diff --git a/docs/topics/signing.txt b/docs/topics/signing.txt index 5c2856fbb7b..5fa537c579f 100644 --- a/docs/topics/signing.txt +++ b/docs/topics/signing.txt @@ -53,6 +53,15 @@ You can retrieve the original value using the ``unsign`` method:: >>> original 'My string' +If you pass a non-string value to ``sign``, the value will be forced to string +before being signed, and the ``unsign`` result will give you that string +value:: + + >>> signed = signer.sign(2.5) + >>> original = signer.unsign(signed) + >>> original + '2.5' + If the signature or value have been altered in any way, a ``django.core.signing.BadSignature`` exception will be raised:: diff --git a/tests/signing/tests.py b/tests/signing/tests.py index 8e0cb0dc3b7..d0767c07038 100644 --- a/tests/signing/tests.py +++ b/tests/signing/tests.py @@ -49,6 +49,21 @@ class TestSigner(SimpleTestCase): self.assertNotEqual(example, signed) self.assertEqual(example, signer.unsign(signed)) + def test_sign_unsign_non_string(self): + signer = signing.Signer('predictable-secret') + values = [ + 123, + 1.23, + True, + datetime.date.today(), + ] + for value in values: + with self.subTest(value): + signed = signer.sign(value) + self.assertIsInstance(signed, str) + self.assertNotEqual(signed, value) + self.assertEqual(signer.unsign(signed), str(value)) + def test_unsign_detects_tampering(self): "unsign should raise an exception if the value has been tampered with" signer = signing.Signer('predictable-secret')