summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorLuke Plant <L.Plant.98@cantab.net>2010-10-28 11:58:51 +0000
committerLuke Plant <L.Plant.98@cantab.net>2010-10-28 11:58:51 +0000
commit36dd74446047570bd6bc1a8bdb8e2eaf3eb39a44 (patch)
treed3178d4df0007f8dcace03fee8eb665d3ec98861 /tests
parentfcc283a52de2185787d5ae4b0a04164f2a1e8882 (diff)
[1.2.X] Fixed #14565 - No csrf_token on 404 page.
This solution doesn't have the negative side-effects of [14356]. Backport of [14377] from trunk. git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.2.X@14380 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'tests')
-rw-r--r--tests/regressiontests/csrf_tests/tests.py10
-rw-r--r--tests/regressiontests/views/tests/defaults.py17
2 files changed, 23 insertions, 4 deletions
diff --git a/tests/regressiontests/csrf_tests/tests.py b/tests/regressiontests/csrf_tests/tests.py
index 9030d397ab..9f74fc5a0a 100644
--- a/tests/regressiontests/csrf_tests/tests.py
+++ b/tests/regressiontests/csrf_tests/tests.py
@@ -3,7 +3,7 @@
from django.test import TestCase
from django.http import HttpRequest, HttpResponse
from django.middleware.csrf import CsrfMiddleware, CsrfViewMiddleware
-from django.views.decorators.csrf import csrf_exempt, csrf_view_exempt
+from django.views.decorators.csrf import csrf_exempt, csrf_view_exempt, requires_csrf_token
from django.core.context_processors import csrf
from django.contrib.sessions.middleware import SessionMiddleware
from django.utils.importlib import import_module
@@ -322,6 +322,14 @@ class CsrfMiddlewareTest(TestCase):
resp = token_view(req)
self._check_token_present(resp)
+ def test_get_token_for_requires_csrf_token_view(self):
+ """
+ Check that get_token works for a view decorated solely with requires_csrf_token
+ """
+ req = self._get_GET_csrf_cookie_request()
+ resp = requires_csrf_token(token_view)(req)
+ self._check_token_present(resp)
+
def test_token_node_with_new_csrf_cookie(self):
"""
Check that CsrfTokenNode works when a CSRF cookie is created by
diff --git a/tests/regressiontests/views/tests/defaults.py b/tests/regressiontests/views/tests/defaults.py
index bc5b223e56..5783a824cd 100644
--- a/tests/regressiontests/views/tests/defaults.py
+++ b/tests/regressiontests/views/tests/defaults.py
@@ -9,6 +9,8 @@ from regressiontests.views.models import Author, Article, UrlArticle
class DefaultsTests(TestCase):
"""Test django views in django/views/defaults.py"""
fixtures = ['testdata.json']
+ non_existing_urls = ['/views/non_existing_url/', # this is in urls.py
+ '/views/other_non_existing_url/'] # this NOT in urls.py
def test_shortcut_with_absolute_url(self):
"Can view a shortcut for an Author object that has a get_absolute_url method"
@@ -49,12 +51,21 @@ class DefaultsTests(TestCase):
def test_page_not_found(self):
"A 404 status is returned by the page_not_found view"
- non_existing_urls = ['/views/non_existing_url/', # this is in urls.py
- '/views/other_non_existing_url/'] # this NOT in urls.py
- for url in non_existing_urls:
+ for url in self.non_existing_urls:
response = self.client.get(url)
self.assertEquals(response.status_code, 404)
+ def test_csrf_token_in_404(self):
+ """
+ The 404 page should have the csrf_token available in the context
+ """
+ # See ticket #14565
+ for url in self.non_existing_urls:
+ response = self.client.get(url)
+ csrf_token = response.context['csrf_token']
+ self.assertNotEqual(str(csrf_token), 'NOTPROVIDED')
+ self.assertNotEqual(str(csrf_token), '')
+
def test_server_error(self):
"The server_error view raises a 500 status"
response = self.client.get('/views/server_error/')