diff options
author | David Höppner <0xffea@gmail.com> | 2013-03-10 20:04:07 +0100 |
---|---|---|
committer | David Höppner <0xffea@gmail.com> | 2013-03-14 16:07:39 +0100 |
commit | a80a1f8b300cadf69a3ad385cfe0d39a6ad2b9b1 (patch) | |
tree | f56c909009b79dde614bb1bcd4530b71a37ffecf /tests/test_content_types.py | |
parent | f6a2691caf06ee02cc9d245855c3b3012427980d (diff) | |
download | keystone-a80a1f8b300cadf69a3ad385cfe0d39a6ad2b9b1.tar.gz keystone-a80a1f8b300cadf69a3ad385cfe0d39a6ad2b9b1.tar.xz keystone-a80a1f8b300cadf69a3ad385cfe0d39a6ad2b9b1.zip |
xml_body returns backtrace on XMLSyntaxError
Protected against XMLSyntaxError that can occur in from_xml. Return
a validation error (400) instead of an internal server error (500).
Change-Id: Ic5160f4f6c810e96b74dbf9563547ac739a54c5e
Fixes: bug #1101043
Diffstat (limited to 'tests/test_content_types.py')
-rw-r--r-- | tests/test_content_types.py | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/tests/test_content_types.py b/tests/test_content_types.py index a5457ccb..844bc841 100644 --- a/tests/test_content_types.py +++ b/tests/test_content_types.py @@ -868,3 +868,21 @@ class XmlTestCase(RestfulTestCase, CoreApiTests): for tenant in r.body.findall(self._tag('tenant')): self.assertValidTenant(tenant) self.assertIn(tenant.get('enabled'), ['true', 'false']) + + def test_authenticate_with_invalid_xml_in_password(self): + # public_request would auto escape the ampersand + r = self.request( + port=self._public_port(), + method='POST', + path='/v2.0/tokens', + headers={ + 'Content-Type': 'application/xml' + }, + body=""" + <?xml version="1.0" encoding="UTF-8"?> + <auth xmlns="http://docs.openstack.org/identity/api/v2.0" + tenantId="bar"> + <passwordCredentials username="FOO" password="&"/> + </auth> + """, + expected_status=400) |