def test__safe_postlogin_redirect(self): self.assertEqual( _safe_postlogin_redirect("http://www.test.com", "www.test.com")["Location"], "http://www.test.com" ) self.assertEqual( _safe_postlogin_redirect("http://www.other.com", "www.test.com")["Location"], "http://www.other.com" ) self.assertEqual(_safe_postlogin_redirect("http://www.unsafe.com", "www.test.com")["Location"], "/")
def test__safe_postlogin_redirect(self): """ Tests the _safe_postlogin_redirect function with different values of next """ HOST = 'testserver' # pylint: disable=C0103 ONSITE1 = '/dashboard' # pylint: disable=C0103 ONSITE2 = '/courses/org/num/name/courseware' # pylint: disable=C0103 ONSITE3 = 'http://{}/my/custom/url'.format(HOST) # pylint: disable=C0103 OFFSITE1 = 'http://www.attacker.com' # pylint: disable=C0103 for redirect_to in [ONSITE1, ONSITE2, ONSITE3]: redir = _safe_postlogin_redirect(redirect_to, HOST) self.assertEqual(redir.status_code, 302) self.assertEqual(redir['location'], redirect_to) redir2 = _safe_postlogin_redirect(OFFSITE1, HOST) self.assertEqual(redir2.status_code, 302) self.assertEqual("/", redir2['location'])
def test__safe_postlogin_redirect(self): """ Tests the _safe_postlogin_redirect function with different values of next """ HOST = 'testserver' # pylint: disable=C0103 ONSITE1 = '/dashboard' # pylint: disable=C0103 ONSITE2 = '/courses/org/num/name/courseware' # pylint: disable=C0103 ONSITE3 = 'http://{}/my/custom/url'.format(HOST) # pylint: disable=C0103 OFFSITE1 = 'http://www.attacker.com' # pylint: disable=C0103 for redirect_to in [ONSITE1, ONSITE2, ONSITE3]: redir = _safe_postlogin_redirect(redirect_to, HOST) self.assertEqual(redir.status_code, 302) self.assertEqual(redir['location'], redirect_to) redir2 = _safe_postlogin_redirect(OFFSITE1, HOST) self.assertEqual(redir2.status_code, 302) self.assertEqual("/", redir2['location'])
def test__safe_postlogin_redirect(self): self.assertEqual(_safe_postlogin_redirect('http://www.test.com', 'www.test.com')['Location'], 'http://www.test.com') self.assertEqual(_safe_postlogin_redirect('http://www.other.com', 'www.test.com')['Location'], 'http://www.other.com') self.assertEqual(_safe_postlogin_redirect('http://www.unsafe.com', 'www.test.com')['Location'], '/')