Accueil Explorer Aide
Connexion
CityApper
/
django
miroir de https://github.com/django/django
2
0
Fork 0
Fichiers Tickets 0 Wiki
Aborescence: 9a56b4b13e
Branches Tags
django
/
tests
/
responses
/
test_cookie.py

test_cookie.py 5.0 KB
Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117 
  1. import time
    2. 

  2. from datetime import datetime, timedelta
    3. 

  3. from http import cookies
    4. 

  4. 

  5. from django.http import HttpResponse
    6. 

  6. from django.test import SimpleTestCase
    7. 

  7. from django.test.utils import freeze_time
    8. 

  8. from django.utils.http import http_date
    9. 

  9. from django.utils.timezone import utc
    10. 

  10. 

  11. 

  12. class SetCookieTests(SimpleTestCase):
    13. 

  13. 

  14.     def test_near_expiration(self):
    15. 

  15.         """Cookie will expire when a near expiration time is provided."""
    16. 

  16.         response = HttpResponse()
    17. 

  17.         # There's a timing weakness in this test; The expected result for
    18. 

  18.         # max-age requires that there be a very slight difference between the
    19. 

  19.         # evaluated expiration time and the time evaluated in set_cookie(). If
    20. 

  20.         # this difference doesn't exist, the cookie time will be 1 second
    21. 

  21.         # larger. The sleep guarantees that there will be a time difference.
    22. 

  22.         expires = datetime.utcnow() + timedelta(seconds=10)
    23. 

  23.         time.sleep(0.001)
    24. 

  24.         response.set_cookie('datetime', expires=expires)
    25. 

  25.         datetime_cookie = response.cookies['datetime']
    26. 

  26.         self.assertEqual(datetime_cookie['max-age'], 10)
    27. 

  27. 

  28.     def test_aware_expiration(self):
    29. 

  29.         """set_cookie() accepts an aware datetime as expiration time."""
    30. 

  30.         response = HttpResponse()
    31. 

  31.         expires = (datetime.utcnow() + timedelta(seconds=10)).replace(tzinfo=utc)
    32. 

  32.         time.sleep(0.001)
    33. 

  33.         response.set_cookie('datetime', expires=expires)
    34. 

  34.         datetime_cookie = response.cookies['datetime']
    35. 

  35.         self.assertEqual(datetime_cookie['max-age'], 10)
    36. 

  36. 

  37.     def test_create_cookie_after_deleting_cookie(self):
    38. 

  38.         """Setting a cookie after deletion clears the expiry date."""
    39. 

  39.         response = HttpResponse()
    40. 

  40.         response.set_cookie('c', 'old-value')
    41. 

  41.         self.assertEqual(response.cookies['c']['expires'], '')
    42. 

  42.         response.delete_cookie('c')
    43. 

  43.         self.assertEqual(response.cookies['c']['expires'], 'Thu, 01 Jan 1970 00:00:00 GMT')
    44. 

  44.         response.set_cookie('c', 'new-value')
    45. 

  45.         self.assertEqual(response.cookies['c']['expires'], '')
    46. 

  46. 

  47.     def test_far_expiration(self):
    48. 

  48.         """Cookie will expire when a distant expiration time is provided."""
    49. 

  49.         response = HttpResponse()
    50. 

  50.         response.set_cookie('datetime', expires=datetime(2028, 1, 1, 4, 5, 6))
    51. 

  51.         datetime_cookie = response.cookies['datetime']
    52. 

  52.         self.assertIn(
    53. 

  53.             datetime_cookie['expires'],
    54. 

  54.             # assertIn accounts for slight time dependency (#23450)
    55. 

  55.             ('Sat, 01 Jan 2028 04:05:06 GMT', 'Sat, 01 Jan 2028 04:05:07 GMT')
    56. 

  56.         )
    57. 

  57. 

  58.     def test_max_age_expiration(self):
    59. 

  59.         """Cookie will expire if max_age is provided."""
    60. 

  60.         response = HttpResponse()
    61. 

  61.         set_cookie_time = time.time()
    62. 

  62.         with freeze_time(set_cookie_time):
    63. 

  63.             response.set_cookie('max_age', max_age=10)
    64. 

  64.         max_age_cookie = response.cookies['max_age']
    65. 

  65.         self.assertEqual(max_age_cookie['max-age'], 10)
    66. 

  66.         self.assertEqual(max_age_cookie['expires'], http_date(set_cookie_time + 10))
    67. 

  67. 

  68.     def test_httponly_cookie(self):
    69. 

  69.         response = HttpResponse()
    70. 

  70.         response.set_cookie('example', httponly=True)
    71. 

  71.         example_cookie = response.cookies['example']
    72. 

  72.         self.assertIn('; %s' % cookies.Morsel._reserved['httponly'], str(example_cookie))
    73. 

  73.         self.assertIs(example_cookie['httponly'], True)
    74. 

  74. 

  75.     def test_unicode_cookie(self):
    76. 

  76.         """HttpResponse.set_cookie() works with unicode data."""
    77. 

  77.         response = HttpResponse()
    78. 

  78.         cookie_value = '清風'
    79. 

  79.         response.set_cookie('test', cookie_value)
    80. 

  80.         self.assertEqual(response.cookies['test'].value, cookie_value)
    81. 

  81. 

  82.     def test_samesite(self):
    83. 

  83.         response = HttpResponse()
    84. 

  84.         response.set_cookie('example', samesite='Lax')
    85. 

  85.         self.assertEqual(response.cookies['example']['samesite'], 'Lax')
    86. 

  86.         response.set_cookie('example', samesite='strict')
    87. 

  87.         self.assertEqual(response.cookies['example']['samesite'], 'strict')
    88. 

  88. 

  89.     def test_invalid_samesite(self):
    90. 

  90.         with self.assertRaisesMessage(ValueError, 'samesite must be "lax" or "strict".'):
    91. 

  91.             HttpResponse().set_cookie('example', samesite='invalid')
    92. 

  92. 

  93. 

  94. class DeleteCookieTests(SimpleTestCase):
    95. 

  95. 

  96.     def test_default(self):
    97. 

  97.         response = HttpResponse()
    98. 

  98.         response.delete_cookie('c')
    99. 

  99.         cookie = response.cookies['c']
    100. 

  100.         self.assertEqual(cookie['expires'], 'Thu, 01 Jan 1970 00:00:00 GMT')
    101. 

  101.         self.assertEqual(cookie['max-age'], 0)
    102. 

  102.         self.assertEqual(cookie['path'], '/')
    103. 

  103.         self.assertEqual(cookie['secure'], '')
    104. 

  104.         self.assertEqual(cookie['domain'], '')
    105. 

  105. 

  106.     def test_delete_cookie_secure_prefix(self):
    107. 

  107.         """
    108. 

  108.         delete_cookie() sets the secure flag if the cookie name starts with
    109. 

  109.         __Host- or __Secure- (without that, browsers ignore cookies with those
    110. 

  110.         prefixes).
    111. 

  111.         """
    112. 

  112.         response = HttpResponse()
    113. 

  113.         for prefix in ('Secure', 'Host'):
    114. 

  114.             with self.subTest(prefix=prefix):
    115. 

  115.                 cookie_name = '__%s-c' % prefix
    116. 

  116.                 response.delete_cookie(cookie_name)
    117. 

  117.                 self.assertEqual(response.cookies[cookie_name]['secure'], True)
    118.