MCPcopy
hub / github.com/django/django / test_blank_filenames

Method test_blank_filenames

tests/file_uploads/tests.py:307–349  ·  view source on GitHub ↗

Receiving file upload when filename is blank (before and after sanitization) should be okay.

(self)

Source from the content-addressed store, hash-verified

305 self.assertEqual(response.status_code, 200)
306
307 def test_blank_filenames(self):
308 """
309 Receiving file upload when filename is blank (before and after
310 sanitization) should be okay.
311 """
312 filenames = [
313 "",
314 # Normalized by MultiPartParser.IE_sanitize().
315 "C:\\Windows\\",
316 # Normalized by os.path.basename().
317 "/",
318 "ends-with-slash/",
319 ]
320 payload = client.FakePayload()
321 for i, name in enumerate(filenames):
322 payload.write(
323 "\r\n".join(
324 [
325 "--" + client.BOUNDARY,
326 'Content-Disposition: form-data; name="file%s"; filename="%s"'
327 % (i, name),
328 "Content-Type: application/octet-stream",
329 "",
330 "You got pwnd.\r\n",
331 ]
332 )
333 )
334 payload.write("\r\n--" + client.BOUNDARY + "--\r\n")
335
336 r = {
337 "CONTENT_LENGTH": len(payload),
338 "CONTENT_TYPE": client.MULTIPART_CONTENT,
339 "PATH_INFO": "/echo/",
340 "REQUEST_METHOD": "POST",
341 "wsgi.input": payload,
342 }
343 response = self.client.request(**r)
344 self.assertEqual(response.status_code, 200)
345
346 # Empty filenames should be ignored
347 received = response.json()
348 for i, name in enumerate(filenames):
349 self.assertIsNone(received.get("file%s" % i))
350
351 def test_non_printable_chars_in_file_names(self):
352 file_name = "non-\x00printable\x00\n_chars.txt\x00"

Callers

nothing calls this directly

Calls 5

writeMethod · 0.95
joinMethod · 0.45
requestMethod · 0.45
jsonMethod · 0.45
getMethod · 0.45

Tested by

no test coverage detected