mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-07-24 13:44:32 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES.

Browse source
This commit is contained in:
Tim Graham 2016-12-31 13:24:00 -05:00
parent 631f4ab061
commit d334f46b7a
29 changed files with 80 additions and 1367 deletions
Download patch file Download diff file Expand all files Collapse all files

29
tests/check_framework/test_security.py
View file

@ -1,6 +1,5 @@
from django.conf import settings
from django.core.checks.security import base, csrf, sessions
from django.core.checks.utils import patch_middleware_message
from django.test import SimpleTestCase
from django.test.utils import override_settings
@ -22,14 +21,6 @@ class CheckSessionCookieSecureTest(SimpleTestCase):
"""
self.assertEqual(self.func(None), [sessions.W010])
@override_settings(
SESSION_COOKIE_SECURE=False,
INSTALLED_APPS=["django.contrib.sessions"],
MIDDLEWARE=None,
MIDDLEWARE_CLASSES=[])
def test_session_cookie_secure_with_installed_app_middleware_classes(self):
self.assertEqual(self.func(None), [sessions.W010])
@override_settings(
SESSION_COOKIE_SECURE=False,
INSTALLED_APPS=[],
@ -42,14 +33,6 @@ class CheckSessionCookieSecureTest(SimpleTestCase):
"""
self.assertEqual(self.func(None), [sessions.W011])
@override_settings(
SESSION_COOKIE_SECURE=False,
INSTALLED_APPS=[],
MIDDLEWARE=None,
MIDDLEWARE_CLASSES=["django.contrib.sessions.middleware.SessionMiddleware"])
def test_session_cookie_secure_with_middleware_middleware_classes(self):
self.assertEqual(self.func(None), [patch_middleware_message(sessions.W011)])
@override_settings(
SESSION_COOKIE_SECURE=False,
INSTALLED_APPS=["django.contrib.sessions"],
@ -61,14 +44,6 @@ class CheckSessionCookieSecureTest(SimpleTestCase):
"""
self.assertEqual(self.func(None), [sessions.W012])
@override_settings(
SESSION_COOKIE_SECURE=False,
INSTALLED_APPS=["django.contrib.sessions"],
MIDDLEWARE=None,
MIDDLEWARE_CLASSES=["django.contrib.sessions.middleware.SessionMiddleware"])
def test_session_cookie_secure_both_middleware_classes(self):
self.assertEqual(self.func(None), [sessions.W012])
@override_settings(
SESSION_COOKIE_SECURE=True,
INSTALLED_APPS=["django.contrib.sessions"],
@ -137,7 +112,7 @@ class CheckCSRFMiddlewareTest(SimpleTestCase):
from django.core.checks.security.csrf import check_csrf_middleware
return check_csrf_middleware
@override_settings(MIDDLEWARE=[], MIDDLEWARE_CLASSES=[])
@override_settings(MIDDLEWARE=[])
def test_no_csrf_middleware(self):
"""
Warn if CsrfViewMiddleware isn't in MIDDLEWARE.
@ -177,7 +152,7 @@ class CheckCSRFCookieSecureTest(SimpleTestCase):
"""
self.assertEqual(self.func(None), [])
@override_settings(MIDDLEWARE=[], MIDDLEWARE_CLASSES=[], CSRF_COOKIE_SECURE=False)
@override_settings(MIDDLEWARE=[], CSRF_COOKIE_SECURE=False)
def test_with_csrf_cookie_secure_false_no_middleware(self):
"""
No warning if CsrfViewMiddleware isn't in MIDDLEWARE, even if