def test_bad_request():
f = rpcserver.HTTP_Status()
t = rpcserver._bad_request_template
s = StartResponse()
assert_equal(f.bad_request(None, s, 'illegal request'),
[t % dict(message='illegal request')])
assert s.status == '400 Bad Request'
assert s.headers == [('Content-Type', 'text/html; charset=utf-8')]
def test_internal_error():
f = rpcserver.HTTP_Status()
t = rpcserver._internal_error_template
s = StartResponse()
assert_equal(f.internal_error(None, s, 'request failed'),
[t % dict(message='request failed')])
assert s.status == '500 Internal Server Error'
assert s.headers == [('Content-Type', 'text/html; charset=utf-8')]
def test_unauthorized_error():
f = rpcserver.HTTP_Status()
t = rpcserver._unauthorized_template
s = StartResponse()
assert_equal(f.unauthorized(None, s, 'unauthorized', 'password-expired'),
[t % dict(message='unauthorized')])
assert s.status == '401 Unauthorized'
assert s.headers == [('Content-Type', 'text/html; charset=utf-8'),
('X-IPA-Rejection-Reason', 'password-expired')]
def test_not_found():
f = rpcserver.HTTP_Status()
t = rpcserver._not_found_template
s = StartResponse()
# Test with an innocent URL:
url = '/ipa/foo/stuff'
assert_equal(f.not_found(None, s, url, None),
[t % dict(url='/ipa/foo/stuff')])
assert s.status == '404 Not Found'
assert s.headers == [('Content-Type', 'text/html; charset=utf-8')]
# Test when URL contains any of '<>&'
s.reset()
url = ' ' + '<script>do_bad_stuff();</script>'
assert_equal(f.not_found(None, s, url, None), [
t % dict(url='&nbsp;<script>do_bad_stuff();</script>')
])
assert s.status == '404 Not Found'
assert s.headers == [('Content-Type', 'text/html; charset=utf-8')]
