diff options
| author | Chris McDonough <chrism@plope.com> | 2011-09-08 00:25:03 -0400 |
|---|---|---|
| committer | Chris McDonough <chrism@plope.com> | 2011-09-08 00:25:03 -0400 |
| commit | d5dc5dd60e3bbff904a67dd02b4aff9226389942 (patch) | |
| tree | 1618d90cd7c6fe44d0f1ce619ff7e95ec6bd86a5 | |
| parent | b1ba8cc4f3f388e092354ef72c37c03702edf5a4 (diff) | |
| download | pyramid-d5dc5dd60e3bbff904a67dd02b4aff9226389942.tar.gz pyramid-d5dc5dd60e3bbff904a67dd02b4aff9226389942.tar.bz2 pyramid-d5dc5dd60e3bbff904a67dd02b4aff9226389942.zip | |
add tests for high-order chars in path elements and filenames
| -rw-r--r-- | CHANGES.txt | 6 | ||||
| -rw-r--r-- | pyramid/tests/fixtures/static/.hiddenfile | 2 | ||||
| -rw-r--r-- | pyramid/tests/fixtures/static/héhé.html | 1 | ||||
| -rw-r--r-- | pyramid/tests/fixtures/static/héhé/index.html | 1 | ||||
| -rw-r--r-- | pyramid/tests/test_integration.py | 21 |
5 files changed, 30 insertions, 1 deletions
diff --git a/CHANGES.txt b/CHANGES.txt index d2af41876..fda27592f 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -8,6 +8,12 @@ Bug Fixes translations (``de``) would not work properly when using a localizer. See https://github.com/Pylons/pyramid/issues/263 +- The static file serving machinery could not serve files that started with a + ``.`` (dot) character (hidden files). + +- The static file serving machinery inappropriately URL-quoted path segments + in filenames when asking for files from the filesystem. + Documentation ------------- diff --git a/pyramid/tests/fixtures/static/.hiddenfile b/pyramid/tests/fixtures/static/.hiddenfile new file mode 100644 index 000000000..86d345000 --- /dev/null +++ b/pyramid/tests/fixtures/static/.hiddenfile @@ -0,0 +1,2 @@ +<html>I'm hidden</html> + diff --git a/pyramid/tests/fixtures/static/héhé.html b/pyramid/tests/fixtures/static/héhé.html new file mode 100644 index 000000000..fe5e9af50 --- /dev/null +++ b/pyramid/tests/fixtures/static/héhé.html @@ -0,0 +1 @@ +<html>hehe file</html> diff --git a/pyramid/tests/fixtures/static/héhé/index.html b/pyramid/tests/fixtures/static/héhé/index.html new file mode 100644 index 000000000..67623d866 --- /dev/null +++ b/pyramid/tests/fixtures/static/héhé/index.html @@ -0,0 +1 @@ +<html>hehe</html> diff --git a/pyramid/tests/test_integration.py b/pyramid/tests/test_integration.py index 3e2a6e452..42199ef29 100644 --- a/pyramid/tests/test_integration.py +++ b/pyramid/tests/test_integration.py @@ -70,6 +70,23 @@ class TestStaticAppBase(IntegrationBase): res = self.testapp.get('/minimal.pt', status=200) self._assertBody(res.body, os.path.join(here, 'fixtures/minimal.pt')) + def test_hidden(self): + res = self.testapp.get('/static/.hiddenfile', status=200) + self._assertBody(res.body, os.path.join(here, + 'fixtures/static/.hiddenfile')) + + def test_highchars_in_pathelement(self): + res = self.testapp.get('/static/h\xc3\xa9h\xc3\xa9/index.html', + status=200) + self._assertBody(res.body, os.path.join( + here, 'fixtures/static/h\xc3\xa9h\xc3\xa9/index.html')) + + def test_highchars_in_filename(self): + res = self.testapp.get('/static/h\xc3\xa9h\xc3\xa9.html', + status=200) + self._assertBody(res.body, os.path.join( + here, 'fixtures/static/h\xc3\xa9h\xc3\xa9.html')) + def test_not_modified(self): self.testapp.extra_environ = { 'HTTP_IF_MODIFIED_SINCE':httpdate(pow(2, 32)-1)} @@ -136,7 +153,9 @@ class TestStaticAppBase(IntegrationBase): def test_oob_slash(self): self.testapp.get('/%2F/test_integration.py', status=404) - # XXX pdb this + + def test_oob_dotdotslash_encoded(self): + self.testapp.get('/static/%2E%2E%2F/test_integration.py', status=404) class TestStaticAppUsingAbsPath(TestStaticAppBase, unittest.TestCase): package = 'pyramid.tests.pkgs.static_abspath' |