Fixed #27863 -- Added support for the SameSite cookie flag.

Thanks Alex Gaynor for contributing to the patch.
author: Alex Gaynor <alex.gaynor@gmail.com> 2018-04-13 20:58:31 -0400
committer: Tim Graham <timograham@gmail.com> 2018-04-13 20:58:31 -0400
commit: 9a56b4b13ed92d2d5bb00d6bdb905a73bc5f2f0a (patch)
tree: ddb311604d1ec31ec09c8ae12e34dadc821f7536 /tests/sessions_tests
parent: 13efbb233a9aa2e3f13be863c6616ec0767a0d58 (diff)
download: django-9a56b4b13ed92d2d5bb00d6bdb905a73bc5f2f0a.tar.gz
1 files changed, 10 insertions, 0 deletions
diff --git a/tests/sessions_tests/tests.py b/tests/sessions_tests/tests.py
index 8f3f948f9e..09c21da089 100644
--- a/tests/sessions_tests/tests.py
+++ b/tests/sessions_tests/tests.py
@@ -660,6 +660,16 @@ class SessionMiddlewareTests(TestCase):
             str(response.cookies[settings.SESSION_COOKIE_NAME])
         )
 
+    @override_settings(SESSION_COOKIE_SAMESITE='Strict')
+    def test_samesite_session_cookie(self):
+        request = RequestFactory().get('/')
+        response = HttpResponse()
+        middleware = SessionMiddleware()
+        middleware.process_request(request)
+        request.session['hello'] = 'world'
+        response = middleware.process_response(request, response)
+        self.assertEqual(response.cookies[settings.SESSION_COOKIE_NAME]['samesite'], 'Strict')
+
     @override_settings(SESSION_COOKIE_HTTPONLY=False)
     def test_no_httponly_session_cookie(self):
         request = RequestFactory().get('/')
author	Alex Gaynor <alex.gaynor@gmail.com>	2018-04-13 20:58:31 -0400
committer	Tim Graham <timograham@gmail.com>	2018-04-13 20:58:31 -0400
commit	9a56b4b13ed92d2d5bb00d6bdb905a73bc5f2f0a (patch)
tree	ddb311604d1ec31ec09c8ae12e34dadc821f7536 /tests/sessions_tests
parent	13efbb233a9aa2e3f13be863c6616ec0767a0d58 (diff)
download	django-9a56b4b13ed92d2d5bb00d6bdb905a73bc5f2f0a.tar.gz