websauna.tests.form.test_csrf module

Test CSRF functionality as functional tests.


These tests are leftovers from < Pyramid 1.7 when Pyramid did not have flexible CSRF protection and Websauna provided its own mechanism.


py.test fixture to set up a dummy app for CSRF testing.


request – pytest’s FixtureRequest (internal class, cannot be hinted on a signature)

websauna.tests.form.test_csrf.session(request, csrf_app)[source]
websauna.tests.form.test_csrf.test_csrf_by_default(csrf_app, session)[source]

CSRF goes throgh if we have a proper token.

websauna.tests.form.test_csrf.test_csrf_by_default_fail(csrf_app, session)[source]

CSRF error is raised by default if we try to POST to a view and we don’t have token.

websauna.tests.form.test_csrf.test_csrf_exempt(csrf_app, session)[source]

Decorated views don’t have automatic CSRF check.