def test_post_as_string(self):
data = {
'http': {
'data': six.b('password=evil&api_key=evil&harmless=bar'),
}
}
proc = SanitizePasswordsProcessor(Mock())
result = proc.process(data)
self.assertTrue('http' in result)
http = result['http']
assert 'evil' not in force_text(http['data'])
def test_post_as_string(self):
data = {
'http': {
'data': six.b('password=evil&api_key=evil&harmless=bar'),
}
}
proc = SanitizePasswordsProcessor(Mock())
result = proc.process(data)
self.assertTrue('http' in result)
http = result['http']
assert 'evil' not in force_text(http['data'])
def filter_http(self, data):
for n in ('data', 'cookies', 'headers', 'env', 'query_string'):
if n not in data:
continue
if isinstance(data[n], (six.binary_type, ) + six.string_types):
text_data = force_text(data[n], errors='replace')
if '=' in text_data:
# at this point we've assumed it's a standard HTTP query
querybits = []
for bit in text_data.split('&'):
chunk = bit.split('=')
if len(chunk) == 2:
querybits.append((chunk[0], self.sanitize(*chunk)))
else:
querybits.append(chunk)
data[n] = '&'.join('='.join(k) for k in querybits)
continue
data[n] = varmap(self.sanitize, data[n])
def filter_http(self, data):
for n in ('data', 'cookies', 'headers', 'env', 'query_string'):
if n not in data:
continue
if isinstance(data[n], (six.binary_type,) + six.string_types):
text_data = force_text(data[n], errors='replace')
if '=' in text_data:
# at this point we've assumed it's a standard HTTP query
querybits = []
for bit in text_data.split('&'):
chunk = bit.split('=')
if len(chunk) == 2:
querybits.append((chunk[0], self.sanitize(*chunk)))
else:
querybits.append(chunk)
data[n] = '&'.join('='.join(k) for k in querybits)
continue
data[n] = varmap(self.sanitize, data[n])
def _decode(self, param):
try:
return force_text(param, strings_only=True)
except UnicodeDecodeError:
return '(encoded string)'
def _decode(self, param):
try:
return force_text(param, strings_only=True)
except UnicodeDecodeError:
return '(encoded string)'
