mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-04 10:59:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Refs #32800 -- Avoided use of _does_token_match() in some CSRF tests.

Browse source
This commit is contained in:
Chris Jerdonek 2021-08-17 16:43:17 -04:00 committed by Mariusz Felisiak
parent 0820175d81
commit 3f0025c18a
3 changed files with 17 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

9
tests/csrf_tests/tests.py
View file

@ -1396,13 +1396,14 @@ class CsrfViewMiddlewareUseSessionsTests(CsrfViewMiddlewareTestMixin, SimpleTest
@override_settings(ROOT_URLCONF='csrf_tests.csrf_token_error_handler_urls', DEBUG=False)
class CsrfInErrorHandlingViewsTests(SimpleTestCase):
class CsrfInErrorHandlingViewsTests(CsrfFunctionTestMixin, SimpleTestCase):
def test_csrf_token_on_404_stays_constant(self):
response = self.client.get('/does not exist/')
# The error handler returns status code 599.
self.assertEqual(response.status_code, 599)
token1 = response.content
token1 = response.content.decode('ascii')
response = self.client.get('/does not exist/')
self.assertEqual(response.status_code, 599)
token2 = response.content
self.assertTrue(_does_token_match(token1.decode('ascii'), token2.decode('ascii')))
token2 = response.content.decode('ascii')
secret2 = _unmask_cipher_token(token2)
self.assertMaskedSecretCorrect(token1, secret2)