diff options
| author | Guido van Rossum <guido@python.org> | 2011-03-29 19:55:41 (GMT) |
|---|---|---|
| committer | Guido van Rossum <guido@python.org> | 2011-03-29 19:55:41 (GMT) |
| commit | acb63092b7966f6329c337960729559e1c503364 (patch) | |
| tree | 081d5ec51f720cf0c336b6cd0af958b36aeb286d /Lib/test | |
| parent | ad45bfe2d390eb94cf6d0e91b97c1db4bef2a2a9 (diff) | |
| parent | a119df91f33724f64e6bc1ecb484eeaa30ace014 (diff) | |
| download | cpython-acb63092b7966f6329c337960729559e1c503364.zip cpython-acb63092b7966f6329c337960729559e1c503364.tar.gz cpython-acb63092b7966f6329c337960729559e1c503364.tar.bz2 | |
Merge issue 11662.
Diffstat (limited to 'Lib/test')
| -rw-r--r-- | Lib/test/test_urllib.py | 16 | ||||
| -rw-r--r-- | Lib/test/test_urllib2.py | 24 |
2 files changed, 40 insertions, 0 deletions
diff --git a/Lib/test/test_urllib.py b/Lib/test/test_urllib.py index 422831e..2b88521 100644 --- a/Lib/test/test_urllib.py +++ b/Lib/test/test_urllib.py @@ -2,6 +2,7 @@ import urllib.parse import urllib.request +import urllib.error import http.client import email.message import io @@ -183,6 +184,21 @@ Content-Type: text/html; charset=iso-8859-1 finally: self.unfakehttp() + def test_invalid_redirect(self): + # urlopen() should raise IOError for many error codes. + self.fakehttp(b'''HTTP/1.1 302 Found +Date: Wed, 02 Jan 2008 03:03:54 GMT +Server: Apache/1.3.33 (Debian GNU/Linux) mod_ssl/2.8.22 OpenSSL/0.9.7e +Location: file://guidocomputer.athome.com:/python/license +Connection: close +Content-Type: text/html; charset=iso-8859-1 +''') + try: + self.assertRaises(urllib.error.HTTPError, urlopen, + "http://python.org/") + finally: + self.unfakehttp() + def test_empty_socket(self): # urlopen() raises IOError if the underlying socket does not send any # data. (#1680230) diff --git a/Lib/test/test_urllib2.py b/Lib/test/test_urllib2.py index 1704683..3fd7baa 100644 --- a/Lib/test/test_urllib2.py +++ b/Lib/test/test_urllib2.py @@ -9,6 +9,7 @@ import urllib.request # The proxy bypass method imported below has logic specific to the OSX # proxy config data structure but is testable on all platforms. from urllib.request import Request, OpenerDirector, _proxy_bypass_macosx_sysconf +import urllib.error # XXX # Request @@ -985,6 +986,29 @@ class HandlerTests(unittest.TestCase): self.assertEqual(count, urllib.request.HTTPRedirectHandler.max_redirections) + + def test_invalid_redirect(self): + from_url = "http://example.com/a.html" + valid_schemes = ['http','https','ftp'] + invalid_schemes = ['file','imap','ldap'] + schemeless_url = "example.com/b.html" + h = urllib.request.HTTPRedirectHandler() + o = h.parent = MockOpener() + req = Request(from_url) + req.timeout = socket._GLOBAL_DEFAULT_TIMEOUT + + for scheme in invalid_schemes: + invalid_url = scheme + '://' + schemeless_url + self.assertRaises(urllib.error.HTTPError, h.http_error_302, + req, MockFile(), 302, "Security Loophole", + MockHeaders({"location": invalid_url})) + + for scheme in valid_schemes: + valid_url = scheme + '://' + schemeless_url + h.http_error_302(req, MockFile(), 302, "That's fine", + MockHeaders({"location": valid_url})) + self.assertEqual(o.req.get_full_url(), valid_url) + def test_cookie_redirect(self): # cookies shouldn't leak into redirected requests from http.cookiejar import CookieJar |