diff options
| author | Baptiste Mispelon <bmispelon@gmail.com> | 2013-04-03 14:27:20 -0600 |
|---|---|---|
| committer | Carl Meyer <carl@oddbird.net> | 2013-04-03 14:27:20 -0600 |
| commit | c250f9c99b59bb011dae9bc97783458621462b65 (patch) | |
| tree | 6b6e5f1a789cfc8ff1514432cb76a405ff0cfc5f /tests | |
| parent | c8deaa9e7b8523f4231c354972bc0dc1e29cebe1 (diff) | |
Fixed #20038 -- Better error message for host validation.
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/requests/tests.py | 58 |
1 files changed, 54 insertions, 4 deletions
diff --git a/tests/requests/tests.py b/tests/requests/tests.py index e176775449..daf426ea47 100644 --- a/tests/requests/tests.py +++ b/tests/requests/tests.py @@ -11,16 +11,16 @@ from django.core import signals from django.core.exceptions import SuspiciousOperation from django.core.handlers.wsgi import WSGIRequest, LimitedStream from django.http import HttpRequest, HttpResponse, parse_cookie, build_request_repr, UnreadablePostError -from django.test import TransactionTestCase +from django.test import SimpleTestCase, TransactionTestCase from django.test.client import FakePayload from django.test.utils import override_settings, str_prefix from django.utils import six -from django.utils import unittest +from django.utils.unittest import skipIf from django.utils.http import cookie_date, urlencode from django.utils.timezone import utc -class RequestsTests(unittest.TestCase): +class RequestsTests(SimpleTestCase): def test_httprequest(self): request = HttpRequest() self.assertEqual(list(request.GET.keys()), []) @@ -287,6 +287,56 @@ class RequestsTests(unittest.TestCase): self.assertEqual(request.get_host(), 'example.com') + @override_settings(ALLOWED_HOSTS=[]) + def test_get_host_suggestion_of_allowed_host(self): + """get_host() makes helpful suggestions if a valid-looking host is not in ALLOWED_HOSTS.""" + msg_invalid_host = "Invalid HTTP_HOST header: %r." + msg_suggestion = msg_invalid_host + "You may need to add %r to ALLOWED_HOSTS." + + for host in [ # Valid-looking hosts + 'example.com', + '12.34.56.78', + '[2001:19f0:feee::dead:beef:cafe]', + 'xn--4ca9at.com', # Punnycode for öäü.com + ]: + request = HttpRequest() + request.META = {'HTTP_HOST': host} + self.assertRaisesMessage( + SuspiciousOperation, + msg_suggestion % (host, host), + request.get_host + ) + + for domain, port in [ # Valid-looking hosts with a port number + ('example.com', 80), + ('12.34.56.78', 443), + ('[2001:19f0:feee::dead:beef:cafe]', 8080), + ]: + host = '%s:%s' % (domain, port) + request = HttpRequest() + request.META = {'HTTP_HOST': host} + self.assertRaisesMessage( + SuspiciousOperation, + msg_suggestion % (host, domain), + request.get_host + ) + + for host in [ # Invalid hosts + 'example.com@evil.tld', + 'example.com:dr.frankenstein@evil.tld', + 'example.com:dr.frankenstein@evil.tld:80', + 'example.com:80/badpath', + 'example.com: recovermypassword.com', + ]: + request = HttpRequest() + request.META = {'HTTP_HOST': host} + self.assertRaisesMessage( + SuspiciousOperation, + msg_invalid_host % host, + request.get_host + ) + + def test_near_expiration(self): "Cookie will expire when an near expiration time is provided" response = HttpResponse() @@ -587,7 +637,7 @@ class RequestsTests(unittest.TestCase): request.body -@unittest.skipIf(connection.vendor == 'sqlite' +@skipIf(connection.vendor == 'sqlite' and connection.settings_dict['NAME'] in ('', ':memory:'), "Cannot establish two connections to an in-memory SQLite database.") class DatabaseConnectionHandlingTests(TransactionTestCase): |
