summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorJay Cox <jaycox@linear3d.com>2015-04-23 23:24:38 -0700
committerTim Graham <timograham@gmail.com>2015-05-02 19:45:14 -0400
commiteef95ea96faef0b7dbbe0c8092202b74f68a899b (patch)
treefb8888a4aa7328b148f0e2b3c87590639d34c81c /tests
parent0894643e40327e48397573b7844585618200442b (diff)
Fixed #24696 -- Made CSRF_COOKIE computation lazy.
Only compute the CSRF_COOKIE when it is actually used. This is a significant speedup for clients not using cookies. Changed result of the “test_token_node_no_csrf_cookie” test: It gets a valid CSRF token now which seems like the correct behavior. Changed auth_tests.test_views.LoginTest.test_login_csrf_rotate to use get_token() to trigger CSRF cookie inclusion instead of changing request.META["CSRF_COOKIE_USED"] directly.
Diffstat (limited to 'tests')
-rw-r--r--tests/auth_tests/test_views.py5
-rw-r--r--tests/csrf_tests/tests.py13
2 files changed, 13 insertions, 5 deletions
diff --git a/tests/auth_tests/test_views.py b/tests/auth_tests/test_views.py
index 5ebe9f2938..033d083e18 100644
--- a/tests/auth_tests/test_views.py
+++ b/tests/auth_tests/test_views.py
@@ -23,7 +23,7 @@ from django.core import mail
from django.core.urlresolvers import NoReverseMatch, reverse, reverse_lazy
from django.db import connection
from django.http import HttpRequest, QueryDict
-from django.middleware.csrf import CsrfViewMiddleware
+from django.middleware.csrf import CsrfViewMiddleware, get_token
from django.test import (
TestCase, ignore_warnings, modify_settings, override_settings,
)
@@ -606,7 +606,8 @@ class LoginTest(AuthViewsTestCase):
# TestClient isn't used here as we're testing middleware, essentially.
req = HttpRequest()
CsrfViewMiddleware().process_view(req, login_view, (), {})
- req.META["CSRF_COOKIE_USED"] = True
+ # get_token() triggers CSRF token inclusion in the response
+ get_token(req)
resp = login_view(req)
resp2 = CsrfViewMiddleware().process_response(req, resp)
csrf_cookie = resp2.cookies.get(settings.CSRF_COOKIE_NAME, None)
diff --git a/tests/csrf_tests/tests.py b/tests/csrf_tests/tests.py
index 7469da34b2..29ce2c170c 100644
--- a/tests/csrf_tests/tests.py
+++ b/tests/csrf_tests/tests.py
@@ -5,7 +5,9 @@ import logging
from django.conf import settings
from django.http import HttpRequest, HttpResponse
-from django.middleware.csrf import CSRF_KEY_LENGTH, CsrfViewMiddleware
+from django.middleware.csrf import (
+ CSRF_KEY_LENGTH, CsrfViewMiddleware, get_token,
+)
from django.template import RequestContext, Template
from django.template.context_processors import csrf
from django.test import TestCase, override_settings
@@ -237,7 +239,10 @@ class CsrfViewMiddlewareTest(TestCase):
"""
req = self._get_GET_no_csrf_cookie_request()
resp = token_view(req)
- self.assertEqual(resp.content, b'')
+
+ token = get_token(req)
+ self.assertIsNotNone(token)
+ self._check_token_present(resp, token)
def test_token_node_empty_csrf_cookie(self):
"""
@@ -248,7 +253,9 @@ class CsrfViewMiddlewareTest(TestCase):
CsrfViewMiddleware().process_view(req, token_view, (), {})
resp = token_view(req)
- self.assertNotEqual("", resp.content)
+ token = get_token(req)
+ self.assertIsNotNone(token)
+ self._check_token_present(resp, token)
def test_token_node_with_csrf_cookie(self):
"""