This is effectively failing because of a mechanism added in 1.10 to protect
against BREACH attacks[0] by salting the CSRF token.
I'm not aware of any way to disable this mechanism but testing against the
exact HTML returned from a view seems fragile.
I suggest you use assertContains[1] (with or without html=True) and
assertTemplateUsed[2] instead.
Cheers,
Simon
[0] https://docs.djangoproject.com/en/2.1/ref/csrf/#how-it-works
[1] https://docs.djangoproject.com/en/2.1/topics/testing/tools/#django.test.SimpleTestCase.assertContains
[2] https://docs.djangoproject.com/en/2.1/topics/testing/tools/#django.test.SimpleTestCase.assertTemplateUsed
Le jeudi 28 mars 2019 12:16:43 UTC-4, OnlineJudge95 a écrit :
Hi people,I am following the book Test-Driven Development with Python by Harry J.W. Perceval. The book is using Django version 1.7 which is outdated as of now so I started with version 2.1.I am trying to unit test my index view. One unit-test that I have written is testing whether the index view returns correct HTML or not by comparing the input received throughthe unit-test fail with the following tracebackto_string ============================== ========== FAIL: test_index_view_returns_correct_html (lists.tests.IndexViewTest) ------------------------------------------------------------ ---------- Traceback (most recent call last):File "tests.py", line 24, in test_index_view_returns_correct_html self.assertEqual(expected_html, actual_html) AssertionError: '<!DO[263 chars]lue="BJMT1b9fxuXOGugp00SDypeTYZxvlm c6KtBSYMDon[198 chars]l>\n' != '<!DO[263 chars]lue=" R05ZiWMASEWMurA8Rdo8bnA0mTwqFT qA0KUYfxgJI[198 chars]l>\n' ------------------------------------------------------------ ---------- Ran 3 tests in 0.006sFAILED (failures=1)Destroying test database for alias 'default'...Process finished with exit code 1It was clear that the csrf token is causing the test to fail. Is there any way to test it, or should it be tested? I ask this as when I changed my Django version to 1.7, the tests were passing, even after giving the csrf token field in the form. I tried going through the changelogs but 1.7 is far behind (beginner here). Please find the code snippets, directory structure provided below.lists/views.pyfrom django.http import HttpResponse
from django.shortcuts import render
# Create your views here.
def index(request):
if request.method == 'POST':
return HttpResponse(request.POST['item_text' ])
return render(request, 'index.html')
lists/test.pyfrom django.http import HttpRequest
from django.template.loader import render_to_string
from django.test import TestCase
from django.urls import resolve
from lists.views import index
# Create your tests here.
class IndexViewTest(TestCase):
def test_root_url_resolves_to_home_page_view (self):
[...]
def test_index_view_returns_correct_html (self):
request = HttpRequest()
response = index(request)
actual_html = response.content.decode()
expected_html = render_to_string('index.html', request=request)
self.assertEqual(expected_html, actual_html)
def test_index_view_can_save_a_post_request (self):
[...]
requirements.txt
pytz==2018.9
selenium==3.141.0
urllib3==1.24.settings.py
# Application definition
INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'lists',
]
[...]Directory Structure
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/7f0f12be-fc3e-43c3-ba07-e48158def051%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment