diff options
| author | Luke Plant <L.Plant.98@cantab.net> | 2010-10-28 11:58:51 +0000 |
|---|---|---|
| committer | Luke Plant <L.Plant.98@cantab.net> | 2010-10-28 11:58:51 +0000 |
| commit | 36dd74446047570bd6bc1a8bdb8e2eaf3eb39a44 (patch) | |
| tree | d3178d4df0007f8dcace03fee8eb665d3ec98861 /tests | |
| parent | fcc283a52de2185787d5ae4b0a04164f2a1e8882 (diff) | |
[1.2.X] Fixed #14565 - No csrf_token on 404 page.
This solution doesn't have the negative side-effects of [14356].
Backport of [14377] from trunk.
git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.2.X@14380 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/regressiontests/csrf_tests/tests.py | 10 | ||||
| -rw-r--r-- | tests/regressiontests/views/tests/defaults.py | 17 |
2 files changed, 23 insertions, 4 deletions
diff --git a/tests/regressiontests/csrf_tests/tests.py b/tests/regressiontests/csrf_tests/tests.py index 9030d397ab..9f74fc5a0a 100644 --- a/tests/regressiontests/csrf_tests/tests.py +++ b/tests/regressiontests/csrf_tests/tests.py @@ -3,7 +3,7 @@ from django.test import TestCase from django.http import HttpRequest, HttpResponse from django.middleware.csrf import CsrfMiddleware, CsrfViewMiddleware -from django.views.decorators.csrf import csrf_exempt, csrf_view_exempt +from django.views.decorators.csrf import csrf_exempt, csrf_view_exempt, requires_csrf_token from django.core.context_processors import csrf from django.contrib.sessions.middleware import SessionMiddleware from django.utils.importlib import import_module @@ -322,6 +322,14 @@ class CsrfMiddlewareTest(TestCase): resp = token_view(req) self._check_token_present(resp) + def test_get_token_for_requires_csrf_token_view(self): + """ + Check that get_token works for a view decorated solely with requires_csrf_token + """ + req = self._get_GET_csrf_cookie_request() + resp = requires_csrf_token(token_view)(req) + self._check_token_present(resp) + def test_token_node_with_new_csrf_cookie(self): """ Check that CsrfTokenNode works when a CSRF cookie is created by diff --git a/tests/regressiontests/views/tests/defaults.py b/tests/regressiontests/views/tests/defaults.py index bc5b223e56..5783a824cd 100644 --- a/tests/regressiontests/views/tests/defaults.py +++ b/tests/regressiontests/views/tests/defaults.py @@ -9,6 +9,8 @@ from regressiontests.views.models import Author, Article, UrlArticle class DefaultsTests(TestCase): """Test django views in django/views/defaults.py""" fixtures = ['testdata.json'] + non_existing_urls = ['/views/non_existing_url/', # this is in urls.py + '/views/other_non_existing_url/'] # this NOT in urls.py def test_shortcut_with_absolute_url(self): "Can view a shortcut for an Author object that has a get_absolute_url method" @@ -49,12 +51,21 @@ class DefaultsTests(TestCase): def test_page_not_found(self): "A 404 status is returned by the page_not_found view" - non_existing_urls = ['/views/non_existing_url/', # this is in urls.py - '/views/other_non_existing_url/'] # this NOT in urls.py - for url in non_existing_urls: + for url in self.non_existing_urls: response = self.client.get(url) self.assertEquals(response.status_code, 404) + def test_csrf_token_in_404(self): + """ + The 404 page should have the csrf_token available in the context + """ + # See ticket #14565 + for url in self.non_existing_urls: + response = self.client.get(url) + csrf_token = response.context['csrf_token'] + self.assertNotEqual(str(csrf_token), 'NOTPROVIDED') + self.assertNotEqual(str(csrf_token), '') + def test_server_error(self): "The server_error view raises a 500 status" response = self.client.get('/views/server_error/') |
