1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
#coding: utf-8
import unittest
import bottle
from bottle import tob, touni
class TestSecureCookies(unittest.TestCase):
def setUp(self):
self.data = dict(a=5, b=touni('υηι¢σ∂є'), c=[1,2,3,4,tob('bytestring')])
self.key = tob('secret')
def testDeEncode(self):
cookie = bottle.cookie_encode(self.data, self.key)
decoded = bottle.cookie_decode(cookie, self.key)
self.assertEqual(self.data, decoded)
decoded = bottle.cookie_decode(cookie+tob('x'), self.key)
self.assertEqual(None, decoded)
def testIsEncoded(self):
cookie = bottle.cookie_encode(self.data, self.key)
self.assertTrue(bottle.cookie_is_encoded(cookie))
self.assertFalse(bottle.cookie_is_encoded(tob('some string')))
class TestSecureCookiesInBottle(unittest.TestCase):
def setUp(self):
self.data = dict(a=5, b=touni('υηι¢σ∂є'), c=[1,2,3,4,tob('bytestring')])
self.secret = tob('secret')
bottle.app.push()
bottle.response.bind()
def tear_down(self):
bottle.app.pop()
def get_pairs(self):
for k, v in bottle.response.headerlist:
if k == 'Set-Cookie':
key, value = v.split(';')[0].split('=', 1)
yield key.lower().strip(), value.strip()
def set_pairs(self, pairs):
header = ','.join(['%s=%s' % (k, v) for k, v in pairs])
bottle.request.bind({'HTTP_COOKIE': header})
def testValid(self):
bottle.response.set_cookie('key', self.data, secret=self.secret)
pairs = self.get_pairs()
self.set_pairs(pairs)
result = bottle.request.get_cookie('key', secret=self.secret)
self.assertEqual(self.data, result)
def testWrongKey(self):
bottle.response.set_cookie('key', self.data, secret=self.secret)
pairs = self.get_pairs()
self.set_pairs([(k+'xxx', v) for (k, v) in pairs])
result = bottle.request.get_cookie('key', secret=self.secret)
self.assertEqual(None, result)
|
