Commit ef0ac5a7 authored by Jérome Perrin's avatar Jérome Perrin Committed by Arnaud Fontaine

zope4: depend on Zope 4.8.3 ( unreleased 68f0c122 )

parent f0b16964
...@@ -34,6 +34,8 @@ import unittest ...@@ -34,6 +34,8 @@ import unittest
import urllib import urllib
from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
from DateTime import DateTime from DateTime import DateTime
from ZPublisher.cookie import normalizeCookieParameterName
class TestAuoLogout(ERP5TypeTestCase): class TestAuoLogout(ERP5TypeTestCase):
""" """
...@@ -87,7 +89,7 @@ class TestAuoLogout(ERP5TypeTestCase): ...@@ -87,7 +89,7 @@ class TestAuoLogout(ERP5TypeTestCase):
# check '__ac' cookie has set an expire timeout # check '__ac' cookie has set an expire timeout
ac_cookie = response.getCookie('__ac') ac_cookie = response.getCookie('__ac')
self.assertNotEqual(ac_cookie, None) self.assertNotEqual(ac_cookie, None)
cookie_expire = ac_cookie['expires'] cookie_expire = ac_cookie[normalizeCookieParameterName('expires')]
one_second = 1/24.0/60.0/60.0 one_second = 1/24.0/60.0/60.0
self.assertGreater((now + (5 + 1) * one_second), DateTime(cookie_expire)) # give 1s tollerance self.assertGreater((now + (5 + 1) * one_second), DateTime(cookie_expire)) # give 1s tollerance
...@@ -100,7 +102,7 @@ class TestAuoLogout(ERP5TypeTestCase): ...@@ -100,7 +102,7 @@ class TestAuoLogout(ERP5TypeTestCase):
self.assertIn('Welcome to ERP5', response.getBody()) self.assertIn('Welcome to ERP5', response.getBody())
ac_cookie = response.getCookie('__ac') ac_cookie = response.getCookie('__ac')
self.assertNotEqual(ac_cookie, None) self.assertNotEqual(ac_cookie, None)
self.assertEqual(ac_cookie.get('expires', None), None) self.assertEqual(ac_cookie.get(normalizeCookieParameterName('expires'), None), None)
def test_suite(): def test_suite():
suite = unittest.TestSuite() suite = unittest.TestSuite()
......
...@@ -3285,10 +3285,6 @@ def test_suite(): ...@@ -3285,10 +3285,6 @@ def test_suite():
add_tests(suite, ZPublisher.tests.testHTTPRequest) add_tests(suite, ZPublisher.tests.testHTTPRequest)
import ZPublisher.tests.testHTTPResponse import ZPublisher.tests.testHTTPResponse
testHTTPResponse_TestHeaderEncodingRegistry_test_encode_words = \
ZPublisher.tests.testHTTPResponse.TestHeaderEncodingRegistry.test_encode_words
ZPublisher.tests.testHTTPResponse.TestHeaderEncodingRegistry.test_encode_words = \
unittest.expectedFailure(testHTTPResponse_TestHeaderEncodingRegistry_test_encode_words)
add_tests(suite, ZPublisher.tests.testHTTPResponse) add_tests(suite, ZPublisher.tests.testHTTPResponse)
import ZPublisher.tests.testIterators import ZPublisher.tests.testIterators
......
...@@ -167,7 +167,7 @@ class TestFacebookLogin(ERP5TypeTestCase): ...@@ -167,7 +167,7 @@ class TestFacebookLogin(ERP5TypeTestCase):
ac_cookie, = [v for (k, v) in response.listHeaders() if k.lower() == 'set-cookie' and '__ac_facebook_hash=' in v] ac_cookie, = [v for (k, v) in response.listHeaders() if k.lower() == 'set-cookie' and '__ac_facebook_hash=' in v]
self.assertIn('; Secure', ac_cookie) self.assertIn('; Secure', ac_cookie)
self.assertIn('; HTTPOnly', ac_cookie) self.assertIn('; HttpOnly', ac_cookie)
self.assertIn('; SameSite=Lax', ac_cookie) self.assertIn('; SameSite=Lax', ac_cookie)
def test_create_user_in_ERP5Site_createFacebookUserToOAuth(self): def test_create_user_in_ERP5Site_createFacebookUserToOAuth(self):
......
...@@ -216,7 +216,7 @@ class TestGoogleLogin(GoogleLoginTestCase): ...@@ -216,7 +216,7 @@ class TestGoogleLogin(GoogleLoginTestCase):
ac_cookie, = [v for (k, v) in response.listHeaders() if k.lower() == 'set-cookie' and '__ac_google_hash=' in v] ac_cookie, = [v for (k, v) in response.listHeaders() if k.lower() == 'set-cookie' and '__ac_google_hash=' in v]
self.assertIn('; Secure', ac_cookie) self.assertIn('; Secure', ac_cookie)
self.assertIn('; HTTPOnly', ac_cookie) self.assertIn('; HttpOnly', ac_cookie)
self.assertIn('; SameSite=Lax', ac_cookie) self.assertIn('; SameSite=Lax', ac_cookie)
def test_create_user_in_ERP5Site_createGoogleUserToOAuth(self): def test_create_user_in_ERP5Site_createGoogleUserToOAuth(self):
......
...@@ -135,7 +135,7 @@ class TestOpenIdConnectLogin(OpenIdConnectLoginTestCase): ...@@ -135,7 +135,7 @@ class TestOpenIdConnectLogin(OpenIdConnectLoginTestCase):
ac_cookie, = [v for (k, v) in response.listHeaders() if k.lower() == 'set-cookie' and '__ac_openidconnect_hash=' in v] ac_cookie, = [v for (k, v) in response.listHeaders() if k.lower() == 'set-cookie' and '__ac_openidconnect_hash=' in v]
self.assertIn('; Secure', ac_cookie) self.assertIn('; Secure', ac_cookie)
self.assertIn('; HTTPOnly', ac_cookie) self.assertIn('; HttpOnly', ac_cookie)
self.assertIn('; SameSite=Lax', ac_cookie) self.assertIn('; SameSite=Lax', ac_cookie)
def test_existing_user(self): def test_existing_user(self):
......
...@@ -1585,8 +1585,8 @@ class TestAuthenticationCookie(UserManagementTestCase): ...@@ -1585,8 +1585,8 @@ class TestAuthenticationCookie(UserManagementTestCase):
# Secure flag so that cookie is sent only on https # Secure flag so that cookie is sent only on https
self.assertIn('; Secure', ac_cookie) self.assertIn('; Secure', ac_cookie)
# HTTPOnly flag so that javascript cannot access cookie # HttpOnly flag so that javascript cannot access cookie
self.assertIn('; HTTPOnly', ac_cookie) self.assertIn('; HttpOnly', ac_cookie)
# SameSite=Lax flag so that cookie is not sent on cross origin requests. # SameSite=Lax flag so that cookie is not sent on cross origin requests.
# We set Lax (and not strict) so that opening a link to ERP5 from an # We set Lax (and not strict) so that opening a link to ERP5 from an
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment