def test_full_url_matches(): request = Request({ "type": "http", "scheme": "http", "server": ("example.com", 80), "query_string": b"csrf-token=TOKEN", "path": "/account/login", "headers": {}, }) assert request.full_url_matches(r"http://example.com") assert request.full_url_matches(r"http://example.com/account/*") assert request.full_url_matches("http://example.com/account/login") assert request.full_url_matches( "http://example.com/account/login?csrf-token=TOKEN") assert not request.full_url_matches(r"http://another.com/account/login")
def should_check_token(self, request: Request) -> bool: return not any([ request.method.lower() in self.safe_methods, request.url_matches(*self._exclude_urls), request.full_url_matches(*self._exclude_urls), ])