diff options
Diffstat (limited to 'tests')
| -rw-r--r-- | tests/csrf_tests/tests.py | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/tests/csrf_tests/tests.py b/tests/csrf_tests/tests.py index 21caacc1d9..7469da34b2 100644 --- a/tests/csrf_tests/tests.py +++ b/tests/csrf_tests/tests.py @@ -189,6 +189,16 @@ class CsrfViewMiddlewareTest(TestCase): req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) self.assertIsNone(req2) + @override_settings(CSRF_HEADER_NAME='HTTP_X_CSRFTOKEN_CUSTOMIZED') + def test_csrf_token_in_header_with_customized_name(self): + """ + settings.CSRF_HEADER_NAME can be used to customize the CSRF header name + """ + req = self._get_POST_csrf_cookie_request() + req.META['HTTP_X_CSRFTOKEN_CUSTOMIZED'] = self._csrf_id + req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {}) + self.assertIsNone(req2) + def test_put_and_delete_rejected(self): """ Tests that HTTP PUT and DELETE methods have protection |
