Loading AUTHORS +1 −0 Original line number Diff line number Diff line Loading @@ -306,6 +306,7 @@ answer newbie questions, and generally made Django that much better: Garth Kidd <http://www.deadlybloodyserious.com/> kilian <kilian.cavalotti@lip6.fr> Sune Kirkeby <http://ibofobi.dk/> Hiroki Kiyohara <hirokiky@gmail.com> Bastian Kleineidam <calvin@debian.org> Cameron Knight (ckknight) Nena Kojadin <nena@kiberpipa.org> Loading django/contrib/auth/tests/decorators.py +1 −1 Original line number Diff line number Diff line Loading @@ -34,7 +34,7 @@ class LoginRequiredTestCase(AuthViewsTestCase): """ response = self.client.get(view_url) self.assertEqual(response.status_code, 302) self.assertTrue(login_url in response['Location']) self.assertTrue(login_url in response.url) self.login() response = self.client.get(view_url) self.assertEqual(response.status_code, 200) Loading django/contrib/auth/tests/views.py +14 −14 Original line number Diff line number Diff line Loading @@ -46,7 +46,7 @@ class AuthViewsTestCase(TestCase): 'password': password, }) self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith(settings.LOGIN_REDIRECT_URL)) self.assertTrue(response.url.endswith(settings.LOGIN_REDIRECT_URL)) self.assertTrue(SESSION_KEY in self.client.session) def assertContainsEscaped(self, response, text, **kwargs): Loading Loading @@ -281,7 +281,7 @@ class ChangePasswordTest(AuthViewsTestCase): 'new_password2': 'password1', }) self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/password_change/done/')) self.assertTrue(response.url.endswith('/password_change/done/')) self.fail_login() self.login(password='password1') Loading @@ -293,13 +293,13 @@ class ChangePasswordTest(AuthViewsTestCase): 'new_password2': 'password1', }) self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/password_change/done/')) self.assertTrue(response.url.endswith('/password_change/done/')) def test_password_change_done_fails(self): with self.settings(LOGIN_URL='/login/'): response = self.client.get('/password_change/done/') self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/login/?next=/password_change/done/')) self.assertTrue(response.url.endswith('/login/?next=/password_change/done/')) @skipIfCustomUser Loading Loading @@ -336,7 +336,7 @@ class LoginTest(AuthViewsTestCase): 'password': password, }) self.assertEqual(response.status_code, 302) self.assertFalse(bad_url in response['Location'], self.assertFalse(bad_url in response.url, "%s should be blocked" % bad_url) # These URLs *should* still pass the security check Loading @@ -357,7 +357,7 @@ class LoginTest(AuthViewsTestCase): 'password': password, }) self.assertEqual(response.status_code, 302) self.assertTrue(good_url in response['Location'], self.assertTrue(good_url in response.url, "%s should be allowed" % good_url) Loading @@ -376,7 +376,7 @@ class LoginURLSettings(AuthViewsTestCase): settings.LOGIN_URL = login_url response = self.client.get('/login_required/') self.assertEqual(response.status_code, 302) return response['Location'] return response.url def test_standard_login_url(self): login_url = '/login/' Loading Loading @@ -444,11 +444,11 @@ class LogoutTest(AuthViewsTestCase): self.login() response = self.client.get('/logout/next_page/') self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/somewhere/')) self.assertTrue(response.url.endswith('/somewhere/')) response = self.client.get('/logout/next_page/?next=/login/') self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/login/')) self.assertTrue(response.url.endswith('/login/')) self.confirm_logged_out() Loading @@ -457,7 +457,7 @@ class LogoutTest(AuthViewsTestCase): self.login() response = self.client.get('/logout/next_page/') self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/somewhere/')) self.assertTrue(response.url.endswith('/somewhere/')) self.confirm_logged_out() def test_logout_with_redirect_argument(self): Loading @@ -465,7 +465,7 @@ class LogoutTest(AuthViewsTestCase): self.login() response = self.client.get('/logout/?next=/login/') self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/login/')) self.assertTrue(response.url.endswith('/login/')) self.confirm_logged_out() def test_logout_with_custom_redirect_argument(self): Loading @@ -473,7 +473,7 @@ class LogoutTest(AuthViewsTestCase): self.login() response = self.client.get('/logout/custom_query/?follow=/somewhere/') self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/somewhere/')) self.assertTrue(response.url.endswith('/somewhere/')) self.confirm_logged_out() def test_security_check(self, password='password'): Loading @@ -492,7 +492,7 @@ class LogoutTest(AuthViewsTestCase): self.login() response = self.client.get(nasty_url) self.assertEqual(response.status_code, 302) self.assertFalse(bad_url in response['Location'], self.assertFalse(bad_url in response.url, "%s should be blocked" % bad_url) self.confirm_logged_out() Loading @@ -512,6 +512,6 @@ class LogoutTest(AuthViewsTestCase): self.login() response = self.client.get(safe_url) self.assertEqual(response.status_code, 302) self.assertTrue(good_url in response['Location'], self.assertTrue(good_url in response.url, "%s should be allowed" % good_url) self.confirm_logged_out() django/contrib/formtools/tests/wizard/namedwizardtests/tests.py +18 −18 Original line number Diff line number Diff line Loading @@ -21,7 +21,7 @@ class NamedWizardTests(object): def test_initial_call(self): response = self.client.get(reverse('%s_start' % self.wizard_urlname)) self.assertEqual(response.status_code, 302) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) wizard = response.context['wizard'] self.assertEqual(wizard['steps'].current, 'form1') Loading @@ -40,7 +40,7 @@ class NamedWizardTests(object): self.assertEqual(response.status_code, 302) # Test for proper redirect GET parameters location = response['Location'] location = response.url self.assertNotEqual(location.find('?'), -1) querydict = QueryDict(location[location.find('?') + 1:]) self.assertEqual(dict(querydict.items()), get_params) Loading @@ -60,7 +60,7 @@ class NamedWizardTests(object): response = self.client.post( reverse(self.wizard_urlname, kwargs={'step': 'form1'}), self.wizard_step_data[0]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) wizard = response.context['wizard'] Loading @@ -79,7 +79,7 @@ class NamedWizardTests(object): response = self.client.post( reverse(self.wizard_urlname, kwargs={'step': 'form1'}), self.wizard_step_data[0]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form2') Loading @@ -88,7 +88,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={ 'step': response.context['wizard']['steps'].current }), {'wizard_goto_step': response.context['wizard']['steps'].prev}) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form1') Loading Loading @@ -116,7 +116,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[0]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form2') Loading @@ -128,7 +128,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), post_data) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form3') Loading @@ -137,7 +137,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[2]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form4') Loading @@ -146,7 +146,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[3]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) all_data = response.context['form_list'] Loading @@ -169,7 +169,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[0]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) post_data = self.wizard_step_data[1] Loading @@ -178,7 +178,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), post_data) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) step2_url = reverse(self.wizard_urlname, kwargs={'step': 'form2'}) Loading @@ -194,14 +194,14 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[2]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) response = self.client.post( reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[3]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) all_data = response.context['all_cleaned_data'] Loading @@ -227,7 +227,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[0]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) post_data = self.wizard_step_data[1] Loading @@ -237,14 +237,14 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), post_data) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) response = self.client.post( reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[2]) loc = response['Location'] loc = response.url response = self.client.get(loc) self.assertEqual(response.status_code, 200, loc) Loading @@ -263,7 +263,7 @@ class NamedWizardTests(object): response = self.client.post( reverse(self.wizard_urlname, kwargs={'step': 'form1'}), self.wizard_step_data[0]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form2') Loading @@ -271,7 +271,7 @@ class NamedWizardTests(object): '%s?reset=1' % reverse('%s_start' % self.wizard_urlname)) self.assertEqual(response.status_code, 302) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form1') Loading django/http/response.py +2 −0 Original line number Diff line number Diff line Loading @@ -392,6 +392,8 @@ class HttpResponseRedirectBase(HttpResponse): super(HttpResponseRedirectBase, self).__init__(*args, **kwargs) self['Location'] = iri_to_uri(redirect_to) url = property(lambda self: self['Location']) class HttpResponseRedirect(HttpResponseRedirectBase): status_code = 302 Loading Loading
AUTHORS +1 −0 Original line number Diff line number Diff line Loading @@ -306,6 +306,7 @@ answer newbie questions, and generally made Django that much better: Garth Kidd <http://www.deadlybloodyserious.com/> kilian <kilian.cavalotti@lip6.fr> Sune Kirkeby <http://ibofobi.dk/> Hiroki Kiyohara <hirokiky@gmail.com> Bastian Kleineidam <calvin@debian.org> Cameron Knight (ckknight) Nena Kojadin <nena@kiberpipa.org> Loading
django/contrib/auth/tests/decorators.py +1 −1 Original line number Diff line number Diff line Loading @@ -34,7 +34,7 @@ class LoginRequiredTestCase(AuthViewsTestCase): """ response = self.client.get(view_url) self.assertEqual(response.status_code, 302) self.assertTrue(login_url in response['Location']) self.assertTrue(login_url in response.url) self.login() response = self.client.get(view_url) self.assertEqual(response.status_code, 200) Loading
django/contrib/auth/tests/views.py +14 −14 Original line number Diff line number Diff line Loading @@ -46,7 +46,7 @@ class AuthViewsTestCase(TestCase): 'password': password, }) self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith(settings.LOGIN_REDIRECT_URL)) self.assertTrue(response.url.endswith(settings.LOGIN_REDIRECT_URL)) self.assertTrue(SESSION_KEY in self.client.session) def assertContainsEscaped(self, response, text, **kwargs): Loading Loading @@ -281,7 +281,7 @@ class ChangePasswordTest(AuthViewsTestCase): 'new_password2': 'password1', }) self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/password_change/done/')) self.assertTrue(response.url.endswith('/password_change/done/')) self.fail_login() self.login(password='password1') Loading @@ -293,13 +293,13 @@ class ChangePasswordTest(AuthViewsTestCase): 'new_password2': 'password1', }) self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/password_change/done/')) self.assertTrue(response.url.endswith('/password_change/done/')) def test_password_change_done_fails(self): with self.settings(LOGIN_URL='/login/'): response = self.client.get('/password_change/done/') self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/login/?next=/password_change/done/')) self.assertTrue(response.url.endswith('/login/?next=/password_change/done/')) @skipIfCustomUser Loading Loading @@ -336,7 +336,7 @@ class LoginTest(AuthViewsTestCase): 'password': password, }) self.assertEqual(response.status_code, 302) self.assertFalse(bad_url in response['Location'], self.assertFalse(bad_url in response.url, "%s should be blocked" % bad_url) # These URLs *should* still pass the security check Loading @@ -357,7 +357,7 @@ class LoginTest(AuthViewsTestCase): 'password': password, }) self.assertEqual(response.status_code, 302) self.assertTrue(good_url in response['Location'], self.assertTrue(good_url in response.url, "%s should be allowed" % good_url) Loading @@ -376,7 +376,7 @@ class LoginURLSettings(AuthViewsTestCase): settings.LOGIN_URL = login_url response = self.client.get('/login_required/') self.assertEqual(response.status_code, 302) return response['Location'] return response.url def test_standard_login_url(self): login_url = '/login/' Loading Loading @@ -444,11 +444,11 @@ class LogoutTest(AuthViewsTestCase): self.login() response = self.client.get('/logout/next_page/') self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/somewhere/')) self.assertTrue(response.url.endswith('/somewhere/')) response = self.client.get('/logout/next_page/?next=/login/') self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/login/')) self.assertTrue(response.url.endswith('/login/')) self.confirm_logged_out() Loading @@ -457,7 +457,7 @@ class LogoutTest(AuthViewsTestCase): self.login() response = self.client.get('/logout/next_page/') self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/somewhere/')) self.assertTrue(response.url.endswith('/somewhere/')) self.confirm_logged_out() def test_logout_with_redirect_argument(self): Loading @@ -465,7 +465,7 @@ class LogoutTest(AuthViewsTestCase): self.login() response = self.client.get('/logout/?next=/login/') self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/login/')) self.assertTrue(response.url.endswith('/login/')) self.confirm_logged_out() def test_logout_with_custom_redirect_argument(self): Loading @@ -473,7 +473,7 @@ class LogoutTest(AuthViewsTestCase): self.login() response = self.client.get('/logout/custom_query/?follow=/somewhere/') self.assertEqual(response.status_code, 302) self.assertTrue(response['Location'].endswith('/somewhere/')) self.assertTrue(response.url.endswith('/somewhere/')) self.confirm_logged_out() def test_security_check(self, password='password'): Loading @@ -492,7 +492,7 @@ class LogoutTest(AuthViewsTestCase): self.login() response = self.client.get(nasty_url) self.assertEqual(response.status_code, 302) self.assertFalse(bad_url in response['Location'], self.assertFalse(bad_url in response.url, "%s should be blocked" % bad_url) self.confirm_logged_out() Loading @@ -512,6 +512,6 @@ class LogoutTest(AuthViewsTestCase): self.login() response = self.client.get(safe_url) self.assertEqual(response.status_code, 302) self.assertTrue(good_url in response['Location'], self.assertTrue(good_url in response.url, "%s should be allowed" % good_url) self.confirm_logged_out()
django/contrib/formtools/tests/wizard/namedwizardtests/tests.py +18 −18 Original line number Diff line number Diff line Loading @@ -21,7 +21,7 @@ class NamedWizardTests(object): def test_initial_call(self): response = self.client.get(reverse('%s_start' % self.wizard_urlname)) self.assertEqual(response.status_code, 302) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) wizard = response.context['wizard'] self.assertEqual(wizard['steps'].current, 'form1') Loading @@ -40,7 +40,7 @@ class NamedWizardTests(object): self.assertEqual(response.status_code, 302) # Test for proper redirect GET parameters location = response['Location'] location = response.url self.assertNotEqual(location.find('?'), -1) querydict = QueryDict(location[location.find('?') + 1:]) self.assertEqual(dict(querydict.items()), get_params) Loading @@ -60,7 +60,7 @@ class NamedWizardTests(object): response = self.client.post( reverse(self.wizard_urlname, kwargs={'step': 'form1'}), self.wizard_step_data[0]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) wizard = response.context['wizard'] Loading @@ -79,7 +79,7 @@ class NamedWizardTests(object): response = self.client.post( reverse(self.wizard_urlname, kwargs={'step': 'form1'}), self.wizard_step_data[0]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form2') Loading @@ -88,7 +88,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={ 'step': response.context['wizard']['steps'].current }), {'wizard_goto_step': response.context['wizard']['steps'].prev}) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form1') Loading Loading @@ -116,7 +116,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[0]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form2') Loading @@ -128,7 +128,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), post_data) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form3') Loading @@ -137,7 +137,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[2]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form4') Loading @@ -146,7 +146,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[3]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) all_data = response.context['form_list'] Loading @@ -169,7 +169,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[0]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) post_data = self.wizard_step_data[1] Loading @@ -178,7 +178,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), post_data) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) step2_url = reverse(self.wizard_urlname, kwargs={'step': 'form2'}) Loading @@ -194,14 +194,14 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[2]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) response = self.client.post( reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[3]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) all_data = response.context['all_cleaned_data'] Loading @@ -227,7 +227,7 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[0]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) post_data = self.wizard_step_data[1] Loading @@ -237,14 +237,14 @@ class NamedWizardTests(object): reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), post_data) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) response = self.client.post( reverse(self.wizard_urlname, kwargs={'step': response.context['wizard']['steps'].current}), self.wizard_step_data[2]) loc = response['Location'] loc = response.url response = self.client.get(loc) self.assertEqual(response.status_code, 200, loc) Loading @@ -263,7 +263,7 @@ class NamedWizardTests(object): response = self.client.post( reverse(self.wizard_urlname, kwargs={'step': 'form1'}), self.wizard_step_data[0]) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form2') Loading @@ -271,7 +271,7 @@ class NamedWizardTests(object): '%s?reset=1' % reverse('%s_start' % self.wizard_urlname)) self.assertEqual(response.status_code, 302) response = self.client.get(response['Location']) response = self.client.get(response.url) self.assertEqual(response.status_code, 200) self.assertEqual(response.context['wizard']['steps'].current, 'form1') Loading
django/http/response.py +2 −0 Original line number Diff line number Diff line Loading @@ -392,6 +392,8 @@ class HttpResponseRedirectBase(HttpResponse): super(HttpResponseRedirectBase, self).__init__(*args, **kwargs) self['Location'] = iri_to_uri(redirect_to) url = property(lambda self: self['Location']) class HttpResponseRedirect(HttpResponseRedirectBase): status_code = 302 Loading
