def test_set_two_cookies(self):
response = Response()
response.set_cookie('token1', 'abc')
response.set_cookie('token2', 'xyz')
expected_cookie1 = 'token1=abc; HttpOnly; SameSite=Strict'
expected_cookie2 = 'token2=xyz; HttpOnly; SameSite=Strict'
self.assertIn(('Set-Cookie', expected_cookie1),
response._wsgi_headers())
self.assertIn(('Set-Cookie', expected_cookie2),
response._wsgi_headers())
def test_set_cookie_with_expires_date(self):
response = Response()
response.set_cookie('token',
'abc',
expires=datetime(2017, 4, 9, 10, 35, 54))
expected_cookie = 'token=abc; Expires=Sun, 09 Apr 2017 10:35:54 GMT; HttpOnly; SameSite=Strict'
self.assertIn(('Set-Cookie', expected_cookie),
response._wsgi_headers())
def test_set_cookie_with_all_attributes(self):
response = Response()
response.set_cookie('token',
'abc',
expires=datetime(2017, 4, 9, 10, 35, 54),
domain='my.domain.com',
path='/foo',
secure=True)
expected_cookie = 'token=abc; Expires=Sun, 09 Apr 2017 10:35:54 GMT; Domain=my.domain.com; Path=/foo; Secure; HttpOnly; SameSite=Strict'
self.assertIn(('Set-Cookie', expected_cookie),
response._wsgi_headers())
def test_unset_cookie_with_domain_and_path(self):
response = Response()
response.unset_cookie('token', domain='my.domain.com', path='/foo')
expected_cookie = 'token=; Expires=Thu, 01 Jan 1970 00:00:00 GMT; Domain=my.domain.com; Path=/foo'
self.assertIn(('Set-Cookie', expected_cookie),
response._wsgi_headers())
def test_unset_cookie(self):
response = Response()
response.unset_cookie('token')
expected_cookie = 'token=; Expires=Thu, 01 Jan 1970 00:00:00 GMT'
self.assertIn(('Set-Cookie', expected_cookie),
response._wsgi_headers())
def test_special_characters_in_cookie_value_get_escaped(self):
response = Response()
response.set_cookie('token', 'abc/;,~áç[\'!""]')
expected_cookie = 'token="abc/\\073\\054~\\341\\347[\'!\\"\\"]"; HttpOnly; SameSite=Strict'
self.assertIn(('Set-Cookie', expected_cookie),
response._wsgi_headers())
def test_set_insecure_cookie(self):
response = Response()
response.set_cookie('token', 'abc', http_only=False, same_site=False)
expected_cookie = 'token=abc'
self.assertIn(('Set-Cookie', expected_cookie),
response._wsgi_headers())
def test_set_secure_cookie(self):
response = Response()
response.set_cookie('token', 'abc', secure=True)
expected_cookie = 'token=abc; Secure; HttpOnly; SameSite=Strict'
self.assertIn(('Set-Cookie', expected_cookie),
response._wsgi_headers())
def test_set_cookie_with_path(self):
response = Response()
response.set_cookie('token', 'abc', path='/foo')
expected_cookie = 'token=abc; Path=/foo; HttpOnly; SameSite=Strict'
self.assertIn(('Set-Cookie', expected_cookie),
response._wsgi_headers())
def test_set_cookie_with_domain(self):
response = Response()
response.set_cookie('token', 'abc', domain='my.domain.com')
expected_cookie = 'token=abc; Domain=my.domain.com; HttpOnly; SameSite=Strict'
self.assertIn(('Set-Cookie', expected_cookie),
response._wsgi_headers())
def test_set_cookie_with_default_configs(self):
response = Response()
response.set_cookie('token', 'abc')
expected_cookie = 'token=abc; HttpOnly; SameSite=Strict'
self.assertIn(('Set-Cookie', expected_cookie),
response._wsgi_headers())
