do not log a warning for empty responses

if a text/html response does not contain any data (eg empty page for an ajax request) we do not log a warning that no csrf token could be added this fixes #15
plone · Jan 11, 2018 · bd39399 · bd39399
1 parent a001f9c
commit bd39399
Show file tree

Hide file tree

Showing 3 changed files with 32 additions and 1 deletion.
diff --git a/CHANGES.rst b/CHANGES.rst
@@ -14,7 +14,9 @@ New features:
 
 Bug fixes:
 
-- *add item here*
+- Transform does not log a warning for empty responses
+  (Fixes https://github.com/plone/plone.protect/issues/15)
+  [fRiSi]
 
 
 3.1.1 (2017-08-27)

diff --git a/plone/protect/auto.py b/plone/protect/auto.py
@@ -107,6 +107,12 @@ def parseTree(self, result, encoding):
                                                    'compress',):
             return None
 
+        if isinstance(result, list):
+            # do not parse empty strings to omit warning log message
+            if len(result) == 1:
+                if result[0].strip() == u'':
+                    return None
+
         try:
             result = getHTMLSerializer(
                 result, pretty_print=False, encoding=encoding)

diff --git a/plone/protect/tests/testAuto.py b/plone/protect/tests/testAuto.py
@@ -182,3 +182,26 @@ def test_safe_write_empty_returns_true(self):
         transform = ProtectTransform(self.portal, self.request)
         transform._registered_objects = lambda: [self.portal]
         self.assertTrue(transform._check())
+
+class TestAutoTransform(unittest.TestCase):
+    layer = PROTECT_FUNCTIONAL_TESTING
+
+    def setUp(self):
+        self.portal = self.layer['portal']
+        self.request = self.layer['request']
+        self.request.response.setHeader('Content-Type', 'text/html')
+        self.request.REQUEST_METHOD = 'POST'
+
+    def test_empty_no_error(self):
+        # empty pages (eg. tiles or ajax requests) should not lead to
+        # transform errors or warnings
+        transform = ProtectTransform(self.portal, self.request)
+        result = transform.transform(['\n'], 'utf-8')
+        self.assertEqual(result, None)
+
+    def test_html(self):
+        transform = ProtectTransform(self.portal, self.request)
+        result = transform.transform([(
+            '<html>\n<body><form action="http://nohost/myaction" method="POST">'
+            '</form></body>\n</html>')], 'utf-8')
+        self.failUnless('_authenticator' in result.serialize())