summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/csrf_tests/tests.py10
1 files changed, 10 insertions, 0 deletions
diff --git a/tests/csrf_tests/tests.py b/tests/csrf_tests/tests.py
index 21caacc1d9..7469da34b2 100644
--- a/tests/csrf_tests/tests.py
+++ b/tests/csrf_tests/tests.py
@@ -189,6 +189,16 @@ class CsrfViewMiddlewareTest(TestCase):
req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {})
self.assertIsNone(req2)
+ @override_settings(CSRF_HEADER_NAME='HTTP_X_CSRFTOKEN_CUSTOMIZED')
+ def test_csrf_token_in_header_with_customized_name(self):
+ """
+ settings.CSRF_HEADER_NAME can be used to customize the CSRF header name
+ """
+ req = self._get_POST_csrf_cookie_request()
+ req.META['HTTP_X_CSRFTOKEN_CUSTOMIZED'] = self._csrf_id
+ req2 = CsrfViewMiddleware().process_view(req, post_form_view, (), {})
+ self.assertIsNone(req2)
+
def test_put_and_delete_rejected(self):
"""
Tests that HTTP PUT and DELETE methods have protection