summaryrefslogtreecommitdiff
path: root/tests/utils_tests/test_http.py
diff options
context:
space:
mode:
authorLukas Klein <lukas@productgang.com>2015-02-11 11:09:51 +0100
committerClaude Paroz <claude@2xlibre.net>2015-02-12 08:58:35 +0100
commit93b3ef9b2e191101c1a49b332d042864df74a658 (patch)
tree76f808a071a245f199e9d7de29813ead1800587c /tests/utils_tests/test_http.py
parente2d6e14662d780383e18066a3182155fb5b7747b (diff)
downloaddjango-93b3ef9b2e191101c1a49b332d042864df74a658.tar.gz
Fixed #24321 -- Improved `utils.http.same_origin` compliance with RFC6454
Diffstat (limited to 'tests/utils_tests/test_http.py')
-rw-r--r--tests/utils_tests/test_http.py6
1 files changed, 6 insertions, 0 deletions
diff --git a/tests/utils_tests/test_http.py b/tests/utils_tests/test_http.py
index 19bfa79f1a..7e48fe70a7 100644
--- a/tests/utils_tests/test_http.py
+++ b/tests/utils_tests/test_http.py
@@ -18,6 +18,9 @@ class TestUtilsHttp(unittest.TestCase):
self.assertTrue(http.same_origin('http://foo.com/', 'http://foo.com'))
# With port
self.assertTrue(http.same_origin('https://foo.com:8000', 'https://foo.com:8000/'))
+ # No port given but according to RFC6454 still the same origin
+ self.assertTrue(http.same_origin('http://foo.com', 'http://foo.com:80/'))
+ self.assertTrue(http.same_origin('https://foo.com', 'https://foo.com:443/'))
def test_same_origin_false(self):
# Different scheme
@@ -28,6 +31,9 @@ class TestUtilsHttp(unittest.TestCase):
self.assertFalse(http.same_origin('http://foo.com', 'http://foo.com.evil.com'))
# Different port
self.assertFalse(http.same_origin('http://foo.com:8000', 'http://foo.com:8001'))
+ # No port given
+ self.assertFalse(http.same_origin('http://foo.com', 'http://foo.com:8000/'))
+ self.assertFalse(http.same_origin('https://foo.com', 'https://foo.com:8000/'))
def test_urlencode(self):
# 2-tuples (the norm)
View Lorry Controller Status