catapult/third_party/Paste/tests/test_urlmap.py - platform/external/chromium-trace - Git at Google

 from paste.urlmap import *
 from paste.fixture import *
 import six

 def make_app(response_text):
     def app(environ, start_response):
         headers = [('Content-type', 'text/html')]
         start_response('200 OK', headers)
         body = response_text % environ
         if six.PY3:
             body = body.encode('ascii')
         return [body]
     return app

 def test_map():
     mapper = URLMap({})
     app = TestApp(mapper)
     text = '%s script_name="%%(SCRIPT_NAME)s" path_info="%%(PATH_INFO)s"'
     mapper[''] = make_app(text % 'root')
     mapper['/foo'] = make_app(text % 'foo-only')
     mapper['/foo/bar'] = make_app(text % 'foo:bar')
     mapper['/f'] = make_app(text % 'f-only')
     res = app.get('/')
     res.mustcontain('root')
     res.mustcontain('script_name=""')
     res.mustcontain('path_info="/"')
     res = app.get('/blah')
     res.mustcontain('root')
     res.mustcontain('script_name=""')
     res.mustcontain('path_info="/blah"')
     res = app.get('/foo/and/more')
     res.mustcontain('script_name="/foo"')
     res.mustcontain('path_info="/and/more"')
     res.mustcontain('foo-only')
     res = app.get('/foo/bar/baz')
     res.mustcontain('foo:bar')
     res.mustcontain('script_name="/foo/bar"')
     res.mustcontain('path_info="/baz"')
     res = app.get('/fffzzz')
     res.mustcontain('root')
     res.mustcontain('path_info="/fffzzz"')
     res = app.get('/f/z/y')
     res.mustcontain('script_name="/f"')
     res.mustcontain('path_info="/z/y"')
     res.mustcontain('f-only')

 def test_404():
     mapper = URLMap({})
     app = TestApp(mapper, extra_environ={'HTTP_ACCEPT': 'text/html'})
     res = app.get("/-->%0D<script>alert('xss')</script>", status=404)
     assert b'--><script' not in res.body
     res = app.get("/--%01><script>", status=404)
     assert b'--\x01><script>' not in res.body
	from paste.urlmap import *
	from paste.fixture import *
	import six

	def make_app(response_text):
	def app(environ, start_response):
	headers = [('Content-type', 'text/html')]
	start_response('200 OK', headers)
	body = response_text % environ
	if six.PY3:
	body = body.encode('ascii')
	return [body]
	return app

	def test_map():
	mapper = URLMap({})
	app = TestApp(mapper)
	text = '%s script_name="%%(SCRIPT_NAME)s" path_info="%%(PATH_INFO)s"'
	mapper[''] = make_app(text % 'root')
	mapper['/foo'] = make_app(text % 'foo-only')
	mapper['/foo/bar'] = make_app(text % 'foo:bar')
	mapper['/f'] = make_app(text % 'f-only')
	res = app.get('/')
	res.mustcontain('root')
	res.mustcontain('script_name=""')
	res.mustcontain('path_info="/"')
	res = app.get('/blah')
	res.mustcontain('root')
	res.mustcontain('script_name=""')
	res.mustcontain('path_info="/blah"')
	res = app.get('/foo/and/more')
	res.mustcontain('script_name="/foo"')
	res.mustcontain('path_info="/and/more"')
	res.mustcontain('foo-only')
	res = app.get('/foo/bar/baz')
	res.mustcontain('foo:bar')
	res.mustcontain('script_name="/foo/bar"')
	res.mustcontain('path_info="/baz"')
	res = app.get('/fffzzz')
	res.mustcontain('root')
	res.mustcontain('path_info="/fffzzz"')
	res = app.get('/f/z/y')
	res.mustcontain('script_name="/f"')
	res.mustcontain('path_info="/z/y"')
	res.mustcontain('f-only')

	def test_404():
	mapper = URLMap({})
	app = TestApp(mapper, extra_environ={'HTTP_ACCEPT': 'text/html'})
	res = app.get("/-->%0D<script>alert('xss')</script>", status=404)
	assert b'--><script' not in res.body
	res = app.get("/--%01><script>", status=404)
	assert b'--\x01><script>' not in res.body