0001-misc-don-t-crash-storing-unicode-passwords-for-logge.patch
| tests/test_form_pages.py | ||
|---|---|---|
| 1772 | 1772 |
formdata.store() |
| 1773 | 1773 |
resp = login(get_app(pub), 'foo', 'foo').get('/test/%s' % formdata.id, status=403)
|
| 1774 | 1774 | |
| 1775 |
def form_password_field_submit(pub, password): |
|
| 1776 |
password = unicode(password).encode(pub.site_charset) |
|
| 1775 |
def form_password_field_submit(app, password): |
|
| 1777 | 1776 |
formdef = create_formdef() |
| 1778 | 1777 |
formdef.fields = [fields.PasswordField(id='0', label='password', |
| 1779 | 1778 |
formats=['sha1', 'md5', 'cleartext'])] |
| 1780 | 1779 |
formdef.store() |
| 1781 |
page = get_app(pub).get('/test/')
|
|
| 1780 |
page = app.get('/test/')
|
|
| 1782 | 1781 |
formdef.data_class().wipe() |
| 1783 | 1782 |
next_page = page.forms[0].submit('submit') # but the field is required
|
| 1784 | 1783 |
assert '<div class="error">required field</div>' in next_page.body |
| ... | ... | |
| 1800 | 1799 |
}} |
| 1801 | 1800 | |
| 1802 | 1801 |
def test_form_password_field_submit(pub): |
| 1803 |
form_password_field_submit(pub, 'foobar') |
|
| 1804 |
form_password_field_submit(pub, u'foobar\u00eb') |
|
| 1802 |
user = create_user(pub) |
|
| 1803 |
form_password_field_submit(get_app(pub), 'foobar') |
|
| 1804 |
form_password_field_submit(get_app(pub), 'foobar\u00eb') |
|
| 1805 |
form_password_field_submit(login(get_app(pub), username='foo', password='foo'), 'foobar\u00eb') |
|
| 1805 | 1806 | |
| 1806 | 1807 |
def test_form_multi_page_formdef_count_condition(pub): |
| 1807 | 1808 |
formdef = create_formdef() |
| wcs/qommon/form.py | ||
|---|---|---|
| 2167 | 2167 |
self.value = {}
|
| 2168 | 2168 |
for fmt in self.formats: |
| 2169 | 2169 |
self.value[fmt] = PASSWORD_FORMATS[fmt](pwd1) |
| 2170 |
print 'parsed:', self.value |
|
| 2170 | 2171 |
else: |
| 2171 | 2172 |
self.value = None |
| 2172 | 2173 | |
| wcs/sql.py | ||
|---|---|---|
| 248 | 248 |
return value |
| 249 | 249 |
return value.encode(get_publisher().site_charset) |
| 250 | 250 | |
| 251 |
def site_unicode(value): |
|
| 252 |
if isinstance(value, unicode): |
|
| 253 |
return value |
|
| 254 |
return unicode(value, get_publisher().site_charset) |
|
| 251 | 255 | |
| 252 | 256 |
def get_connection(new=False): |
| 253 | 257 |
if new: |
| ... | ... | |
| 1072 | 1076 |
if value is not None: |
| 1073 | 1077 |
if field.key in ('ranked-items', 'password'):
|
| 1074 | 1078 |
# turn {'poire': 2, 'abricot': 1, 'pomme': 3} into an array
|
| 1075 |
value = [[x, unicode(y).encode('utf-8')] for x, y in value.items()]
|
|
| 1079 |
value = [[x, site_unicode(y).encode('utf-8')] for x, y in value.items()]
|
|
| 1076 | 1080 |
elif sql_type == 'varchar': |
| 1077 | 1081 |
assert isinstance(value, basestring) |
| 1078 | 1082 |
elif sql_type == 'date': |
| 1079 |
- |
|