Python HTTPRequest.form['_authenticator']方法代码示例

本文整理汇总了Python中ZPublisher.HTTPRequest.HTTPRequest.form['_authenticator']方法的典型用法代码示例。如果您正苦于以下问题：Python HTTPRequest.form['_authenticator']方法的具体用法？Python HTTPRequest.form['_authenticator']怎么用？Python HTTPRequest.form['_authenticator']使用的例子？那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类ZPublisher.HTTPRequest.HTTPRequest的用法示例。

在下文中一共展示了HTTPRequest.form['_authenticator']方法的2个代码示例，这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞，您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: testCSRF

# 需要导入模块: from ZPublisher.HTTPRequest import HTTPRequest [as 别名]
# 或者: from ZPublisher.HTTPRequest.HTTPRequest import form['_authenticator'] [as 别名]
    def testCSRF(self):
        """ test csrf protection """

        # for this test, we need a bit more serious request simulation
        from ZPublisher.HTTPRequest import HTTPRequest
        from ZPublisher.HTTPResponse import HTTPResponse
        environ = {}
        environ.setdefault('SERVER_NAME', 'foo')
        environ.setdefault('SERVER_PORT', '80')
        environ.setdefault('REQUEST_METHOD', 'POST')
        request = HTTPRequest(sys.stdin,
                              environ,
                              HTTPResponse(stdout=sys.stdout))

        request.form = {
            'topic': 'test subject',
            'replyto': '[email protected]',
            'comments': 'test comments',
        }

        self.ff1.CSRFProtection = True

        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)

        # with authenticator... no error
        tag = AuthenticatorView('context', 'request').authenticator()
        token = tag.split('"')[5]
        request.form['_authenticator'] = token
        errors = self.ff1.fgvalidate(REQUEST=request)
        self.assertEqual(errors, {})

        # sneaky GET request
        environ['REQUEST_METHOD'] = 'GET'
        request = HTTPRequest(sys.stdin,
                              environ,
                              HTTPResponse(stdout=sys.stdout))
        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)

        # bad authenticator
        request.form['_authenticator'] = 'inauthentic'
        request = HTTPRequest(sys.stdin,
                              environ,
                              HTTPResponse(stdout=sys.stdout))
        self.assertRaises(zExceptions.Forbidden, self.ff1.fgvalidate, request)

开发者ID:collective，项目名称:collective.easyform，代码行数:46，代码来源:testFunctions.py

示例2: FakeRequest

# 需要导入模块: from ZPublisher.HTTPRequest import HTTPRequest [as 别名]
# 或者: from ZPublisher.HTTPRequest.HTTPRequest import form['_authenticator'] [as 别名]
def FakeRequest(method='GET', add_auth=False, **kwargs):
    environ = {}
    environ.setdefault('SERVER_NAME', 'foo')
    environ.setdefault('SERVER_PORT', '80')
    environ.setdefault('REQUEST_METHOD', method)
    request = HTTPRequest(sys.stdin,
                          environ,
                          HTTPResponse(stdout=StringIO()))
    request.form = kwargs
    if add_auth:
        request.form['_authenticator'] = plone.protect.createToken()
    return request

开发者ID:collective，项目名称:collective.easyform，代码行数:14，代码来源:testSaver.py

注：本文中的ZPublisher.HTTPRequest.HTTPRequest.form['_authenticator']方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台，相关代码片段筛选自各路编程大神贡献的开源项目，源码版权归原作者所有，传播和使用请参考对应项目的License；未经允许，请勿转载。