From 69b613db258d71caa925f0165030b9974a1610ca Mon Sep 17 00:00:00 2001 From: Michael Merickel Date: Fri, 21 Feb 2014 21:51:53 -0600 Subject: test cases to reproduce #1246 --- pyramid/tests/test_session.py | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/pyramid/tests/test_session.py b/pyramid/tests/test_session.py index 1ad0729b3..6bce764ca 100644 --- a/pyramid/tests/test_session.py +++ b/pyramid/tests/test_session.py @@ -519,7 +519,7 @@ def serialize(data, secret): from pyramid.compat import native_ from pyramid.compat import pickle pickled = pickle.dumps(data, pickle.HIGHEST_PROTOCOL) - sig = hmac.new(bytes_(secret), pickled, sha1).hexdigest() + sig = hmac.new(bytes_(secret, 'utf-8'), pickled, sha1).hexdigest() return sig + native_(base64.b64encode(pickled)) class Test_signed_serialize(unittest.TestCase): @@ -531,6 +531,12 @@ class Test_signed_serialize(unittest.TestCase): expected = serialize('123', 'secret') result = self._callFUT('123', 'secret') self.assertEqual(result, expected) + + def test_it_with_highorder_secret(self): + secret = b'La Pe\xc3\xb1a'.decode('utf-8') + expected = serialize('123', secret) + result = self._callFUT('123', secret) + self.assertEqual(result, expected) class Test_signed_deserialize(unittest.TestCase): def _callFUT(self, serialized, secret, hmac=None): @@ -562,6 +568,12 @@ class Test_signed_deserialize(unittest.TestCase): serialized = 'bad' + serialize('123', 'secret') self.assertRaises(ValueError, self._callFUT, serialized, 'secret') + def test_it_with_highorder_secret(self): + secret = b'La Pe\xc3\xb1a'.decode('utf-8') + serialized = serialize('123', secret) + result = self._callFUT(serialized, secret) + self.assertEqual(result, '123') + class Test_check_csrf_token(unittest.TestCase): def _callFUT(self, *args, **kwargs): from ..session import check_csrf_token -- cgit v1.2.3