如何测试我的Django电子邮件视图可以捕获BadHeaderError? [英] How to test that my Django email view can catch a BadHeaderError?
问题描述
subject = contact_form.cleaned_data ['subject']
message = contact_form .cleaned_data ['message']
try:
mail_admins(
subject = subject,
message = message,
)
除了BadHeaderError:
#我想测试这种情况。
messages.error(request,对不起,电子邮件无法发送,找不到标题。)
else:
messages.success(请求,您的电子邮件已发送到管理员)
如何在单元测试中触发BadHeaderError?
我知道标题注入的规范示例在主题中有一个换行符。但是,我写了一个单元测试,填写这个表单与主题的换行符,并没有触发无效的头文件。
#这没有触发无效的头信息。那我该怎么办呢?
response = self.client.post(reverse('contact_us'),dict(
subject =Subject goes here\\\
cc:spamvictim@example.com,
message =Message
))
编辑: p>
使用Mocker的Hassek的建议是我不了解的方法, t原来考虑,并将为我的目的工作。但是,对于什么实际触发了邮件功能中的BadHeaderError,我很好奇,如果换行没有这样做,需要什么样的特殊字符?还是有另一种方法来触发BadHeaderError?我不太了解网络安全,所以我想学习这些东西。
编辑2:
我正在使用Django 1.3.0。
这个代码段来自Django自己的测试;这是他们如何测试这个错误的发生。
def test_header_injection(self):
email = EmailMessage('Subject \\\
Injection Test','Content','from@example.com',['to@example.com'])
self.assertRaises(BadHeaderError,email.message)
I have a Django view with an email form. It allows the user to type a subject and message, and send that as an email to the site admin. I would like to write a unit test that ensures that this view can catch a BadHeaderError.
subject = contact_form.cleaned_data['subject']
message = contact_form.cleaned_data['message']
try:
mail_admins(
subject=subject,
message=message,
)
except BadHeaderError:
# I want to test this case.
messages.error(request, "Sorry, the email could not be sent. An invalid header was found.")
else:
messages.success(request, "Your email was sent to the admins.")
How do I trigger a BadHeaderError in a unit test?
I know the canonical example of header injection is having a newline character in the subject. However, I wrote a unit test that fills out this form with a newline character in the subject, and it didn't trigger the invalid header message.
# This didn't trigger the invalid header message. So how do I do it?
response = self.client.post(reverse('contact_us'), dict(
subject="Subject goes here\ncc:spamvictim@example.com",
message="Message goes here",
))
Edit:
Hassek's suggestion of using Mocker is an avenue of approach I hadn't originally considered, and will work for my purpose here. However, I'm curious as to what actually triggers a BadHeaderError in the mail functions - what kind of special character is needed in the subject, if a newline doesn't do it? Or is there another way to trigger the BadHeaderError? I don't know too much about web security, so I'd like to learn these things.
Edit 2:
I was using Django 1.3.0.
This snippet is from Django's own tests; this is how they test that this error is raised
def test_header_injection(self):
email = EmailMessage('Subject\nInjection Test', 'Content', 'from@example.com', ['to@example.com'])
self.assertRaises(BadHeaderError, email.message)
这篇关于如何测试我的Django电子邮件视图可以捕获BadHeaderError?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
