gnx/GNX-mailEnterprise
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
c67067a2a4831c70841d5d39519b0ea69d2d8b54
GNX-mailEnterprise/venv/lib/python3.12/site-packages/allauth/account/tests/test_security.py
Iliyan Angelov c67067a2a4 Mail
2025-09-14 23:24:25 +03:00

51 lines
2.0 KiB
Python
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

from __future__ import absolute_import
from django.contrib.auth import get_user_model
from django.core import mail
from django.test.client import RequestFactory
from django.test.utils import override_settings
from allauth.account.forms import ResetPasswordForm
from allauth.tests import TestCase
@override_settings(ACCOUNT_PREVENT_ENUMERATION=False)
class TestCVE2019_19844(TestCase):
global_request = RequestFactory().get("/")
def test_user_email_unicode_collision(self):
User = get_user_model()
User.objects.create_user("mike123", "mike@example.org", "test123")
User.objects.create_user("mike456", "mıke@example.org", "test123")
data = {"email": "mıke@example.org"}
form = ResetPasswordForm(data)
self.assertTrue(form.is_valid())
form.save(self.global_request)
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].to, ["mıke@example.org"])
def test_user_email_domain_unicode_collision(self):
User = get_user_model()
User.objects.create_user("mike123", "mike@ixample.org", "test123")
User.objects.create_user("mike456", "mike@ıxample.org", "test123")
data = {"email": "mike@ıxample.org"}
form = ResetPasswordForm(data)
self.assertTrue(form.is_valid())
form.save(self.global_request)
self.assertEqual(len(mail.outbox), 1)
self.assertEqual(mail.outbox[0].to, ["mike@ıxample.org"])
def test_user_email_unicode_collision_nonexistent(self):
User = get_user_model()
User.objects.create_user("mike123", "mike@example.org", "test123")
data = {"email": "mıke@example.org"}
form = ResetPasswordForm(data)
self.assertFalse(form.is_valid())
def test_user_email_domain_unicode_collision_nonexistent(self):
User = get_user_model()
User.objects.create_user("mike123", "mike@ixample.org", "test123")
data = {"email": "mike@ıxample.org"}
form = ResetPasswordForm(data)
self.assertFalse(form.is_valid())
Reference in New Issue View Git Blame Copy Permalink