diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/ref/contrib/csrf.txt | 7 | ||||
| -rw-r--r-- | docs/topics/testing.txt | 13 |
2 files changed, 20 insertions, 0 deletions
diff --git a/docs/ref/contrib/csrf.txt b/docs/ref/contrib/csrf.txt index 979c221581..c32dd73986 100644 --- a/docs/ref/contrib/csrf.txt +++ b/docs/ref/contrib/csrf.txt @@ -398,6 +398,13 @@ set a flag on requests which relaxes the middleware and the ``csrf_protect`` decorator so that they no longer rejects requests. In every other respect (e.g. sending cookies etc.), they behave the same. +If, for some reason, you *want* the test client to perform CSRF +checks, you can create an instance of the test client that enforces +CSRF checks:: + + >>> from django.test import Client + >>> csrf_client = Client(enforce_csrf_checks=True) + Limitations =========== diff --git a/docs/topics/testing.txt b/docs/topics/testing.txt index b101d574bb..c5f8f0040d 100644 --- a/docs/topics/testing.txt +++ b/docs/topics/testing.txt @@ -572,6 +572,19 @@ Note a few important things about how the test client works: This black magic (essentially a patching of Django's template system in memory) only happens during test running. + * By default, the test client will disable any CSRF checks + performed by your site. + + If, for some reason, you *want* the test client to perform CSRF + checks, you can create an instance of the test client that + enforces CSRF checks. To do this, pass in the + ``enforce_csrf_checks`` argument when you construct your + client:: + + >>> from django.test import Client + >>> csrf_client = Client(enforce_csrf_checks=True) + + .. _urllib: http://docs.python.org/library/urllib.html .. _urllib2: http://docs.python.org/library/urllib2.html |
