add tests for comment attacks

2024-11-07 01:25:16 +00:00 · 2018-11-21 13:52:08 +02:00 · 2018-11-21 13:52:08 +02:00 · ef8839aafa
commit ef8839aafa
parent 14860f6a8b
1 changed files with 4 additions and 0 deletions
--- a/tests/test_utils.py
+++ b/tests/test_utils.py
@ -88,4 +88,8 @@ class TestSQLQuery(TestCase):

        self.assertFalse(query.is_safe())

+    def test_marks_comment_attacks_as_not_safe(self):
+        query = SQLQuery("SELECT * FROM users WHERE username='{{username}}' AND password='{{password}}'")
+        query.apply({"username": "admin' --"})
+
        self.assertFalse(query.is_safe())