Commit 4f6c130b by Jérome Perrin

restricted: allow urlparse in restricted python

/reviewed-on !839
1 parent f1bbc5aa
...@@ -261,6 +261,9 @@ allow_type(type(hashlib.md5())) ...@@ -261,6 +261,9 @@ allow_type(type(hashlib.md5()))
allow_module('time') allow_module('time')
allow_module('unicodedata') allow_module('unicodedata')
allow_module('urlparse') allow_module('urlparse')
import urlparse
allow_type(urlparse.ParseResult)
allow_type(urlparse.SplitResult)
allow_module('struct') allow_module('struct')
ModuleSecurityInfo('os.path').declarePublic( ModuleSecurityInfo('os.path').declarePublic(
......
...@@ -91,7 +91,35 @@ class TestRestrictedPythonSecurity(ERP5TypeTestCase): ...@@ -91,7 +91,35 @@ class TestRestrictedPythonSecurity(ERP5TypeTestCase):
self.createAndRunScript('import decimal', self.createAndRunScript('import decimal',
'return decimal.Decimal.from_float(3.3)') 'return decimal.Decimal.from_float(3.3)')
def test_suite(): def test_urlparse(self):
suite = unittest.TestSuite() self.createAndRunScript(
suite.addTest(unittest.makeSuite(TestRestrictedPythonSecurity)) 'import urlparse',
return suite 'return urlparse.urlparse("http://example.com/pa/th/?q=s").path',
expected='/pa/th/'
)
# access computed attributes (property) is also OK
self.createAndRunScript(
'import urlparse',
'return urlparse.urlparse("http://example.com/pa/th/?q=s").hostname',
expected='example.com'
)
self.createAndRunScript(
'import urlparse',
'return urlparse.urlsplit("http://example.com/pa/th/?q=s").path',
expected='/pa/th/'
)
self.createAndRunScript(
'import urlparse',
'return urlparse.urldefrag("http://example.com/#frag")[1]',
expected='frag'
)
self.createAndRunScript(
'import urlparse',
'return urlparse.parse_qs("q=s")',
expected={'q': ['s']}
)
self.createAndRunScript(
'import urlparse',
'return urlparse.parse_qsl("q=s")',
expected=[('q', 's')]
)
Styling with Markdown is supported
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!