Fixed #28224 -- Tested for SuspiciousOperation subclasses in Django's tests.

2017-05-25 19:19:01 +07:00 · 2017-05-25 19:19:01 +07:00 · 67e1afb4a8
parent f8bce94997
commit 67e1afb4a8
3 changed files with 15 additions and 15 deletions
--- a/tests/file_storage/tests.py
+++ b/tests/file_storage/tests.py
@ -10,7 +10,7 @@ from io import StringIO
 from urllib.request import urlopen

 from django.core.cache import cache
-from django.core.exceptions import SuspiciousFileOperation, SuspiciousOperation
+from django.core.exceptions import SuspiciousFileOperation
 from django.core.files.base import ContentFile, File
 from django.core.files.storage import FileSystemStorage, get_storage_class
 from django.core.files.uploadedfile import (
@ -384,9 +384,9 @@ class FileStorageTests(SimpleTestCase):
        File storage prevents directory traversal (files can only be accessed if
        they're below the storage location).
        """
-        with self.assertRaises(SuspiciousOperation):
+        with self.assertRaises(SuspiciousFileOperation):
            self.storage.exists('..')
-        with self.assertRaises(SuspiciousOperation):
+        with self.assertRaises(SuspiciousFileOperation):
            self.storage.exists('/etc/passwd')

    def test_file_storage_preserves_filename_case(self):
--- a/tests/httpwrappers/tests.py
+++ b/tests/httpwrappers/tests.py
@ -5,7 +5,7 @@ import pickle
 import unittest
 import uuid

-from django.core.exceptions import DisallowedRedirect, SuspiciousOperation
+from django.core.exceptions import DisallowedRedirect
 from django.core.serializers.json import DjangoJSONEncoder
 from django.core.signals import request_finished
 from django.db import close_old_connections
@ -441,9 +441,9 @@ class HttpResponseTests(unittest.TestCase):
            'file:///etc/passwd',
        ]
        for url in bad_urls:
-            with self.assertRaises(SuspiciousOperation):
+            with self.assertRaises(DisallowedRedirect):
                HttpResponseRedirect(url)
-            with self.assertRaises(SuspiciousOperation):
+            with self.assertRaises(DisallowedRedirect):
                HttpResponsePermanentRedirect(url)


--- a/tests/requests/tests.py
+++ b/tests/requests/tests.py
@ -5,7 +5,7 @@ from io import BytesIO
 from itertools import chain
 from urllib.parse import urlencode

-from django.core.exceptions import SuspiciousOperation
+from django.core.exceptions import DisallowedHost
 from django.core.handlers.wsgi import LimitedStream, WSGIRequest
 from django.http import (
    HttpRequest, HttpResponse, RawPostDataException, UnreadablePostError,
@ -695,7 +695,7 @@ class HostValidationTests(SimpleTestCase):

        # Poisoned host headers are rejected as suspicious
        for host in chain(self.poisoned_hosts, ['other.com', 'example.com..']):
-            with self.assertRaises(SuspiciousOperation):
+            with self.assertRaises(DisallowedHost):
                request = HttpRequest()
                request.META = {
                    'HTTP_HOST': host,
@ -759,7 +759,7 @@ class HostValidationTests(SimpleTestCase):
            request.get_host()

        for host in self.poisoned_hosts:
-            with self.assertRaises(SuspiciousOperation):
+            with self.assertRaises(DisallowedHost):
                request = HttpRequest()
                request.META = {
                    'HTTP_HOST': host,
@ -810,8 +810,8 @@ class HostValidationTests(SimpleTestCase):
            request.META = {'HTTP_HOST': host}
            self.assertEqual(request.get_host(), host)

-        # Other hostnames raise a SuspiciousOperation.
-        with self.assertRaises(SuspiciousOperation):
+        # Other hostnames raise a DisallowedHost.
+        with self.assertRaises(DisallowedHost):
            request = HttpRequest()
            request.META = {'HTTP_HOST': 'example.com'}
            request.get_host()
@ -831,7 +831,7 @@ class HostValidationTests(SimpleTestCase):
        ]:
            request = HttpRequest()
            request.META = {'HTTP_HOST': host}
-            with self.assertRaisesMessage(SuspiciousOperation, msg_suggestion % (host, host)):
+            with self.assertRaisesMessage(DisallowedHost, msg_suggestion % (host, host)):
                request.get_host()

        for domain, port in [  # Valid-looking hosts with a port number
@ -842,18 +842,18 @@ class HostValidationTests(SimpleTestCase):
            host = '%s:%s' % (domain, port)
            request = HttpRequest()
            request.META = {'HTTP_HOST': host}
-            with self.assertRaisesMessage(SuspiciousOperation, msg_suggestion % (host, domain)):
+            with self.assertRaisesMessage(DisallowedHost, msg_suggestion % (host, domain)):
                request.get_host()

        for host in self.poisoned_hosts:
            request = HttpRequest()
            request.META = {'HTTP_HOST': host}
-            with self.assertRaisesMessage(SuspiciousOperation, msg_invalid_host % host):
+            with self.assertRaisesMessage(DisallowedHost, msg_invalid_host % host):
                request.get_host()

        request = HttpRequest()
        request.META = {'HTTP_HOST': "invalid_hostname.com"}
-        with self.assertRaisesMessage(SuspiciousOperation, msg_suggestion2 % "invalid_hostname.com"):
+        with self.assertRaisesMessage(DisallowedHost, msg_suggestion2 % "invalid_hostname.com"):
            request.get_host()

    def test_split_domain_port_removes_trailing_dot(self):