Fixed #32817 -- Added the token source to CsrfViewMiddleware's bad token error messages.

author: Chris Jerdonek <chris.jerdonek@gmail.com> 2021-06-08 09:33:26 -0700
committer: Mariusz Felisiak <felisiak.mariusz@gmail.com> 2021-06-23 16:07:15 +0200
commit: fcb75651f9b8c2f76ec037f1a68a0e5c99263d8c (patch)
tree: 69f1a1eb96de04d84070dbfbfda70166d7b4f398 /tests/csrf_tests
parent: 1a284afb07ad8806b29044a8cdd0d0bb20165fa4 (diff)
download: django-fcb75651f9b8c2f76ec037f1a68a0e5c99263d8c.tar.gz
1 files changed, 22 insertions, 7 deletions
diff --git a/tests/csrf_tests/tests.py b/tests/csrf_tests/tests.py
index a028b56d08..9f9d380bb3 100644
--- a/tests/csrf_tests/tests.py
+++ b/tests/csrf_tests/tests.py
@@ -147,12 +147,24 @@ class CsrfViewMiddlewareTestMixin:
         """
         cases = [
             (None, None, REASON_CSRF_TOKEN_MISSING),
-            (16 * 'a', None, 'CSRF token has incorrect length.'),
-            (64 * '*', None, 'CSRF token has invalid characters.'),
-            (64 * 'a', None, 'CSRF token incorrect.'),
-            (None, 16 * 'a', 'CSRF token has incorrect length.'),
-            (None, 64 * '*', 'CSRF token has invalid characters.'),
-            (None, 64 * 'a', 'CSRF token incorrect.'),
+            (16 * 'a', None, 'CSRF token from POST has incorrect length.'),
+            (64 * '*', None, 'CSRF token from POST has invalid characters.'),
+            (64 * 'a', None, 'CSRF token from POST incorrect.'),
+            (
+                None,
+                16 * 'a',
+                "CSRF token from the 'X-Csrftoken' HTTP header has incorrect length.",
+            ),
+            (
+                None,
+                64 * '*',
+                "CSRF token from the 'X-Csrftoken' HTTP header has invalid characters.",
+            ),
+            (
+                None,
+                64 * 'a',
+                "CSRF token from the 'X-Csrftoken' HTTP header incorrect.",
+            ),
         ]
         for post_token, meta_token, expected in cases:
             with self.subTest(post_token=post_token, meta_token=meta_token):
@@ -168,7 +180,10 @@ class CsrfViewMiddlewareTestMixin:
         If a CSRF cookie is present and an invalid token is passed via a
         custom CSRF_HEADER_NAME, the middleware rejects the incoming request.
         """
-        expected = 'CSRF token has incorrect length.'
+        expected = (
+            "CSRF token from the 'X-Csrftoken-Customized' HTTP header has "
+            "incorrect length."
+        )
         self._check_bad_or_missing_token(
             expected,
             meta_token=16 * 'a',
author	Chris Jerdonek <chris.jerdonek@gmail.com>	2021-06-08 09:33:26 -0700
committer	Mariusz Felisiak <felisiak.mariusz@gmail.com>	2021-06-23 16:07:15 +0200
commit	fcb75651f9b8c2f76ec037f1a68a0e5c99263d8c (patch)
tree	69f1a1eb96de04d84070dbfbfda70166d7b4f398 /tests/csrf_tests
parent	1a284afb07ad8806b29044a8cdd0d0bb20165fa4 (diff)
download	django-fcb75651f9b8c2f76ec037f1a68a0e5c99263d8c.tar.gz