0001-misc-don-t-crash-storing-unicode-passwords-for-logge.patch
tests/test_form_pages.py | ||
---|---|---|
1772 | 1772 |
formdata.store() |
1773 | 1773 |
resp = login(get_app(pub), 'foo', 'foo').get('/test/%s' % formdata.id, status=403) |
1774 | 1774 | |
1775 |
def form_password_field_submit(pub, password): |
|
1776 |
password = unicode(password).encode(pub.site_charset) |
|
1775 |
def form_password_field_submit(app, password): |
|
1777 | 1776 |
formdef = create_formdef() |
1778 | 1777 |
formdef.fields = [fields.PasswordField(id='0', label='password', |
1779 | 1778 |
formats=['sha1', 'md5', 'cleartext'])] |
1780 | 1779 |
formdef.store() |
1781 |
page = get_app(pub).get('/test/')
|
|
1780 |
page = app.get('/test/')
|
|
1782 | 1781 |
formdef.data_class().wipe() |
1783 | 1782 |
next_page = page.forms[0].submit('submit') # but the field is required |
1784 | 1783 |
assert '<div class="error">required field</div>' in next_page.body |
... | ... | |
1800 | 1799 |
}} |
1801 | 1800 | |
1802 | 1801 |
def test_form_password_field_submit(pub): |
1803 |
form_password_field_submit(pub, 'foobar') |
|
1804 |
form_password_field_submit(pub, u'foobar\u00eb') |
|
1802 |
user = create_user(pub) |
|
1803 |
form_password_field_submit(get_app(pub), 'foobar') |
|
1804 |
form_password_field_submit(get_app(pub), 'foobar\u00eb') |
|
1805 |
form_password_field_submit(login(get_app(pub), username='foo', password='foo'), 'foobar\u00eb') |
|
1805 | 1806 | |
1806 | 1807 |
def test_form_multi_page_formdef_count_condition(pub): |
1807 | 1808 |
formdef = create_formdef() |
wcs/qommon/form.py | ||
---|---|---|
2167 | 2167 |
self.value = {} |
2168 | 2168 |
for fmt in self.formats: |
2169 | 2169 |
self.value[fmt] = PASSWORD_FORMATS[fmt](pwd1) |
2170 |
print 'parsed:', self.value |
|
2170 | 2171 |
else: |
2171 | 2172 |
self.value = None |
2172 | 2173 |
wcs/sql.py | ||
---|---|---|
248 | 248 |
return value |
249 | 249 |
return value.encode(get_publisher().site_charset) |
250 | 250 | |
251 |
def site_unicode(value): |
|
252 |
if not isinstance(value, basestring): |
|
253 |
value = unicode(value) |
|
254 |
if isinstance(value, unicode): |
|
255 |
return value |
|
256 |
return unicode(value, get_publisher().site_charset) |
|
251 | 257 | |
252 | 258 |
def get_connection(new=False): |
253 | 259 |
if new: |
... | ... | |
1072 | 1078 |
if value is not None: |
1073 | 1079 |
if field.key in ('ranked-items', 'password'): |
1074 | 1080 |
# turn {'poire': 2, 'abricot': 1, 'pomme': 3} into an array |
1075 |
value = [[x, unicode(y).encode('utf-8')] for x, y in value.items()] |
|
1081 |
value = [[x, site_unicode(y).encode('utf-8')] for x, y in value.items()]
|
|
1076 | 1082 |
elif sql_type == 'varchar': |
1077 | 1083 |
assert isinstance(value, basestring) |
1078 | 1084 |
elif sql_type == 'date': |
1079 |
- |