websauna.tests.form.test_csrf module¶

Test CSRF functionality as functional tests.

Note

These tests are leftovers from < Pyramid 1.7 when Pyramid did not have flexible CSRF protection and Websauna provided its own mechanism.

websauna.tests.form.test_csrf.csrf_app(request)[source]¶

py.test fixture to set up a dummy app for CSRF testing.

Parameters: request – pytest’s FixtureRequest (internal class, cannot be hinted on a signature)

websauna.tests.form.test_csrf.test_csrf_by_default(csrf_app, session)[source]¶: CSRF goes throgh if we have a proper token.

websauna.tests.form.test_csrf.test_csrf_by_default_fail(csrf_app, session)[source]¶: CSRF error is raised by default if we try to POST to a view and we don’t have token.

websauna.tests.form.test_csrf.test_csrf_exempt(csrf_app, session)[source]¶: Decorated views don’t have automatic CSRF check.