests
parente29aece743df644cdaa7d8506c6491ac9c1db061 (diff)
Fixed #7658 -- Added some Windows-specific tempfile handling. The standard
stuff doesn't work with the way Django's file uploading code wants to operate. Patch from Mike Axiak. git-svn-id: http://code.djangoproject.com/svn/django/trunk@8096 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'tests')
-rw-r--r--tests/regressiontests/file_uploads/tests.py28
1 files changed, 14 insertions, 14 deletions
diff --git a/tests/regressiontests/file_uploads/tests.py b/tests/regressiontests/file_uploads/tests.py
index 601fc92688..aada1e1ff2 100644
--- a/tests/regressiontests/file_uploads/tests.py
+++ b/tests/regressiontests/file_uploads/tests.py
@@ -2,9 +2,9 @@ import os
import errno
import sha
import shutil
-import tempfile
import unittest
+from django.core.files import temp as tempfile
from django.core.files.uploadedfile import SimpleUploadedFile
from django.test import TestCase, client
from django.utils import simplejson
@@ -22,7 +22,7 @@ class FileUploadTests(TestCase):
def test_large_upload(self):
tdir = tempfile.gettempdir()
-
+
file1 = tempfile.NamedTemporaryFile(suffix=".file1", dir=tdir)
file1.write('a' * (2 ** 21))
file1.seek(0)
@@ -58,11 +58,11 @@ class FileUploadTests(TestCase):
pass
self.assertEqual(response.status_code, 200)
-
+
def test_dangerous_file_names(self):
"""Uploaded file names should be sanitized before ever reaching the view."""
# This test simulates possible directory traversal attacks by a
- # malicious uploader We have to do some monkeybusiness here to construct
+ # malicious uploader We have to do some monkeybusiness here to construct
# a malicious payload with an invalid file name (containing os.sep or
# os.pardir). This similar to what an attacker would need to do when
# trying such an attack.
@@ -79,7 +79,7 @@ class FileUploadTests(TestCase):
"..\\..\\hax0rd.txt", # Relative path, win-style.
"../..\\hax0rd.txt" # Relative path, mixed.
]
-
+
payload = []
for i, name in enumerate(scary_file_names):
payload.extend([
@@ -93,7 +93,7 @@ class FileUploadTests(TestCase):
'--' + client.BOUNDARY + '--',
'',
])
-
+
payload = "\r\n".join(payload)
r = {
'CONTENT_LENGTH': len(payload),
@@ -109,7 +109,7 @@ class FileUploadTests(TestCase):
for i, name in enumerate(scary_file_names):
got = recieved["file%s" % i]
self.assertEqual(got, "hax0rd.txt")
-
+
def test_filename_overflow(self):
"""File names over 256 characters (dangerous on some platforms) get fixed up."""
name = "%s.txt" % ("f"*500)
@@ -131,26 +131,26 @@ class FileUploadTests(TestCase):
}
got = simplejson.loads(self.client.request(**r).content)
self.assert_(len(got['file']) < 256, "Got a long file name (%s characters)." % len(got['file']))
-
+
def test_custom_upload_handler(self):
- # A small file (under the 5M quota)
+ # A small file (under the 5M quota)
smallfile = tempfile.NamedTemporaryFile()
smallfile.write('a' * (2 ** 21))
# A big file (over the quota)
bigfile = tempfile.NamedTemporaryFile()
bigfile.write('a' * (10 * 2 ** 20))
-
+
# Small file posting should work.
response = self.client.post('/file_uploads/quota/', {'f': open(smallfile.name)})
got = simplejson.loads(response.content)
self.assert_('f' in got)
-
+
# Large files don't go through.
response = self.client.post("/file_uploads/quota/", {'f': open(bigfile.name)})
got = simplejson.loads(response.content)
self.assert_('f' not in got)
-
+
def test_broken_custom_upload_handler(self):
f = tempfile.NamedTemporaryFile()
f.write('a' * (2 ** 21))
@@ -189,7 +189,7 @@ class FileUploadTests(TestCase):
class DirectoryCreationTests(unittest.TestCase):
"""
- Tests for error handling during directory creation
+ Tests for error handling during directory creation
via _save_FIELD_file (ticket #6450)
"""
def setUp(self):
@@ -221,7 +221,7 @@ class DirectoryCreationTests(unittest.TestCase):
except IOError, err:
# The test needs to be done on a specific string as IOError
# is raised even without the patch (just not early enough)
- self.assertEquals(err.args[0],
+ self.assertEquals(err.args[0],
"%s exists and is not a directory" % UPLOAD_TO)
except:
self.fail("IOError not raised")