diff --git a/tests/file_uploads/tests.py b/tests/file_uploads/tests.py
index 9ba7d09..242d76b 100644
|
a
|
b
|
from django.http.multipartparser import MultiPartParser
|
| 16 | 16 | from django.test import TestCase, client |
| 17 | 17 | from django.test import override_settings |
| 18 | 18 | from django.utils.encoding import force_bytes |
| | 19 | from django.utils.http import urlquote |
| 19 | 20 | from django.utils.six import StringIO |
| 20 | 21 | |
| 21 | 22 | from . import uploadhandler |
| … |
… |
class FileUploadTests(TestCase):
|
| 120 | 121 | |
| 121 | 122 | self.assertEqual(response.status_code, 200) |
| 122 | 123 | |
| | 124 | def test_unicode_file_name_rfc5987(self): |
| | 125 | """ |
| | 126 | Test receiving file upload when filename is encoded with RFC2388/RFC5987 |
| | 127 | (#22971). |
| | 128 | """ |
| | 129 | payload = client.FakePayload() |
| | 130 | payload.write('\r\n'.join([ |
| | 131 | '--' + client.BOUNDARY, |
| | 132 | 'Content-Disposition: form-data; name="file_unicode"; filename*=UTF-8''%s' % urlquote(UNICODE_FILENAME), |
| | 133 | 'Content-Type: application/octet-stream', |
| | 134 | '', |
| | 135 | 'You got pwnd.\r\n', |
| | 136 | '\r\n--' + client.BOUNDARY + '--\r\n' |
| | 137 | ])) |
| | 138 | |
| | 139 | r = { |
| | 140 | 'CONTENT_LENGTH': len(payload), |
| | 141 | 'CONTENT_TYPE': client.MULTIPART_CONTENT, |
| | 142 | 'PATH_INFO': "/unicode_name/", |
| | 143 | 'REQUEST_METHOD': 'POST', |
| | 144 | 'wsgi.input': payload, |
| | 145 | } |
| | 146 | response = self.client.request(**r) |
| | 147 | self.assertEqual(response.status_code, 200) |
| | 148 | |
| 123 | 149 | def test_dangerous_file_names(self): |
| 124 | 150 | """Uploaded file names should be sanitized before ever reaching the view.""" |
| 125 | 151 | # This test simulates possible directory traversal attacks by a |