Python should_be_tainted示例

示例#1

文件： test_tainted.py 项目： cjwood032/Zope_Walkthrough

 def test_should_be_tainted(self):
     from AccessControl.tainted import should_be_tainted
     self.assertFalse(should_be_tainted('string'))
     self.assertTrue(should_be_tainted('<string'))
     self.assertFalse(should_be_tainted(b'string'))
     self.assertTrue(should_be_tainted(b'<string'))
     self.assertFalse(should_be_tainted(b'string'[0]))
     self.assertTrue(should_be_tainted(b'<string'[0]))

示例#2

文件： test_tainted.py 项目： zopefoundation/AccessControl

 def test_should_be_tainted(self):
     from AccessControl.tainted import should_be_tainted
     self.assertFalse(should_be_tainted('string'))
     self.assertTrue(should_be_tainted('<string'))
     self.assertFalse(should_be_tainted(b'string'))
     self.assertTrue(should_be_tainted(b'<string'))
     self.assertFalse(should_be_tainted(b'string'[0]))
     self.assertTrue(should_be_tainted(b'<string'[0]))

示例#3

文件： testHTTPRequest.py 项目： zopefoundation/Zope

    def _valueIsOrHoldsTainted(self, val):
        # Recursively searches a structure for a TaintedString and returns 1
        # when one is found.
        # Also raises an Assertion if a string which *should* have been
        # tainted is found, or when a tainted string is not deemed dangerous.
        from ZPublisher.HTTPRequest import record
        from AccessControl.tainted import TaintedString

        retval = 0

        if isinstance(val, TaintedString):
            self.assertTrue(
                should_be_tainted(val._value),
                "%r is not dangerous, no taint required." % val)
            retval = 1

        elif isinstance(val, record):
            for attr, value in list(val.__dict__.items()):
                rval = self._valueIsOrHoldsTainted(attr)
                if rval:
                    retval = 1
                rval = self._valueIsOrHoldsTainted(value)
                if rval:
                    retval = 1

        elif type(val) in (list, tuple):
            for entry in val:
                rval = self._valueIsOrHoldsTainted(entry)
                if rval:
                    retval = 1

        elif type(val) in (str, unicode):
            self.assertFalse(
                should_be_tainted(val),
                "'%s' is dangerous and should have been tainted." % val)

        return retval

示例#4

文件： testHTTPRequest.py 项目： valdirdpg/Zope

    def _valueIsOrHoldsTainted(self, val):
        # Recursively searches a structure for a TaintedString and returns 1
        # when one is found.
        # Also raises an Assertion if a string which *should* have been
        # tainted is found, or when a tainted string is not deemed dangerous.
        from ZPublisher.HTTPRequest import record
        from AccessControl.tainted import TaintedString

        retval = 0

        if isinstance(val, TaintedString):
            self.assertTrue(
                should_be_tainted(val._value),
                "%r is not dangerous, no taint required." % val)
            retval = 1

        elif isinstance(val, record):
            for attr, value in list(val.__dict__.items()):
                rval = self._valueIsOrHoldsTainted(attr)
                if rval:
                    retval = 1
                rval = self._valueIsOrHoldsTainted(value)
                if rval:
                    retval = 1

        elif type(val) in (list, tuple):
            for entry in val:
                rval = self._valueIsOrHoldsTainted(entry)
                if rval:
                    retval = 1

        elif type(val) in (str, unicode):
            self.assertFalse(
                should_be_tainted(val),
                "'%s' is dangerous and should have been tainted." % val)

        return retval