Commit Graph

17 Commits

Author SHA1 Message Date
Jay Cox eef95ea96f Fixed #24696 -- Made CSRF_COOKIE computation lazy.
Only compute the CSRF_COOKIE when it is actually used. This is a
significant speedup for clients not using cookies.

Changed result of the “test_token_node_no_csrf_cookie” test:  It gets
a valid CSRF token now which seems like the correct behavior.

Changed auth_tests.test_views.LoginTest.test_login_csrf_rotate to
use get_token() to trigger CSRF cookie inclusion instead of changing
request.META["CSRF_COOKIE_USED"] directly.
2015-05-02 19:45:14 -04:00
Grzegorz Slusarek 668d53cd12 Fixed #21495 -- Added settings.CSRF_HEADER_NAME 2015-03-05 15:03:40 -05:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Claude Paroz 011f21b4fa Used None-related assertions in CSRF tests
Thanks Markus Holtermann for spotting this.
2015-01-06 08:48:01 +01:00
Claude Paroz 27dd7e7271 Fixed #23815 -- Prevented UnicodeDecodeError in CSRF middleware
Thanks codeitloadit for the report, living180 for investigations
and Tim Graham for the review.
2015-01-06 08:42:58 +01:00
Aymeric Augustin 92e8f1f302 Moved context_processors from django.core to django.template. 2014-12-28 17:00:07 +01:00
Berker Peksag f7969b0920 Fixed #23620 -- Used more specific assertions in the Django test suite. 2014-11-03 11:56:37 -05:00
Tim Graham 815e7a5721 Fixed #20128 -- Made CsrfViewMiddleware ignore IOError when reading POST data.
Thanks Walter Doekes.
2014-06-25 07:08:16 -04:00
Roger Hu 9b729ddd8f Fixed #22185 -- Added settings.CSRF_COOKIE_AGE
Thanks Paul McMillan for the review.
2014-03-06 08:28:43 -05:00
Aymeric Augustin e32095616c Imported override_settings from its new location. 2013-12-23 21:37:56 +01:00
Aymeric Augustin 6e895f9e06 Removed superfluous models.py files.
Added comments in the three empty models.py files that are still needed.

Adjusted the test runner to add applications corresponding to test
labels to INSTALLED_APPS even when they don't have a models module.
2013-12-17 11:16:48 +01:00
Jason Myers 7a61c68c50 PEP8 cleanup
Signed-off-by: Jason Myers <jason@jasonamyers.com>
2013-11-02 23:50:49 -05:00
Alex Gaynor 9d740eb8b1 Fix all violators of E231 2013-10-26 12:15:03 -07:00
Alex Gaynor 9d11522599 Removed some more unused local vars 2013-09-08 12:20:01 -07:00
Olivier Sels 63a9555d57 Fixed #19436 -- Don't log warnings in ensure_csrf_cookie. 2013-05-18 16:17:46 +02:00
Florian Apolloner 051cb1f4c6 Fixed #20411 -- Don't let invalid referers blow up CSRF same origin checks.
Thanks to edevil for the report and saz for the patch.
2013-05-18 12:32:47 +02:00
Florian Apolloner 89f40e3624 Merged regressiontests and modeltests into the test root. 2013-02-26 14:36:57 +01:00