def test_is_valid_domain_returns_false_for_scheme_suffix_and_no_domain(): # Because http://gov.uk as a setting just seems weird and is likely # a mistake. When providing suffix we expect "gov.uk" in settings assert is_valid_domain('http://gov.uk') is False assert is_valid_domain('http://.gov.uk') is False assert is_valid_domain('http://com') is False assert is_valid_domain('http://.com') is False
def test_is_valid_domain_returns_false_if_path_or_params_included(): assert is_valid_domain('http://google.com?q=exporting') is False assert is_valid_domain('http://google.com/exporing') is False assert is_valid_domain('google.com?q=exporting') is False assert is_valid_domain('google.com/exporing') is False
def test_is_valid_domain_returns_false_if_subdomain_included(): assert is_valid_domain('http://mail.google.com') is False assert is_valid_domain('mail.google.com') is False
def test_is_valid_domain_returns_false_for_invalid_domains(): assert is_valid_domain('http://') is False assert is_valid_domain('blabla') is False assert is_valid_domain('http://blabla') is False assert is_valid_domain('http://www.blablabla') is False
def test_is_valid_domain_returns_true_for_valid_suffixes(): assert is_valid_domain('gov.uk') is True assert is_valid_domain('.gov.uk') is True assert is_valid_domain('com') is True assert is_valid_domain('.com') is True
def test_is_valid_domain_returns_true_for_valid_domains(): assert is_valid_domain('http://google.com') is True assert is_valid_domain('google.com') is True
'reset_password': '******', 'reset_password_from_key': 'sso.user.forms.ResetPasswordKeyForm', } SESSION_COOKIE_DOMAIN = env.str('SESSION_COOKIE_DOMAIN') # env var not same as setting to be more explicit (directory-ui uses same name) SESSION_COOKIE_NAME = env.str('SSO_SESSION_COOKIE') SESSION_COOKIE_SECURE = env.bool('SESSION_COOKIE_SECURE', True) CSRF_COOKIE_SECURE = env.bool('CSRF_COOKIE_SECURE', True) CSRF_COOKIE_HTTPONLY = True # Set with comma separated values in env ALLOWED_REDIRECT_DOMAINS = env.list('ALLOWED_REDIRECT_DOMAINS', default=[]) for domain in ALLOWED_REDIRECT_DOMAINS: assert is_valid_domain(domain) is True # Signature check SIGNATURE_SECRET = env.str('SIGNATURE_SECRET') SIGAUTH_URL_NAMES_WHITELIST = [ 'healthcheck', 'healthcheck-ping', 'activity-stream-users', 'activity-stream-user-answers-vfm', ] # api request key DIRECTORY_API_SECRET = env.str('DIRECTORY_API_SECRET', '') # Use proxy host name when generating links (e.g. in emails) USE_X_FORWARDED_HOST = True