def test_no_match(self): self.assertFalse( same_origin('http://example.com', 'http://example.org')) self.assertFalse( same_origin('https://example.com', 'http://example.com')) self.assertFalse( same_origin('http://example.com:443', 'http://example.com:80'))
def test_match(self): self.assertTrue( same_origin('https://example.com', 'https://example.com')) self.assertTrue( same_origin('https://example.com:80', 'https://example.com:80')) self.assertTrue( same_origin('https://example.com:80/different/path?query=4&five=6', 'https://example.com:80/no/match#path'))
def get_audience(request): """ Determine the audience to use for verification from the given request. Relies on the BROWSERID_AUDIENCES setting, which is an explicit list of acceptable audiences for your site. :returns: The first audience in BROWSERID_AUDIENCES that has the same origin as the request's URL. :raises: :class:`django.core.exceptions.ImproperlyConfigured`: If BROWSERID_AUDIENCES isn't defined, or if no matching audience could be found. """ protocol = 'https' if request.is_secure() else 'http' host = '{0}://{1}'.format(protocol, request.get_host()) try: audiences = settings.BROWSERID_AUDIENCES if not audiences and settings.DEBUG: return host except AttributeError: if settings.DEBUG: return host raise ImproperlyConfigured('Required setting BROWSERID_AUDIENCES not found!') for audience in audiences: if same_origin(host, audience): return audience # No audience found? We must not be configured properly, otherwise why are we getting this # request? raise ImproperlyConfigured('No audience could be found in BROWSERID_AUDIENCES for host `{0}`.' .format(host))
def get_audience(request): """ Determine the audience to use for verification from the given request. Relies on the BROWSERID_AUDIENCES setting, which is an explicit list of acceptable audiences for your site. :returns: The first audience in BROWSERID_AUDIENCES that has the same origin as the request's URL. :raises: :class:`django.core.exceptions.ImproperlyConfigured`: If BROWSERID_AUDIENCES isn't defined, or if no matching audience could be found. """ protocol = 'https' if request.is_secure() else 'http' host = '{0}://{1}'.format(protocol, request.get_host()) try: audiences = settings.BROWSERID_AUDIENCES if not audiences and settings.DEBUG: return host except AttributeError: if settings.DEBUG: return host raise ImproperlyConfigured( 'Required setting BROWSERID_AUDIENCES not found!') for audience in audiences: if same_origin(host, audience): return audience # No audience found? We must not be configured properly, otherwise why are we getting this # request? raise ImproperlyConfigured( 'No audience could be found in BROWSERID_AUDIENCES for host `{0}`.'. format(host))
def test_no_match(self): self.assertFalse(same_origin("http://example.com", "http://example.org")) self.assertFalse(same_origin("https://example.com", "http://example.com")) self.assertFalse(same_origin("http://example.com:443", "http://example.com:80"))
def test_match(self): self.assertTrue(same_origin("https://example.com", "https://example.com")) self.assertTrue(same_origin("https://example.com:80", "https://example.com:80")) self.assertTrue( same_origin("https://example.com:80/different/path?query=4&five=6", "https://example.com:80/no/match#path") )