diff options
author | Lukas Klein <lukas@productgang.com> | 2015-02-11 11:09:51 +0100 |
---|---|---|
committer | Claude Paroz <claude@2xlibre.net> | 2015-02-12 08:58:35 +0100 |
commit | 93b3ef9b2e191101c1a49b332d042864df74a658 (patch) | |
tree | 76f808a071a245f199e9d7de29813ead1800587c /tests/utils_tests/test_http.py | |
parent | e2d6e14662d780383e18066a3182155fb5b7747b (diff) | |
download | django-93b3ef9b2e191101c1a49b332d042864df74a658.tar.gz |
Fixed #24321 -- Improved `utils.http.same_origin` compliance with RFC6454
Diffstat (limited to 'tests/utils_tests/test_http.py')
-rw-r--r-- | tests/utils_tests/test_http.py | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/tests/utils_tests/test_http.py b/tests/utils_tests/test_http.py index 19bfa79f1a..7e48fe70a7 100644 --- a/tests/utils_tests/test_http.py +++ b/tests/utils_tests/test_http.py @@ -18,6 +18,9 @@ class TestUtilsHttp(unittest.TestCase): self.assertTrue(http.same_origin('http://foo.com/', 'http://foo.com')) # With port self.assertTrue(http.same_origin('https://foo.com:8000', 'https://foo.com:8000/')) + # No port given but according to RFC6454 still the same origin + self.assertTrue(http.same_origin('http://foo.com', 'http://foo.com:80/')) + self.assertTrue(http.same_origin('https://foo.com', 'https://foo.com:443/')) def test_same_origin_false(self): # Different scheme @@ -28,6 +31,9 @@ class TestUtilsHttp(unittest.TestCase): self.assertFalse(http.same_origin('http://foo.com', 'http://foo.com.evil.com')) # Different port self.assertFalse(http.same_origin('http://foo.com:8000', 'http://foo.com:8001')) + # No port given + self.assertFalse(http.same_origin('http://foo.com', 'http://foo.com:8000/')) + self.assertFalse(http.same_origin('https://foo.com', 'https://foo.com:8000/')) def test_urlencode(self): # 2-tuples (the norm) |