Update of /cvs-repository/Products/Transience/tests In directory cvs.zope.org:/tmp/cvs-serv19060/lib/python/Products/Transience/tests
Modified Files: Tag: Zope-2_7-branch testTransientObject.py Log Message: - Collector #1863: Prevent possibly sensitive information to leak via the TransientObject's __repr__ method. === Products/Transience/tests/testTransientObject.py 1.8.68.1 => 1.8.68.2 === --- Products/Transience/tests/testTransientObject.py:1.8.68.1 Fri May 14 18:52:13 2004 +++ Products/Transience/tests/testTransientObject.py Sat Oct 1 09:18:19 2005 @@ -115,6 +115,15 @@ t.delete('foobie') self.assertEqual(t.get('foobie'), None) + def test_repr_leaking_information(self): + # __repr__ used to show all contents, which could lead to sensitive + # information being visible in e.g. the ErrorLog object. + t = self.t.new('password-storing-session') + t.set('__ac_password__', 'secret') + self.failIf( repr(t).find('secret') != -1 + , '__repr__ leaks: %s' % repr(t) + ) + def test_suite(): testsuite = makeSuite(TestTransientObject, 'test') _______________________________________________ Zope-Checkins maillist - Zope-Checkins@zope.org http://mail.zope.org/mailman/listinfo/zope-checkins