test0908
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Used None-related assertions in CSRF tests 

Thanks Markus Holtermann for spotting this.
This commit is contained in:
Claude Paroz 2015-01-06 08:48:01 +01:00
parent 27dd7e7271
commit 011f21b4fa
1 changed files with 11 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
tests/csrf_tests/tests.py
View File

@ -166,7 +166,7 @@ class CsrfViewMiddlewareTest(TestCase):
""" """
req = self._get_POST_request_with_token() req = self._get_POST_request_with_token()
req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {})
self.assertEqual(None, req2) self.assertIsNone(req2)
def test_process_request_csrf_cookie_no_token_exempt_view(self): def test_process_request_csrf_cookie_no_token_exempt_view(self):
""" """
@ -175,7 +175,7 @@ class CsrfViewMiddlewareTest(TestCase):
""" """
req = self._get_POST_csrf_cookie_request() req = self._get_POST_csrf_cookie_request()
req2 = CsrfViewMiddleware().process_view(req, csrf_exempt(post_form_view), (), {}) req2 = CsrfViewMiddleware().process_view(req, csrf_exempt(post_form_view), (), {})
self.assertEqual(None, req2) self.assertIsNone(req2)
def test_csrf_token_in_header(self): def test_csrf_token_in_header(self):
""" """
@ -184,7 +184,7 @@ class CsrfViewMiddlewareTest(TestCase):
req = self._get_POST_csrf_cookie_request() req = self._get_POST_csrf_cookie_request()
req.META['HTTP_X_CSRFTOKEN'] = self._csrf_id req.META['HTTP_X_CSRFTOKEN'] = self._csrf_id
req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {})
self.assertEqual(None, req2) self.assertIsNone(req2)
def test_put_and_delete_rejected(self): def test_put_and_delete_rejected(self):
""" """
@ -209,13 +209,13 @@ class CsrfViewMiddlewareTest(TestCase):
req.method = 'PUT' req.method = 'PUT'
req.META['HTTP_X_CSRFTOKEN'] = self._csrf_id req.META['HTTP_X_CSRFTOKEN'] = self._csrf_id
req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {})
self.assertEqual(None, req2) self.assertIsNone(req2)
req = self._get_GET_csrf_cookie_request() req = self._get_GET_csrf_cookie_request()
req.method = 'DELETE' req.method = 'DELETE'
req.META['HTTP_X_CSRFTOKEN'] = self._csrf_id req.META['HTTP_X_CSRFTOKEN'] = self._csrf_id
req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {})
self.assertEqual(None, req2) self.assertIsNone(req2)
# Tests for the template tag method # Tests for the template tag method
def test_token_node_no_csrf_cookie(self): def test_token_node_no_csrf_cookie(self):
@ -285,7 +285,7 @@ class CsrfViewMiddlewareTest(TestCase):
req.META['HTTP_HOST'] = 'www.example.com' req.META['HTTP_HOST'] = 'www.example.com'
req.META['HTTP_REFERER'] = 'https://www.evil.org/somepage' req.META['HTTP_REFERER'] = 'https://www.evil.org/somepage'
req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {})
self.assertNotEqual(None, req2) self.assertIsNotNone(req2)
self.assertEqual(403, req2.status_code) self.assertEqual(403, req2.status_code)
@override_settings(ALLOWED_HOSTS=['www.example.com']) @override_settings(ALLOWED_HOSTS=['www.example.com'])
@ -298,12 +298,12 @@ class CsrfViewMiddlewareTest(TestCase):
req.META['HTTP_HOST'] = 'www.example.com' req.META['HTTP_HOST'] = 'www.example.com'
req.META['HTTP_REFERER'] = 'http://http://www.example.com/' req.META['HTTP_REFERER'] = 'http://http://www.example.com/'
req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {})
self.assertNotEqual(None, req2) self.assertIsNotNone(req2)
self.assertEqual(403, req2.status_code) self.assertEqual(403, req2.status_code)
# Non-ASCII # Non-ASCII
req.META['HTTP_REFERER'] = b'\xd8B\xf6I\xdf' req.META['HTTP_REFERER'] = b'\xd8B\xf6I\xdf'
req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {})
self.assertNotEqual(None, req2) self.assertIsNotNone(req2)
self.assertEqual(403, req2.status_code) self.assertEqual(403, req2.status_code)
@override_settings(ALLOWED_HOSTS=['www.example.com']) @override_settings(ALLOWED_HOSTS=['www.example.com'])
@ -316,7 +316,7 @@ class CsrfViewMiddlewareTest(TestCase):
req.META['HTTP_HOST'] = 'www.example.com' req.META['HTTP_HOST'] = 'www.example.com'
req.META['HTTP_REFERER'] = 'https://www.example.com/somepage' req.META['HTTP_REFERER'] = 'https://www.example.com/somepage'
req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {})
self.assertEqual(None, req2) self.assertIsNone(req2)
@override_settings(ALLOWED_HOSTS=['www.example.com']) @override_settings(ALLOWED_HOSTS=['www.example.com'])
def test_https_good_referer_2(self): def test_https_good_referer_2(self):
@ -330,7 +330,7 @@ class CsrfViewMiddlewareTest(TestCase):
req.META['HTTP_HOST'] = 'www.example.com' req.META['HTTP_HOST'] = 'www.example.com'
req.META['HTTP_REFERER'] = 'https://www.example.com' req.META['HTTP_REFERER'] = 'https://www.example.com'
req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {})
self.assertEqual(None, req2) self.assertIsNone(req2)
def test_ensures_csrf_cookie_no_middleware(self): def test_ensures_csrf_cookie_no_middleware(self):
""" """
@ -469,7 +469,7 @@ class CsrfViewMiddlewareTest(TestCase):
req = CsrfPostRequest(token, raise_error=False) req = CsrfPostRequest(token, raise_error=False)
resp = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) resp = CsrfViewMiddleware().process_view(req, post_form_view, (), {})
self.assertEqual(resp, None) self.assertIsNone(resp)
req = CsrfPostRequest(token, raise_error=True) req = CsrfPostRequest(token, raise_error=True)
resp = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) resp = CsrfViewMiddleware().process_view(req, post_form_view, (), {})