Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Anonymous CSRF cookie fix, test fixes, and ANON_ALWAYS cleanup #11

Open
wants to merge 7 commits into
base: master
Choose a base branch
from
Open

Anonymous CSRF cookie fix, test fixes, and ANON_ALWAYS cleanup #11

wants to merge 7 commits into from

Commits on Jun 5, 2012

  1. Fix test broken by Django 1.4.

    Jody McIntyre committed Jun 5, 2012
    Configuration menu
    Copy the full SHA
    84db1ae View commit details
    Browse the repository at this point in the history

  2. Fix test failures when CSRF_FAILURE_VIEW is set to something that red… 

    …irects.
    Jody McIntyre committed Jun 5, 2012
    Configuration menu
    Copy the full SHA
    65c4e30 View commit details
    Browse the repository at this point in the history

Commits on Jun 6, 2012

  1. Re-add urls attribute to TestCsrfToken tests. This is needed to 

    ensure that / is a simple view that doesn't have side effects that
break the tests.  session-csrf's tests should be independent of the
Django project it's included in.
    Jody McIntyre committed Jun 6, 2012
    Configuration menu
    Copy the full SHA
    c23330a View commit details
    Browse the repository at this point in the history

Commits on Jun 8, 2012

  1. Use session cookie for anonymous CSRF cookie. 

    This fixes an issue with IE 7 and 8 not accepting the cookie if the client's
date is set wrong. Session cookies (cookies that have no set expiry date and
therefore expire at the end of the browser session) are already used by Django
for storing the SESSION_COOKIE (sessionid by default).
    Jody McIntyre committed Jun 8, 2012
    Configuration menu
    Copy the full SHA
    8b636bc View commit details
    Browse the repository at this point in the history

  2. Merge @anonymous_csrf and ANON_ALWAYS functionality 

    This requires moving the common code into process_view so we can tell
if the view has been decorated.
    Jody McIntyre committed Jun 8, 2012
    Configuration menu
    Copy the full SHA
    0745828 View commit details
    Browse the repository at this point in the history

Commits on Jun 29, 2012

  1. Unset ANON_ALWAYS during TestCsrfMiddleware tests. 

    This caused test_anon_token_from_cookie to pass when it shouldn't
    @scjody
    scjody authored and Jody McIntyre committed Jun 29, 2012
    Configuration menu
    Copy the full SHA
    a02ba04 View commit details
    Browse the repository at this point in the history

  2. Fix test_anon_token_from_cookie. 

    The view needs to be decorated with anonymous_csrf before calling
process_view.
    @scjody
    scjody committed Jun 29, 2012
    Configuration menu
    Copy the full SHA
    452522a View commit details
    Browse the repository at this point in the history