This repository has been archived by the owner on Sep 13, 2022. It is now read-only.
/
url_util_test.py
147 lines (120 loc) · 6 KB
/
url_util_test.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
import os
import urllib
import url_util
from app import App
try:
import unittest2 as unittest
except ImportError:
import unittest
class TestUrl(unittest.TestCase):
def setUp(self):
super(TestUrl, self).setUp()
self.orig_app_dev_server = App.is_dev_server
App.is_dev_server = False
self.orig_host = None
def tearDown(self):
App.is_dev_server = self.orig_app_dev_server
def stub_server_name(self, stubbed_name):
if 'HTTP_HOST' in os.environ:
self.orig_host = os.environ['HTTP_HOST']
else:
self.orig_host = None
os.environ['HTTP_HOST'] = stubbed_name
def restore_server_name(self):
if self.orig_host:
os.environ['HTTP_HOST'] = self.orig_host
else:
del os.environ['HTTP_HOST']
def test_url_securing_on_normal_url(self):
self.stub_server_name('www.khanacademy.org')
# relative url
self.assertEqual("https://khan-academy.appspot.com/login",
url_util.secure_url("/login"))
# Absolute url (gets re-written to appspot)
self.assertEqual("https://khan-academy.appspot.com/login",
url_util.secure_url("http://www.khanacademy.org/login"))
self.restore_server_name()
def test_url_insecuring_on_normal_url(self):
self.stub_server_name('www.khanacademy.org')
# relative URL
self.assertEqual("http://www.khanacademy.org/postlogin",
url_util.insecure_url("/postlogin"))
# absolute URL
self.assertEqual("http://www.khanacademy.org/postlogin",
url_util.insecure_url("https://www.khanacademy.org/postlogin"))
self.restore_server_name()
def test_url_securing_on_appspot_url(self):
self.stub_server_name("non-default.khan-academy.appspot.com")
# relative url
self.assertEqual("https://non-default.khan-academy.appspot.com/foo",
url_util.secure_url("/foo"))
# Absolute url
self.assertEqual("https://non-default.khan-academy.appspot.com/foo",
url_util.secure_url("http://non-default.khan-academy.appspot.com/foo"))
self.restore_server_name()
def test_url_insecuring_on_appspot_url(self):
self.stub_server_name("non-default.khan-academy.appspot.com")
# relative url
self.assertEqual("http://non-default.khan-academy.appspot.com/foo",
url_util.insecure_url("/foo"))
# Absolute url
self.assertEqual("http://non-default.khan-academy.appspot.com/foo",
url_util.insecure_url("https://non-default.khan-academy.appspot.com/foo"))
self.restore_server_name()
def test_detection_of_ka_urls(self):
def is_ka_url(url):
return url_util.is_khanacademy_url(url)
self.stub_server_name("www.khanacademy.org")
self.assertTrue(is_ka_url("/relative/url"))
self.assertTrue(is_ka_url(url_util.absolute_url("/relative/url")))
self.assertTrue(is_ka_url(url_util.static_url("/images/foo")))
self.assertTrue(is_ka_url("http://www.khanacademy.org"))
self.assertTrue(is_ka_url("http://smarthistory.khanacademy.org"))
self.assertTrue(is_ka_url("http://www.khanacademy.org/"))
self.assertTrue(is_ka_url("http://www.khanacademy.org/foo"))
self.assertTrue(is_ka_url("https://khan-academy.appspot.com"))
self.assertTrue(is_ka_url("http://non-default.khan-academy.appspot.com"))
self.assertTrue(is_ka_url("https://non-default.khan-academy.appspot.com"))
self.restore_server_name()
def test_detection_of_non_ka_urls(self):
self.assertFalse(url_util.is_khanacademy_url("http://evil.com"))
self.assertFalse(url_util.is_khanacademy_url("https://khanacademy.phising.com"))
def test_opengraph_url_for_dev_server(self):
self.stub_server_name("localhost")
self.assertEqual("http://www.khanacademy.org/foo",
url_util.opengraph_url("/foo"))
def test_opengraph_url_for_appspot_url(self):
self.stub_server_name("non-default.khan-academy.appspot.com")
self.assertEqual("http://www.khanacademy.org/foo",
url_util.opengraph_url("/foo"))
def test_opengraph_url_for_ka_org_url(self):
self.stub_server_name("www.khanacademy.org")
self.assertEqual("http://www.khanacademy.org/foo",
url_util.opengraph_url("/foo"))
def test_opengraph_url_for_subdomain_ka_url(self):
self.stub_server_name("beta.wild.khanacademy.org")
self.assertEqual("http://beta.wild.khanacademy.org/foo",
url_util.opengraph_url("/foo"))
def test_iri_to_uri_encodes_to_utf8(self):
original_unicode = u"/\u00fe/\u00f4?\u00ef=\u2021"
# verify correct encoding
encoded_string = url_util.iri_to_uri(original_unicode)
self.assertIsInstance(encoded_string, str)
self.assertEqual("/%C3%BE/%C3%B4?%C3%AF=%E2%80%A1", encoded_string)
# verify that we can roundtrip back to the original unicode
decoded_string = urllib.unquote(encoded_string).decode("utf-8")
self.assertIsInstance(decoded_string, unicode)
self.assertEqual(original_unicode, decoded_string)
def test_iri_to_uri_is_idempotent(self):
unicode_string = u"/\u00fe/\u00f4?\u00ef=\u2021"
self.assertEqual(
url_util.iri_to_uri(unicode_string),
url_util.iri_to_uri(url_util.iri_to_uri(unicode_string)))
def test_iri_to_uri_is_sane_for_complex_url(self):
# test without the added complexity of unicode characters just
# to sanity check that a complex URL is not mangled
unicode_string = (u"http://user:password@www.host.com/with/path/and"
u"?query=string&is=sane")
encoded_string = url_util.iri_to_uri(unicode_string)
self.assertIsInstance(encoded_string, str)
self.assertEqual(unicode_string, encoded_string)