1 files changed, 24 insertions, 0 deletions

diff --git a/tests/modeltests/test_client/models.py b/tests/modeltests/test_client/models.py
index c51323d843..30520082da 100644
--- a/tests/modeltests/test_client/models.py
+++ b/tests/modeltests/test_client/models.py
@@ -21,6 +21,7 @@ rather than the HTML rendered to the end-user.
 
 """
 from django.test import Client, TestCase
+from django.conf import settings
 from django.core import mail
 
 class ClientTest(TestCase):
@@ -433,3 +434,26 @@ class ClientTest(TestCase):
         self.assertEqual(mail.outbox[1].from_email, 'from@example.com')
         self.assertEqual(mail.outbox[1].to[0], 'second@example.com')
         self.assertEqual(mail.outbox[1].to[1], 'third@example.com')
+
+class CSRFEnabledClientTests(TestCase):
+    def setUp(self):
+        # Enable the CSRF middleware for this test
+        self.old_MIDDLEWARE_CLASSES = settings.MIDDLEWARE_CLASSES
+        csrf_middleware_class = 'django.middleware.csrf.CsrfViewMiddleware'
+        if csrf_middleware_class not in settings.MIDDLEWARE_CLASSES:
+            settings.MIDDLEWARE_CLASSES += (csrf_middleware_class,)
+
+    def tearDown(self):
+        settings.MIDDLEWARE_CLASSES = self.old_MIDDLEWARE_CLASSES
+
+    def test_csrf_enabled_client(self):
+        "A client can be instantiated with CSRF checks enabled"
+        csrf_client = Client(enforce_csrf_checks=True)
+
+        # The normal client allows the post
+        response = self.client.post('/test_client/post_view/', {})
+        self.assertEqual(response.status_code, 200)
+
+        # The CSRF-enabled client rejects it
+        response = csrf_client.post('/test_client/post_view/', {})
+        self.assertEqual(response.status_code, 403)