summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
Diffstat (limited to 'docs')
-rw-r--r--docs/ref/contrib/csrf.txt7
-rw-r--r--docs/topics/testing.txt13
2 files changed, 20 insertions, 0 deletions
diff --git a/docs/ref/contrib/csrf.txt b/docs/ref/contrib/csrf.txt
index 979c221581..c32dd73986 100644
--- a/docs/ref/contrib/csrf.txt
+++ b/docs/ref/contrib/csrf.txt
@@ -398,6 +398,13 @@ set a flag on requests which relaxes the middleware and the ``csrf_protect``
decorator so that they no longer rejects requests. In every other respect
(e.g. sending cookies etc.), they behave the same.
+If, for some reason, you *want* the test client to perform CSRF
+checks, you can create an instance of the test client that enforces
+CSRF checks::
+
+ >>> from django.test import Client
+ >>> csrf_client = Client(enforce_csrf_checks=True)
+
Limitations
===========
diff --git a/docs/topics/testing.txt b/docs/topics/testing.txt
index b101d574bb..c5f8f0040d 100644
--- a/docs/topics/testing.txt
+++ b/docs/topics/testing.txt
@@ -572,6 +572,19 @@ Note a few important things about how the test client works:
This black magic (essentially a patching of Django's template system in
memory) only happens during test running.
+ * By default, the test client will disable any CSRF checks
+ performed by your site.
+
+ If, for some reason, you *want* the test client to perform CSRF
+ checks, you can create an instance of the test client that
+ enforces CSRF checks. To do this, pass in the
+ ``enforce_csrf_checks`` argument when you construct your
+ client::
+
+ >>> from django.test import Client
+ >>> csrf_client = Client(enforce_csrf_checks=True)
+
+
.. _urllib: http://docs.python.org/library/urllib.html
.. _urllib2: http://docs.python.org/library/urllib2.html