summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorBaptiste Mispelon <bmispelon@gmail.com>2013-10-29 23:31:53 +0100
committerBaptiste Mispelon <bmispelon@gmail.com>2013-10-30 07:55:07 +0100
commit5733764a2c2923ae9a1b7c91de5a8d15414c99ef (patch)
tree33780f51d6f23327a665577a2decbc020c698f6d /tests
parent3c5cdaf47aae7e4f21398be1a5eaa07f7c5ce31c (diff)
Added some more tests for the debug page.
* Missing tests for ticket #12744 * Tests for the cleanse_setting feature (leaving out sensitive settings from the debug page)
Diffstat (limited to 'tests')
-rw-r--r--tests/view_tests/tests/test_debug.py44
1 files changed, 44 insertions, 0 deletions
diff --git a/tests/view_tests/tests/test_debug.py b/tests/view_tests/tests/test_debug.py
index 5c011a91b0..b22c7aad43 100644
--- a/tests/view_tests/tests/test_debug.py
+++ b/tests/view_tests/tests/test_debug.py
@@ -596,6 +596,50 @@ class ExceptionReporterFilterTests(TestCase, ExceptionReportTestMixin):
response = self.client.get('/views/raises500/')
self.assertNotContains(response, "This should not be displayed", status_code=500)
+ def test_dict_setting_with_non_str_key(self):
+ """
+ A dict setting containing a non-string key should not break the
+ debug page (#12744).
+ """
+ with self.settings(DEBUG=True, FOOBAR={42: None}):
+ response = self.client.get('/views/raises500/')
+ self.assertContains(response, 'FOOBAR', status_code=500)
+
+ def test_sensitive_settings(self):
+ """
+ The debug page should not show some sensitive settings
+ (password, secret key, ...).
+ """
+ sensitive_settings = [
+ 'SECRET_KEY',
+ 'PASSWORD',
+ 'API_KEY',
+ 'AUTH_TOKEN',
+ ]
+ for setting in sensitive_settings:
+ with self.settings(DEBUG=True, **{setting: "should not be displayed"}):
+ response = self.client.get('/views/raises500/')
+ self.assertNotContains(response, 'should not be displayed', status_code=500)
+
+ def test_settings_with_sensitive_keys(self):
+ """
+ The debug page should filter out some sensitive information found in
+ dict settings.
+ """
+ sensitive_settings = [
+ 'SECRET_KEY',
+ 'PASSWORD',
+ 'API_KEY',
+ 'AUTH_TOKEN',
+ ]
+ for setting in sensitive_settings:
+ FOOBAR = {
+ setting: "should not be displayed",
+ 'recursive': {setting: "should not be displayed"},
+ }
+ with self.settings(DEBUG=True, FOOBAR=FOOBAR):
+ response = self.client.get('/views/raises500/')
+ self.assertNotContains(response, 'should not be displayed', status_code=500)
class AjaxResponseExceptionReporterFilter(TestCase, ExceptionReportTestMixin):
"""