Ejemplo n.º 1
0
    def testDoublyEncodedCookieWithIncorrectPadding(self):
        from urllib import quote
        from base64 import encodestring
        from collective.usernamelogger import username
        TEST_USERNAME = '******'
        TEST_PASSWORD = '******'
        hex_credentials = ':'.join([token.encode('hex') for token in \
                                    (TEST_USERNAME, TEST_PASSWORD)])

        # base64 encode credentials - this will add '='s for padding
        b64encoded_credentials = encodestring(hex_credentials).strip()

        # Quote the base64 encoded string *twice*
        # This will mess up the padding unless it's unquoted twice
        broken_cookie = "__ac=%s" % quote(quote(b64encoded_credentials))
        self.assertTrue(username(broken_cookie) == TEST_USERNAME)
Ejemplo n.º 2
0
    def testDoublyEncodedCookieWithIncorrectPadding(self):
        from urllib import quote
        from base64 import encodestring
        from collective.usernamelogger import username
        TEST_USERNAME = '******'
        TEST_PASSWORD = '******'
        hex_credentials = ':'.join([token.encode('hex') for token in \
                                    (TEST_USERNAME, TEST_PASSWORD)])

        # base64 encode credentials - this will add '='s for padding
        b64encoded_credentials = encodestring(hex_credentials).strip()

        # Quote the base64 encoded string *twice*
        # This will mess up the padding unless it's unquoted twice
        broken_cookie = "__ac=%s" % quote(quote(b64encoded_credentials))
        self.assertTrue(username(broken_cookie) == TEST_USERNAME)
Ejemplo n.º 3
0
 def username(self, value):
     from collective.usernamelogger import username
     from base64 import encodestring
     return username('__ac=%s' % encodestring(value))
Ejemplo n.º 4
0
 def username(self, value):
     from collective.usernamelogger import username
     from base64 import encodestring
     return username('__ac=%s' % encodestring(value))