From b774c5993cf80000966ae8f04c985116f98ee5ac Mon Sep 17 00:00:00 2001
From: Claude Paroz <claude@2xlibre.net>
Date: Mon, 29 Oct 2012 17:26:10 +0100
Subject: [PATCH] Fixed #19172 -- Isolated poisoned_http_host tests from 500
 handlers

Thanks bernardofontes for the report.
---
 django/contrib/auth/tests/views.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/django/contrib/auth/tests/views.py b/django/contrib/auth/tests/views.py
index bb17576d31..b97d4a7cdf 100644
--- a/django/contrib/auth/tests/views.py
+++ b/django/contrib/auth/tests/views.py
@@ -115,6 +115,8 @@ class PasswordResetTest(AuthViewsTestCase):
         self.assertTrue("http://adminsite.com" in mail.outbox[0].body)
         self.assertEqual(settings.DEFAULT_FROM_EMAIL, mail.outbox[0].from_email)
 
+    # Skip any 500 handler action (like sending more mail...)
+    @override_settings(DEBUG_PROPAGATE_EXCEPTIONS=True)
     def test_poisoned_http_host(self):
         "Poisoned HTTP_HOST headers can't be used for reset emails"
         # This attack is based on the way browsers handle URLs. The colon
@@ -131,6 +133,8 @@ class PasswordResetTest(AuthViewsTestCase):
             )
         self.assertEqual(len(mail.outbox), 0)
 
+    # Skip any 500 handler action (like sending more mail...)
+    @override_settings(DEBUG_PROPAGATE_EXCEPTIONS=True)
     def test_poisoned_http_host_admin_site(self):
         "Poisoned HTTP_HOST headers can't be used for reset emails on admin views"
         with self.assertRaises(SuspiciousOperation):