def test_url_securing_on_appspot_url(self):
self.stub_server_name("non-default.khan-academy.appspot.com")
# relative url
self.assertEqual("https://non-default.khan-academy.appspot.com/foo",
util.secure_url("/foo"))
# Absolute url
self.assertEqual("https://non-default.khan-academy.appspot.com/foo",
util.secure_url("http://non-default.khan-academy.appspot.com/foo"))
self.restore_server_name()
def test_url_securing_on_normal_url(self):
self.stub_server_name('www.khanacademy.org')
# relative url
self.assertEqual("https://khan-academy.appspot.com/login",
util.secure_url("/login"))
# Absolute url (gets re-written to appspot)
self.assertEqual("https://khan-academy.appspot.com/login",
util.secure_url("http://www.khanacademy.org/login"))
self.restore_server_name()
def secure_url_with_token(self, url, user_data=None):
if user_data is None:
(user_data, _) = self.resolve_user_info()
if not user_data:
if not self.request_string("reset_token", default=""):
logging.warn("No user detected for password change")
return util.secure_url(url)
token = TransferAuthToken.for_user(user_data).value
if url.find('?') == -1:
return "%s?transfer_token=%s" % (util.secure_url(url),
urllib.quote_plus(token))
else:
return "%s&transfer_token=%s" % (util.secure_url(url),
urllib.quote_plus(token))
def secure_url_with_token(self, url, user_data=None):
if user_data is None:
(user_data, _) = self.resolve_user_info()
if not user_data:
if not self.request_string("reset_token", default=""):
logging.warn("No user detected for password change")
return util.secure_url(url)
token = TransferAuthToken.for_user(user_data).value
if url.find('?') == -1:
return "%s?transfer_token=%s" % (util.secure_url(url),
urllib.quote_plus(token))
else:
return "%s&transfer_token=%s" % (util.secure_url(url),
urllib.quote_plus(token))
def to_secure_url(url):
""" Returns the appropriate https server URL for a url
somewhere on Khan Academy. Note - this is not intended for links to
external sites.
This abstracts away some of the difficulties and limitations of https
in the current environment.
"""
return util.secure_url(url)
def to_secure_url(url):
""" Returns the appropriate https server URL for a url
somewhere on Khan Academy. Note - this is not intended for links to
external sites.
This abstracts away some of the difficulties and limitations of https
in the current environment.
"""
return util.secure_url(url)