Fixed #27863 -- Added support for the SameSite cookie flag.

Thanks Alex Gaynor for contributing to the patch.
author: Alex Gaynor <alex.gaynor@gmail.com> 2018-04-13 20:58:31 -0400
committer: Tim Graham <timograham@gmail.com> 2018-04-13 20:58:31 -0400
commit: 9a56b4b13ed92d2d5bb00d6bdb905a73bc5f2f0a (patch)
tree: ddb311604d1ec31ec09c8ae12e34dadc821f7536 /tests/messages_tests
parent: 13efbb233a9aa2e3f13be863c6616ec0767a0d58 (diff)
download: django-9a56b4b13ed92d2d5bb00d6bdb905a73bc5f2f0a.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/tests/messages_tests/test_cookie.py b/tests/messages_tests/test_cookie.py
index a5eff30fd4..211d33f04c 100644
--- a/tests/messages_tests/test_cookie.py
+++ b/tests/messages_tests/test_cookie.py
@@ -57,6 +57,7 @@ class CookieTests(BaseTests, SimpleTestCase):
         # The message contains what's expected.
         self.assertEqual(list(storage), example_messages)
 
+    @override_settings(SESSION_COOKIE_SAMESITE='Strict')
     def test_cookie_setings(self):
         """
         CookieStorage honors SESSION_COOKIE_DOMAIN, SESSION_COOKIE_SECURE, and
@@ -72,6 +73,7 @@ class CookieTests(BaseTests, SimpleTestCase):
         self.assertEqual(response.cookies['messages']['expires'], '')
         self.assertIs(response.cookies['messages']['secure'], True)
         self.assertIs(response.cookies['messages']['httponly'], True)
+        self.assertEqual(response.cookies['messages']['samesite'], 'Strict')
 
         # Test deletion of the cookie (storing with an empty value) after the messages have been consumed
         storage = self.get_storage()
author	Alex Gaynor <alex.gaynor@gmail.com>	2018-04-13 20:58:31 -0400
committer	Tim Graham <timograham@gmail.com>	2018-04-13 20:58:31 -0400
commit	9a56b4b13ed92d2d5bb00d6bdb905a73bc5f2f0a (patch)
tree	ddb311604d1ec31ec09c8ae12e34dadc821f7536 /tests/messages_tests
parent	13efbb233a9aa2e3f13be863c6616ec0767a0d58 (diff)
download	django-9a56b4b13ed92d2d5bb00d6bdb905a73bc5f2f0a.tar.gz