 Chris Jerdonek
|
5d80843ebc
Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret.
|
пре 3 година |
|
Chris Jerdonek
|
3f0025c18a
Refs #32800 -- Avoided use of _does_token_match() in some CSRF tests.
|
пре 3 година |
|
Chris Jerdonek
|
0820175d81
Refs #32800 -- Added CSRF tests for masked and unmasked secrets during GET.
|
пре 3 година |
|
Chris Jerdonek
|
be1fd6645d
Refs #32800 -- Added test_masked_secret_accepted_and_not_replaced().
|
пре 3 година |
|
Chris Jerdonek
|
7aba820aca
Refs #32800 -- Improved CsrfViewMiddlewareTestMixin._check_token_present().
|
пре 3 година |
|
Chris Jerdonek
|
26d8e3f302
Refs #32800 -- Used the cookie argument to CsrfViewMiddlewareTestMixin._get_request() in more tests.
|
пре 3 година |
|
Chris Jerdonek
|
795051b2b0
Refs #32800 -- Added tests of more CSRF functions.
|
пре 3 година |
|
Chris Jerdonek
|
7132341255
Refs #32800 -- Renamed _compare_masked_tokens() to _does_token_match().
|
пре 3 година |
|
Virtosu Bogdan
|
00ea883ef5
Fixed #32329 -- Made CsrfViewMiddleware catch more specific UnreadablePostError.
|
пре 3 година |
|
Virtosu Bogdan
|
852fa7617e
Refs #32329 -- Allowed specifying request class in csrf_tests test hooks.
|
пре 3 година |
|
Chris Jerdonek
|
a2e1f1e295
Fixed #32902 -- Fixed CsrfViewMiddleware.process_response()'s cookie reset logic.
|
пре 3 година |
|
Chris Jerdonek
|
311401d9a2
Refs #32902 -- Added CSRF test when rotate_token() is called between resetting the token and processing response.
|
пре 3 година |
|
Chris Jerdonek
|
43d1ea6e2f
Refs #32885 -- Used _read_csrf_cookie()/_set_csrf_cookie() in more CSRF tests.
|
пре 3 година |
|
Chris Jerdonek
|
abc8795632
Fixed #32885 -- Removed cookie-based token specific logic from CsrfViewMiddlewareTestMixin.
|
пре 3 година |
|
Chris Jerdonek
|
594d6e9407
Refs #32843 -- Added CsrfViewMiddlewareTestMixin._get_csrf_cookie_request() hook.
|
пре 3 година |
|
Chris Jerdonek
|
c8439d1dba
Refs #32843 -- Added method/cookie arguments to CsrfViewMiddlewareTestMixin._get_request().
|
пре 3 година |
|
Chris Jerdonek
|
6bccb64347
Refs #32843 -- Moved _get_GET_csrf_cookie_request() to CsrfViewMiddlewareTestMixin.
|
пре 3 година |
|
Chris Jerdonek
|
4397d2bd6b
Fixed #32843 -- Ensured the CSRF tests' _get_GET_csrf_cookie_request() sets the request method.
|
пре 3 година |
|
Chris Jerdonek
|
5e60c3943b
Refs #32800 -- Added CsrfViewMiddleware tests for all combinations of masked/unmasked cookies and tokens.
|
пре 3 година |
|
Chris Jerdonek
|
defa8d3d87
Refs #32800 -- Made CsrfViewMiddlewareTestMixin._csrf_id_cookie and _csrf_id_token different.
|
пре 3 година |
|
Chris Jerdonek
|
2523c32d50
Refs #32800 -- Eliminated the need for separate _get_POST_bare_secret() methods.
|
пре 3 година |
|
Chris Jerdonek
|
c8108591b9
Refs #32800 -- Added to csrf_tests/tests.py the unmasked version of the secret.
|
пре 3 година |
|
Chris Jerdonek
|
fcb75651f9
Fixed #32817 -- Added the token source to CsrfViewMiddleware's bad token error messages.
|
пре 3 година |
|
Chris Jerdonek
|
1a284afb07
Refs #32817 -- Added tests for bad CSRF token provided via X-CSRFToken or custom header.
|
пре 3 година |
|
Chris Jerdonek
|
6837bd68a4
Refs #32817 -- Added post_token/meta_token/token_header arguments to _get_POST_csrf_cookie_request().
|
пре 3 година |
|
Chris Jerdonek
|
999402f142
Refs #32817 -- Combined the bad-or-missing CSRF token tests.
|
пре 3 година |
|
Chris Jerdonek
|
cd19db10df
Fixed #32796 -- Changed CsrfViewMiddleware to fail earlier on badly formatted cookie tokens.
|
пре 3 година |
|
Chris Jerdonek
|
623cec0879
Refs #32796 -- Added CsrfViewMiddleware tests for incorrectly formatted cookie tokens.
|
пре 3 година |
|
Chris Jerdonek
|
55775891fb
Fixed #32795 -- Changed CsrfViewMiddleware to fail earlier on badly formatted tokens.
|
пре 3 година |
|
Chris Jerdonek
|
ffdee8d264
Refs #32795 -- Added CsrfViewMiddleware tests for rejecting invalid or missing tokens.
|
пре 3 година |
