Example #1
0
 def _check_token_present(self, response, csrf_id=None):
     text = text_type(response.content, response.charset)
     match = re.search("name='csrfmiddlewaretoken' value='(.*?)'", text)
     csrf_token = csrf_id or self._csrf_id
     self.assertTrue(
         match and equivalent_tokens(csrf_token, match.group(1)),
         "Could not find csrfmiddlewaretoken to match %s" % csrf_token)
Example #2
0
 def _check_token_present(self, response, csrf_id=None):
     text = str(response.content, response.charset)
     match = re.search('name="csrfmiddlewaretoken" value="(.*?)"', text)
     csrf_token = csrf_id or self._csrf_id
     self.assertTrue(
         match and equivalent_tokens(csrf_token, match[1]),
         "Could not find csrfmiddlewaretoken to match %s" % csrf_token)
Example #3
0
 def _check_token_present(self, response, csrf_id=None):
     text = text_type(response.content, response.charset)
     match = re.search("name='csrfmiddlewaretoken' value='(.*?)'", text)
     csrf_token = csrf_id or self._csrf_id
     self.assertTrue(
         match and equivalent_tokens(csrf_token, match.group(1)),
         "Could not find csrfmiddlewaretoken to match %s" % csrf_token
     )
Example #4
0
 def test_csrf_token_on_404_stays_constant(self):
     response = self.client.get('/does not exist/')
     # The error handler returns status code 599.
     self.assertEqual(response.status_code, 599)
     token1 = response.content
     response = self.client.get('/does not exist/')
     self.assertEqual(response.status_code, 599)
     token2 = response.content
     self.assertTrue(equivalent_tokens(token1.decode('ascii'), token2.decode('ascii')))
Example #5
0
 def test_csrf_token_on_404_stays_constant(self):
     response = self.client.get('/does not exist/')
     # The error handler returns status code 599.
     self.assertEqual(response.status_code, 599)
     token1 = response.content
     response = self.client.get('/does not exist/')
     self.assertEqual(response.status_code, 599)
     token2 = response.content
     self.assertTrue(equivalent_tokens(token1.decode('ascii'), token2.decode('ascii')))
Example #6
0
    def test_csrf_token(self):
        request = HttpRequest()
        CsrfViewMiddleware().process_view(request, lambda r: None, (), {})

        template = self.engine.get_template('template_backends/csrf.html')
        content = template.render(request=request)

        expected = '<input type="hidden" name="csrfmiddlewaretoken" value="([^"]+)" />'
        match = re.match(expected, content) or re.match(expected.replace('"', "'"), content)
        self.assertTrue(match, "hidden csrftoken field not found in output")
        self.assertTrue(equivalent_tokens(match.group(1), get_token(request)))
Example #7
0
    def test_csrf_token(self):
        request = HttpRequest()
        CsrfViewMiddleware().process_view(request, lambda r: None, (), {})

        template = self.engine.get_template('template_backends/csrf.html')
        content = template.render(request=request)

        expected = '<input type="hidden" name="csrfmiddlewaretoken" value="([^"]+)">'
        match = re.match(expected, content) or re.match(expected.replace('"', "'"), content)
        self.assertTrue(match, "hidden csrftoken field not found in output")
        self.assertTrue(equivalent_tokens(match.group(1), get_token(request)))
Example #8
0
 def test_force_token_to_string(self):
     request = HttpRequest()
     test_token = '1bcdefghij2bcdefghij3bcdefghij4bcdefghij5bcdefghij6bcdefghijABCD'
     request.META['CSRF_COOKIE'] = test_token
     token = csrf(request).get('csrf_token')
     self.assertTrue(equivalent_tokens(str(token), test_token))
Example #9
0
 def test_force_token_to_string(self):
     request = HttpRequest()
     test_token = '1bcdefghij2bcdefghij3bcdefghij4bcdefghij5bcdefghij6bcdefghijABCD'
     request.META['CSRF_COOKIE'] = test_token
     token = csrf(request).get('csrf_token')
     self.assertTrue(equivalent_tokens(str(token), test_token))