def test_round_trip_loop(self):
'''
Checks a wide range of input tokens and keys
'''
for _ in range(1000):
request = RequestFactory().get('/')
csrf_token = get_random_string(32)
request.META['CSRF_COOKIE'] = csrf_token
token = force_text(csrf(request)['csrf_token'])
request = RequestFactory().post('/',
{'csrfmiddlewaretoken': token})
middleware = CSRFCryptMiddleware()
middleware.process_view(request, test_view, (), {})
self.assertEqual(
force_text(request.POST.get('csrfmiddlewaretoken')),
force_text(csrf_token))
def test_round_trip_loop(self):
'''
Checks a wide range of input tokens and keys
'''
for _ in range(1000):
request = RequestFactory().get('/')
csrf_token = get_random_string(32)
request.META['CSRF_COOKIE'] = csrf_token
token = force_text(csrf(request)['csrf_token'])
request = RequestFactory().post(
'/', {'csrfmiddlewaretoken': token})
middleware = CSRFCryptMiddleware()
middleware.process_view(request, test_view, (), {})
self.assertEqual(
force_text(request.POST.get('csrfmiddlewaretoken')),
force_text(csrf_token)
)
def test_round_trip_loop_header(self):
'''
Checks a wide range of input tokens and keys
'''
for _ in range(1000):
request = RequestFactory().get('/')
csrf_token = get_random_string(32)
request.META['CSRF_COOKIE'] = csrf_token
token = csrf(request)['csrf_token']
request = RequestFactory().post(
'/',
HTTP_X_CSRFTOKEN=force_text(token),
HTTP_X_REQUESTED_WITH='XMLHttpRequest')
middleware = CSRFCryptMiddleware()
middleware.process_view(request, test_view, (), {})
self.assertEqual(force_text(request.META.get('HTTP_X_CSRFTOKEN')),
force_text(csrf_token))
def test_round_trip_loop_header(self):
'''
Checks a wide range of input tokens and keys
'''
for _ in range(1000):
request = RequestFactory().get('/')
csrf_token = get_random_string(32)
request.META['CSRF_COOKIE'] = csrf_token
token = csrf(request)['csrf_token']
request = RequestFactory().post(
'/',
HTTP_X_CSRFTOKEN=force_text(token),
HTTP_X_REQUESTED_WITH='XMLHttpRequest'
)
middleware = CSRFCryptMiddleware()
middleware.process_view(request, test_view, (), {})
self.assertEqual(
force_text(request.META.get('HTTP_X_CSRFTOKEN')),
force_text(csrf_token)
)
def test_no_token_csrf(self):
request = RequestFactory().get('/')
context = csrf(request)
self.assertTrue(force_text(context['csrf_token']))
self.assertEqual(force_text(context['csrf_token']), 'NOTPROVIDED')
def test_csrf(self):
request = RequestFactory().get('/')
request.META['CSRF_COOKIE'] = 'abc123'
context = csrf(request)
self.assertTrue(force_text(context['csrf_token']))
self.assertNotEqual(force_text(context['csrf_token']), 'abc123')
def test_no_token_csrf(self):
request = RequestFactory().get('/')
context = csrf(request)
self.assertTrue(force_text(context['csrf_token']))
self.assertEqual(force_text(context['csrf_token']), 'NOTPROVIDED')
def test_csrf(self):
request = RequestFactory().get('/')
request.META['CSRF_COOKIE'] = 'abc123'
context = csrf(request)
self.assertTrue(force_text(context['csrf_token']))
self.assertNotEqual(force_text(context['csrf_token']), 'abc123')