mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-04 10:59:45 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Fixed #27863 -- Added support for the SameSite cookie flag.

Browse source 
Thanks Alex Gaynor for contributing to the patch.
This commit is contained in:
Alex Gaynor 2018-04-13 20:58:31 -04:00 committed by Tim Graham
parent 13efbb233a
commit 9a56b4b13e
16 changed files with 134 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

8
tests/csrf_tests/tests.py
View file

@ -586,6 +586,14 @@ class CsrfViewMiddlewareTests(CsrfViewMiddlewareTestMixin, SimpleTestCase):
max_age = resp2.cookies.get('csrfcookie').get('max-age')
self.assertEqual(max_age, '')
def test_csrf_cookie_samesite(self):
req = self._get_GET_no_csrf_cookie_request()
with self.settings(CSRF_COOKIE_NAME='csrfcookie', CSRF_COOKIE_SAMESITE='Strict'):
self.mw.process_view(req, token_view, (), {})
resp = token_view(req)
resp2 = self.mw.process_response(req, resp)
self.assertEqual(resp2.cookies['csrfcookie']['samesite'], 'Strict')
def test_process_view_token_too_long(self):
"""
If the token is longer than expected, it is ignored and a new token is