diff options
| author | Jay Cox <jaycox@linear3d.com> | 2015-04-23 23:24:38 -0700 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2015-05-02 19:45:14 -0400 |
| commit | eef95ea96faef0b7dbbe0c8092202b74f68a899b (patch) | |
| tree | fb8888a4aa7328b148f0e2b3c87590639d34c81c /tests/csrf_tests/tests.py | |
| parent | 0894643e40327e48397573b7844585618200442b (diff) | |
| download | django-eef95ea96faef0b7dbbe0c8092202b74f68a899b.tar.gz | |
Fixed #24696 -- Made CSRF_COOKIE computation lazy.
Only compute the CSRF_COOKIE when it is actually used. This is a
significant speedup for clients not using cookies.
Changed result of the “test_token_node_no_csrf_cookie” test: It gets
a valid CSRF token now which seems like the correct behavior.
Changed auth_tests.test_views.LoginTest.test_login_csrf_rotate to
use get_token() to trigger CSRF cookie inclusion instead of changing
request.META["CSRF_COOKIE_USED"] directly.
Diffstat (limited to 'tests/csrf_tests/tests.py')
| -rw-r--r-- | tests/csrf_tests/tests.py | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/tests/csrf_tests/tests.py b/tests/csrf_tests/tests.py index 7469da34b2..29ce2c170c 100644 --- a/tests/csrf_tests/tests.py +++ b/tests/csrf_tests/tests.py @@ -5,7 +5,9 @@ import logging from django.conf import settings from django.http import HttpRequest, HttpResponse -from django.middleware.csrf import CSRF_KEY_LENGTH, CsrfViewMiddleware +from django.middleware.csrf import ( + CSRF_KEY_LENGTH, CsrfViewMiddleware, get_token, +) from django.template import RequestContext, Template from django.template.context_processors import csrf from django.test import TestCase, override_settings @@ -237,7 +239,10 @@ class CsrfViewMiddlewareTest(TestCase): """ req = self._get_GET_no_csrf_cookie_request() resp = token_view(req) - self.assertEqual(resp.content, b'') + + token = get_token(req) + self.assertIsNotNone(token) + self._check_token_present(resp, token) def test_token_node_empty_csrf_cookie(self): """ @@ -248,7 +253,9 @@ class CsrfViewMiddlewareTest(TestCase): CsrfViewMiddleware().process_view(req, token_view, (), {}) resp = token_view(req) - self.assertNotEqual("", resp.content) + token = get_token(req) + self.assertIsNotNone(token) + self._check_token_present(resp, token) def test_token_node_with_csrf_cookie(self): """ |