Update of /cvs-repository/Zope/lib/python/ZServer/tests In directory cvs.zope.org:/tmp/cvs-serv19060/lib/python/ZServer/tests
Modified Files: Tag: Zope-2_7-branch test_responses.py Log Message: - Collector #1863: Prevent possibly sensitive information to leak via the TransientObject's __repr__ method. === Zope/lib/python/ZServer/tests/test_responses.py 1.1.2.2 => 1.1.2.3 === --- Zope/lib/python/ZServer/tests/test_responses.py:1.1.2.2 Sun Mar 28 06:11:49 2004 +++ Zope/lib/python/ZServer/tests/test_responses.py Sat Oct 1 09:18:19 2005 @@ -57,6 +57,30 @@ self.assertRaises(AssertionError, one.setBody, test_streamiterator()) + def test_304NoContentLength(self): + # For 304 responses, there should be no content-length header + response = ZServerHTTPResponse() + if response.getHeader('content-length') is not None: + # remove it for this test + del response.headers['content-length'] + self.assertEqual(response.getHeader('content-length'), None) + + # By default, we are at either status 200 or 204. In this case, we + # want a content-length header. __str__ will add it if it does not + # exist. + self.failUnless(response.getStatus() in (200, 204)) + self.failUnless(str(response).lower().find('content-length') != -1) + + # Now we set the status to 304. 304 responses, according to RFC 2616, + # should not have a content-length header. __str__ should not add it + # back in if it is missing. + if response.getHeader('content-length') is not None: + # remove it for this test + del response.headers['content-length'] + response.setStatus(304) + self.assertEqual(response.getStatus(), 304) + self.failIf(str(response).lower().find('content-length') != -1) + class DummyChannel: def __init__(self): self.out = StringIO() _______________________________________________ Zope-Checkins maillist - Zope-Checkins@zope.org http://mail.zope.org/mailman/listinfo/zope-checkins