zope4: depend on Zope 4.8.3 ( unreleased 68f0c122 )

bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testAutoLogout.py

@@ -34,6 +34,8 @@ import unittest
 import urllib
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
 from DateTime import DateTime
+from ZPublisher.cookie import normalizeCookieParameterName
+
 
 class TestAuoLogout(ERP5TypeTestCase):
   """
@@ -87,7 +89,7 @@ class TestAuoLogout(ERP5TypeTestCase):
     # check '__ac' cookie has set an expire timeout
     ac_cookie = response.getCookie('__ac')
     self.assertNotEqual(ac_cookie, None)
-    cookie_expire = ac_cookie['expires']
+    cookie_expire = ac_cookie[normalizeCookieParameterName('expires')]
     one_second = 1/24.0/60.0/60.0
     self.assertGreater((now + (5 + 1) * one_second), DateTime(cookie_expire)) # give 1s tollerance
 
@@ -100,7 +102,7 @@ class TestAuoLogout(ERP5TypeTestCase):
     self.assertIn('Welcome to ERP5', response.getBody())
     ac_cookie = response.getCookie('__ac')
     self.assertNotEqual(ac_cookie, None)
-    self.assertEqual(ac_cookie.get('expires', None), None)
+    self.assertEqual(ac_cookie.get(normalizeCookieParameterName('expires'), None), None)
 
 def test_suite():
   suite = unittest.TestSuite()

bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testERP5Type.py

@@ -3285,10 +3285,6 @@ def test_suite():
   add_tests(suite, ZPublisher.tests.testHTTPRequest)
 
   import ZPublisher.tests.testHTTPResponse
-  testHTTPResponse_TestHeaderEncodingRegistry_test_encode_words = \
-      ZPublisher.tests.testHTTPResponse.TestHeaderEncodingRegistry.test_encode_words
-  ZPublisher.tests.testHTTPResponse.TestHeaderEncodingRegistry.test_encode_words = \
-      unittest.expectedFailure(testHTTPResponse_TestHeaderEncodingRegistry_test_encode_words)
   add_tests(suite, ZPublisher.tests.testHTTPResponse)
 
   import ZPublisher.tests.testIterators

bt5/erp5_oauth_facebook_login/TestTemplateItem/portal_components/test.erp5.testFacebookLogin.py

@@ -167,7 +167,7 @@ class TestFacebookLogin(ERP5TypeTestCase):
 
     ac_cookie, = [v for (k, v) in response.listHeaders() if k.lower() == 'set-cookie' and '__ac_facebook_hash=' in v]
     self.assertIn('; Secure', ac_cookie)
-    self.assertIn('; HTTPOnly', ac_cookie)
+    self.assertIn('; HttpOnly', ac_cookie)
     self.assertIn('; SameSite=Lax', ac_cookie)
 
   def test_create_user_in_ERP5Site_createFacebookUserToOAuth(self):

bt5/erp5_oauth_google_login/TestTemplateItem/portal_components/test.erp5.testGoogleLogin.py

@@ -216,7 +216,7 @@ class TestGoogleLogin(GoogleLoginTestCase):
 
     ac_cookie, = [v for (k, v) in response.listHeaders() if k.lower() == 'set-cookie' and '__ac_google_hash=' in v]
     self.assertIn('; Secure', ac_cookie)
-    self.assertIn('; HTTPOnly', ac_cookie)
+    self.assertIn('; HttpOnly', ac_cookie)
     self.assertIn('; SameSite=Lax', ac_cookie)
 
   def test_create_user_in_ERP5Site_createGoogleUserToOAuth(self):

bt5/erp5_openid_connect_client_login/TestTemplateItem/portal_components/test.erp5.testOpenIdConnectLogin.py

@@ -135,7 +135,7 @@ class TestOpenIdConnectLogin(OpenIdConnectLoginTestCase):
 
     ac_cookie, = [v for (k, v) in response.listHeaders() if k.lower() == 'set-cookie' and '__ac_openidconnect_hash=' in v]
     self.assertIn('; Secure', ac_cookie)
-    self.assertIn('; HTTPOnly', ac_cookie)
+    self.assertIn('; HttpOnly', ac_cookie)
     self.assertIn('; SameSite=Lax', ac_cookie)
 
   def test_existing_user(self):

product/ERP5Security/tests/testERP5Security.py

@@ -1585,8 +1585,8 @@ class TestAuthenticationCookie(UserManagementTestCase):
     # Secure flag so that cookie is sent only on https
     self.assertIn('; Secure', ac_cookie)
 
-    # HTTPOnly flag so that javascript cannot access cookie
-    self.assertIn('; HTTPOnly', ac_cookie)
+    # HttpOnly flag so that javascript cannot access cookie
+    self.assertIn('; HttpOnly', ac_cookie)
 
     # SameSite=Lax flag so that cookie is not sent on cross origin requests.
     # We set Lax (and not strict) so that opening a link to ERP5 from an