def test_full_url_matches():
request = Request({
"type": "http",
"scheme": "http",
"server": ("example.com", 80),
"query_string": b"csrf-token=TOKEN",
"path": "/account/login",
"headers": {},
})
assert request.full_url_matches(r"http://example.com")
assert request.full_url_matches(r"http://example.com/account/*")
assert request.full_url_matches("http://example.com/account/login")
assert request.full_url_matches(
"http://example.com/account/login?csrf-token=TOKEN")
assert not request.full_url_matches(r"http://another.com/account/login")
def should_check_token(self, request: Request) -> bool:
return not any([
request.method.lower() in self.safe_methods,
request.url_matches(*self._exclude_urls),
request.full_url_matches(*self._exclude_urls),
])