diff options
| author | Grzegorz Slusarek <gslusarek@gmail.com> | 2015-02-21 22:57:02 +0100 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2015-03-05 15:03:40 -0500 |
| commit | 668d53cd125175eb708cc0af143f47b42cd42153 (patch) | |
| tree | 6b1ef6d43985ba7670756f92ea2c2770b56baf53 /tests | |
| parent | 8e744fa1507b6d425860c54e7673e603279367eb (diff) | |
Fixed #21495 -- Added settings.CSRF_HEADER_NAME
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/csrf_tests/tests.py | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/tests/csrf_tests/tests.py b/tests/csrf_tests/tests.py index 21caacc1d9..7469da34b2 100644 --- a/tests/csrf_tests/tests.py +++ b/tests/csrf_tests/tests.py @@ -189,6 +189,16 @@ class CsrfViewMiddlewareTest(TestCase): req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) self.assertIsNone(req2) + @override_settings(CSRF_HEADER_NAME='HTTP_X_CSRFTOKEN_CUSTOMIZED') + def test_csrf_token_in_header_with_customized_name(self): + """ + settings.CSRF_HEADER_NAME can be used to customize the CSRF header name + """ + req = self._get_POST_csrf_cookie_request() + req.META['HTTP_X_CSRFTOKEN_CUSTOMIZED'] = self._csrf_id + req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) + self.assertIsNone(req2) + def test_put_and_delete_rejected(self): """ Tests that HTTP PUT and DELETE methods have protection |
