#19172 closed Bug (fixed)
test_poisoned_http_host* tests failing when having ADMINS settings populated
| Reported by: | bernardofontes | Owned by: | Claude Paroz |
|---|---|---|---|
| Component: | contrib.auth | Version: | 1.4 |
| Severity: | Release blocker | Keywords: | unit tests, auth, admin, mail |
| Cc: | Triage Stage: | Accepted | |
| Has patch: | no | Needs documentation: | no |
| Needs tests: | no | Patch needs improvement: | no |
| Easy pickings: | yes | UI/UX: | no |
Description
After changing the ADMINS settings in the new security release, two tests broke. The output of the tests is:
$ manage test
Creating test database for alias 'default'...
..................................................................................FF......................................................................................................................................................................................................................................................................s........................................................................
======================================================================
FAIL: test_poisoned_http_host (django.contrib.auth.tests.views.PasswordResetTest)
Poisoned HTTP_HOST headers can't be used for reset emails
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/bernardo/virtualenvs/likeaboss/lib/python2.7/site-packages/django/contrib/auth/tests/views.py", line 135, in test_poisoned_http_host
self.assertEqual(len(mail.outbox), 0)
AssertionError: 1 != 0
======================================================================
FAIL: test_poisoned_http_host_admin_site (django.contrib.auth.tests.views.PasswordResetTest)
Poisoned HTTP_HOST headers can't be used for reset emails on admin views
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/bernardo/virtualenvs/likeaboss/lib/python2.7/site-packages/django/contrib/auth/tests/views.py", line 144, in test_poisoned_http_host_admin_site
self.assertEqual(len(mail.outbox), 0)
AssertionError: 1 != 0
These tests pass if I don't use the ADMINS configuration setting. To reproduce this test bug, you can just uncommnet this code line on your initial settings file inside the ADMINS setting:
ADMINS = (
# ('Your Name', 'your_email@example.com'),
)
Change History (17)
comment:1 by , 12 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:2 by , 12 years ago
| Summary: | HTTP_POST headers tests failing when having ADMINS settings populated → test_poisoned_http_host* tests failing when having ADMINS settings populated |
|---|
comment:3 by , 12 years ago
| Triage Stage: | Unreviewed → Accepted |
|---|
comment:4 by , 12 years ago
| Owner: | changed from to |
|---|---|
| Status: | assigned → new |
| Version: | 1.4-rc-2 → 1.4 |
comment:5 by , 12 years ago
comment:7 by , 12 years ago
Adding @override_settings(DEBUG_PROPAGATE_EXCEPTIONS=True) for each of those tests solves this particular issue.
comment:8 by , 12 years ago
| Severity: | Normal → Release blocker |
|---|
comment:9 by , 12 years ago
| Owner: | changed from to |
|---|
I will apply the solution proposed in comment:7 if noone opposes.
comment:10 by , 12 years ago
Once again, someone reports a test isolation problem, and we're going to hide the symptoms by overriding some settings rather than fix the root cause. It's not like I have a better short term solution to offer, though.
I'd suggest adding a comment explaining why you chose to override DEBUG_PROPAGATE_EXCEPTIONS (and not, say, ADMINS).
comment:11 by , 12 years ago
The test isolation thing is a design issue. I had proposed a patch (see #13394) to completely isolate tests based on a special testing class. Now I think that there is still an idea of doing some level of integration tests in contrib apps tests, so I'm unsure we really want to isolate contrib tests.
comment:12 by , 12 years ago
| Resolution: | → fixed |
|---|---|
| Status: | new → closed |
comment:15 by , 12 years ago
I've just downloaded Django 1.3 from the official site and have the same problem. While status of this task is "fixed".
Am I doing smth wrong?
std output is below:
======================================================================
FAIL: test_poisoned_http_host (django.contrib.auth.tests.views.PasswordResetTest)
Poisoned HTTP_HOST headers can't be used for reset emails
Traceback (most recent call last):
File "/Library/Python/2.7/site-packages/django/contrib/auth/tests/views.py", line 99, in test_poisoned_http_host
self.assertEqual(len(mail.outbox), 0)
AssertionError: 1 != 0
======================================================================
FAIL: test_poisoned_http_host_admin_site (django.contrib.auth.tests.views.PasswordResetTest)
Poisoned HTTP_HOST headers can't be used for reset emails on admin views
Traceback (most recent call last):
File "/Library/Python/2.7/site-packages/django/contrib/auth/tests/views.py", line 109, in test_poisoned_http_host_admin_site
self.assertEqual(len(mail.outbox), 0)
AssertionError: 1 != 0
comment:16 by , 12 years ago
Only security fixes do reach the 1.3.x branch of Django. You will have to live with these errors in Django 1.3, or patch the installed Django version yourself.
have the same problem