Python _clean_next_url示例

示例#1

文件： test_templates.py 项目： kaiquewdev/kuma

 def test_clean_url(self, get_current):
     """Verify that protocol and domain get removed."""
     get_current.return_value.domain = "su.mo.com"
     r = RequestFactory().post("/users/login", {"next": "https://su.mo.com/kb/new?f=b"})
     eq_("/kb/new?f=b", _clean_next_url(r))
     r = RequestFactory().post("/users/login", {"next": "http://su.mo.com/kb/new"})
     eq_("/kb/new", _clean_next_url(r))

示例#2

文件： test_templates.py 项目： LucianU/kuma

 def test_clean_url(self, get_current):
     '''Verify that protocol and domain get removed.'''
     get_current.return_value.domain = 'su.mo.com'
     r = RequestFactory().post('/users/login',
                               {'next': 'https://su.mo.com/kb/new?f=b'})
     eq_('/kb/new?f=b', _clean_next_url(r))
     r = RequestFactory().post('/users/login',
                               {'next': 'http://su.mo.com/kb/new'})
     eq_('/kb/new', _clean_next_url(r))

示例#3

文件： test_views.py 项目： sylvesterwillis/kuma

    def test_clean_next_url_request_properties(self, get_current):
        """_clean_next_url checks POST, GET, and REFERER"""
        get_current.return_value.domain = "dev.mo.org"

        r = RequestFactory().get("/users/login", {"next": "/demos/submit"}, HTTP_REFERER="referer-trumped-by-get")
        eq_("/demos/submit", _clean_next_url(r))
        r = RequestFactory().post("/users/login", {"next": "/demos/submit"})
        eq_("/demos/submit", _clean_next_url(r))
        r = RequestFactory().get("/users/login", HTTP_REFERER="/demos/submit")
        eq_("/demos/submit", _clean_next_url(r))

示例#4

文件： test_views.py 项目： HarshaJagadish/kuma

    def test_clean_next_url_request_properties(self, get_current):
        '''_clean_next_url checks POST, GET, and REFERER'''
        get_current.return_value.domain = 'dev.mo.org'

        r = RequestFactory().get('/users/login', {'next': '/demos/submit'},
                                 HTTP_REFERER='referer-trumped-by-get')
        eq_('/demos/submit', _clean_next_url(r))
        r = RequestFactory().post('/users/login', {'next': '/demos/submit'})
        eq_('/demos/submit', _clean_next_url(r))
        r = RequestFactory().get('/users/login', HTTP_REFERER='/demos/submit')
        eq_('/demos/submit', _clean_next_url(r))

示例#5

    def test_clean_next_url_request_properties(self, get_current):
        '''_clean_next_url checks POST, GET, and REFERER'''
        get_current.return_value.domain = 'dev.mo.org'

        r = RequestFactory().get('/users/login', {'next': '/demos/submit'},
                                 HTTP_REFERER='referer-trumped-by-get')
        eq_('/demos/submit', _clean_next_url(r))
        r = RequestFactory().post('/users/login', {'next': '/demos/submit'})
        eq_('/demos/submit', _clean_next_url(r))
        r = RequestFactory().get('/users/login', HTTP_REFERER='/demos/submit')
        eq_('/demos/submit', _clean_next_url(r))

示例#6

文件： test_views.py 项目： HarshaJagadish/kuma

    def test_clean_next_url_invalid_next_parameter(self, get_current):
        '''_clean_next_url cleans invalid urls'''
        get_current.return_value.domain = 'dev.mo.org'

        for next in self._invalid_nexts():
            r = RequestFactory().get('/users/login', {'next': next})
            eq_(None, _clean_next_url(r))

示例#7

文件： test_views.py 项目： HarshaJagadish/kuma

    def test_clean_next_url_no_self_redirects(self, get_current):
        '''_clean_next_url checks POST, GET, and REFERER'''
        get_current.return_value.domain = 'dev.mo.org'

        for next in [settings.LOGIN_URL, settings.LOGOUT_URL]:
            r = RequestFactory().get('/users/login', {'next': next})
            eq_(None, _clean_next_url(r))

示例#8

    def test_clean_next_url_invalid_next_parameter(self, get_current):
        '''_clean_next_url cleans invalid urls'''
        get_current.return_value.domain = 'dev.mo.org'

        for next in self._invalid_nexts():
            r = RequestFactory().get('/users/login', {'next': next})
            eq_(None, _clean_next_url(r))

示例#9

    def test_clean_next_url_no_self_redirects(self, get_current):
        '''_clean_next_url checks POST, GET, and REFERER'''
        get_current.return_value.domain = 'dev.mo.org'

        for next in [settings.LOGIN_URL, settings.LOGOUT_URL]:
            r = RequestFactory().get('/users/login', {'next': next})
            eq_(None, _clean_next_url(r))

示例#10

文件： test_views.py 项目： sylvesterwillis/kuma

    def test_clean_next_url_invalid_next_parameter(self, get_current):
        """_clean_next_url cleans invalid urls"""
        get_current.return_value.domain = "dev.mo.org"

        for next in self._invalid_nexts():
            r = RequestFactory().get("/users/login", {"next": next})
            eq_(None, _clean_next_url(r))

示例#11

文件： test_views.py 项目： sylvesterwillis/kuma

    def test_clean_next_url_no_self_redirects(self, get_current):
        """_clean_next_url checks POST, GET, and REFERER"""
        get_current.return_value.domain = "dev.mo.org"

        for next in [settings.LOGIN_URL, settings.LOGOUT_URL]:
            r = RequestFactory().get("/users/login", {"next": next})
            eq_(None, _clean_next_url(r))

示例#12

文件： test_templates.py 项目： GPHemsley/kuma

    def test_clean_next_url_protocol_relative_redirect(self, get_current):
        '''Test with an XSS in ?next parameter.'''
        get_current.return_value.domain = 'testserver.com'
        redir_next = '%252f%252fgoo.gl/yY9B5&paddingpaddingpadding'
        redir_request = RequestFactory().get('/users/login',
                                             {'next': redir_next})

        eq_(None, _clean_next_url(redir_request))