from django.test import TestCase
from django.urls import reverse

class SecurityTest(TestCase):
    def test_sql_injection(self):
        response = self.client.get(reverse('product_detail'), {'id': "1 OR 1=1"})
        self.assertNotContains(response, "تمام محصولات")