예제 #1
0
 def test_empty_permitted(self):
     """
     Regression test for #10643: the security hash should allow forms with
     empty_permitted = True, or forms where data has not changed.
     """
     f1 = HashTestBlankForm({})
     f2 = HashTestForm({}, empty_permitted=True)
     hash1 = utils.form_hmac(f1)
     hash2 = utils.form_hmac(f2)
     self.assertEqual(hash1, hash2)
예제 #2
0
 def test_empty_permitted(self):
     """
     Regression test for #10643: the security hash should allow forms with
     empty_permitted = True, or forms where data has not changed.
     """
     f1 = HashTestBlankForm({})
     f2 = HashTestForm({}, empty_permitted=True)
     hash1 = utils.form_hmac(f1)
     hash2 = utils.form_hmac(f2)
     self.assertEqual(hash1, hash2)
예제 #3
0
 def test_textfield_hash(self):
     """
     Regression test for #10034: the hash generation function should ignore
     leading/trailing whitespace so as to be friendly to broken browsers that
     submit it (usually in textareas).
     """
     f1 = HashTestForm({'name': 'joe', 'bio': 'Speaking español.'})
     f2 = HashTestForm({'name': '  joe', 'bio': 'Speaking español.  '})
     hash1 = utils.form_hmac(f1)
     hash2 = utils.form_hmac(f2)
     self.assertEqual(hash1, hash2)
예제 #4
0
 def test_textfield_hash(self):
     """
     Regression test for #10034: the hash generation function should ignore
     leading/trailing whitespace so as to be friendly to broken browsers that
     submit it (usually in textareas).
     """
     f1 = HashTestForm({'name': 'joe', 'bio': 'Speaking español.'})
     f2 = HashTestForm({'name': '  joe', 'bio': 'Speaking español.  '})
     hash1 = utils.form_hmac(f1)
     hash2 = utils.form_hmac(f2)
     self.assertEqual(hash1, hash2)
예제 #5
0
    def security_hash(self, request, form):
        """
        Calculates the security hash for the given HttpRequest and Form instances.

        Subclasses may want to take into account request-specific information,
        such as the IP address.
        """
        return form_hmac(form)
예제 #6
0
    def test_hash_with_file(self):
        with InMemoryUploadedFile(StringIO('1'), '', 'test', 'text/plain', 1,
                                  'utf8') as some_file:
            f1 = HashTestFormWithFile({'name': 'joe'})
            f2 = HashTestFormWithFile({'name': 'joe'},
                                      files={'attachment': some_file})
            hash1 = utils.form_hmac(f1)
            hash2 = utils.form_hmac(f2)
        self.assertNotEqual(hash1, hash2)

        with TemporaryUploadedFile('test', 'text/plain', 1,
                                   'utf8') as some_file:
            some_file.write(b'1')
            some_file.seek(0)
            f1 = HashTestFormWithFile({'name': 'joe'})
            f2 = HashTestFormWithFile({'name': 'joe'},
                                      files={'attachment': some_file})
            hash1 = utils.form_hmac(f1)
            hash2 = utils.form_hmac(f2)
        self.assertNotEqual(hash1, hash2)
예제 #7
0
 def test_form_submit_good_hash(self):
     """
     Test formtools.preview form submittal, using a correct
     hash
     """
     # Pass strings for form submittal and add stage variable to
     # show we previously saw first stage of the form.
     self.test_data.update({'stage': 2})
     response = self.client.post('/preview/', self.test_data)
     self.assertNotEqual(response.content, success_string_encoded)
     hash = utils.form_hmac(TestForm(self.test_data))
     self.test_data.update({'hash': hash})
     response = self.client.post('/preview/', self.test_data)
     self.assertEqual(response.content, success_string_encoded)
예제 #8
0
 def test_form_submit_good_hash(self):
     """
     Test formtools.preview form submittal, using a correct
     hash
     """
     # Pass strings for form submittal and add stage variable to
     # show we previously saw first stage of the form.
     self.test_data.update({'stage': 2})
     response = self.client.post('/preview/', self.test_data)
     self.assertNotEqual(response.content, success_string_encoded)
     hash = utils.form_hmac(TestForm(self.test_data))
     self.test_data.update({'hash': hash})
     response = self.client.post('/preview/', self.test_data)
     self.assertEqual(response.content, success_string_encoded)
예제 #9
0
 def test_form_submit_bad_hash(self):
     """
     Test formtools.preview form submittal does not proceed
     if the hash is incorrect.
     """
     # Pass strings for form submittal and add stage variable to
     # show we previously saw first stage of the form.
     self.test_data.update({'stage': 2})
     response = self.client.post('/preview/', self.test_data)
     self.assertEqual(response.status_code, 200)
     self.assertNotEqual(response.content, success_string_encoded)
     hash = utils.form_hmac(TestForm(self.test_data)) + "bad"
     self.test_data.update({'hash': hash})
     response = self.client.post('/previewpreview/', self.test_data)
     self.assertNotEqual(response.content, success_string_encoded)
예제 #10
0
 def test_form_submit_bad_hash(self):
     """
     Test formtools.preview form submittal does not proceed
     if the hash is incorrect.
     """
     # Pass strings for form submittal and add stage variable to
     # show we previously saw first stage of the form.
     self.test_data.update({'stage': 2})
     response = self.client.post('/preview/', self.test_data)
     self.assertEqual(response.status_code, 200)
     self.assertNotEqual(response.content, success_string_encoded)
     hash = utils.form_hmac(TestForm(self.test_data)) + "bad"
     self.test_data.update({'hash': hash})
     response = self.client.post('/previewpreview/', self.test_data)
     self.assertNotEqual(response.content, success_string_encoded)