Show More
| @@ -1,45 +1,40 b'' | |||||
| 1 |
|
||||
| 2 |
|
||||
| 3 |
|
|
1 | # Copyright (C) 2016-2023 RhodeCode GmbH | |
| 4 | # |
|
2 | # | |
| 5 | # This program is free software: you can redistribute it and/or modify |
|
3 | # This program is free software: you can redistribute it and/or modify | |
| 6 | # it under the terms of the GNU Affero General Public License, version 3 |
|
4 | # it under the terms of the GNU Affero General Public License, version 3 | |
| 7 | # (only), as published by the Free Software Foundation. |
|
5 | # (only), as published by the Free Software Foundation. | |
| 8 | # |
|
6 | # | |
| 9 | # This program is distributed in the hope that it will be useful, |
|
7 | # This program is distributed in the hope that it will be useful, | |
| 10 | # but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
8 | # but WITHOUT ANY WARRANTY; without even the implied warranty of | |
| 11 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
9 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
| 12 | # GNU General Public License for more details. |
|
10 | # GNU General Public License for more details. | |
| 13 | # |
|
11 | # | |
| 14 | # You should have received a copy of the GNU Affero General Public License |
|
12 | # You should have received a copy of the GNU Affero General Public License | |
| 15 | # along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
13 | # along with this program. If not, see <http://www.gnu.org/licenses/>. | |
| 16 | # |
|
14 | # | |
| 17 | # This program is dual-licensed. If you wish to learn more about the |
|
15 | # This program is dual-licensed. If you wish to learn more about the | |
| 18 | # RhodeCode Enterprise Edition, including its added features, Support services, |
|
16 | # RhodeCode Enterprise Edition, including its added features, Support services, | |
| 19 | # and proprietary license terms, please see https://rhodecode.com/licenses/ |
|
17 | # and proprietary license terms, please see https://rhodecode.com/licenses/ | |
| 20 |
|
18 | |||
| 21 | import pytest |
|
|||
| 22 |
|
||||
| 23 | from rhodecode.tests import TestController |
|
19 | from rhodecode.tests import TestController | |
| 24 | from rhodecode.tests.fixture import Fixture |
|
|||
| 25 |
|
20 | |||
| 26 |
|
21 | |||
| 27 | class TestBadRequestData(TestController): |
|
22 | class TestBadRequestData(TestController): | |
| 28 |
|
23 | |||
| 29 | def test_bad_get_data(self): |
|
24 | def test_bad_get_data(self): | |
| 30 | self.app.get( |
|
25 | self.app.get( | |
| 31 | '/', params={'f\xfc': '\xfc%f6%22%20onmouseover%3dveA2(9352)%20'}, |
|
26 | '/', params={'f\xfc': '\xfc%f6%22%20onmouseover%3dveA2(9352)%20'}, | |
| 32 |
status= |
|
27 | status=200) | |
| 33 |
|
28 | |||
| 34 | def test_bad_url_data(self): |
|
29 | def test_bad_url_data(self): | |
| 35 | self.app.post( |
|
30 | self.app.post( | |
| 36 | '/f\xfc', |
|
31 | '/f\xfc', | |
| 37 |
status=40 |
|
32 | status=404) | |
| 38 |
|
33 | |||
| 39 | def test_bad_post_data(self, csrf_token, xhr_header): |
|
34 | def test_bad_post_data(self, csrf_token, xhr_header): | |
| 40 | self.app.post( |
|
35 | self.app.post( | |
| 41 | '/_markup_preview', |
|
36 | '/_markup_preview', | |
| 42 | params={'f\xfc': '\xfc%f6%22%20onmouseover%3dveA2(9352)%20', |
|
37 | params={'f\xfc': '\xfc%f6%22%20onmouseover%3dveA2(9352)%20', | |
| 43 | 'csrf_token': csrf_token}, |
|
38 | 'csrf_token': csrf_token}, | |
| 44 | extra_environ=xhr_header, |
|
39 | extra_environ=xhr_header, | |
| 45 |
status= |
|
40 | status=200) | |
General Comments 0
You need to be logged in to leave comments.
Login now