request.host_port is a str not an int

author: Donald Stufft <donald@stufft.io> 2016-04-17 12:09:58 -0400
committer: Michael Merickel <michael@merickel.org> 2016-04-17 19:52:41 -0500
commit: 8840437df934a3a29a19be4bfee96cbcf5d537ff (patch)
tree: 5d4d5a1ba269267d1fce55e83343d45657227e5d
parent: b4ea370131a9b28cd02db3c674d1b4fcdd7ce6d5 (diff)
download: pyramid-8840437df934a3a29a19be4bfee96cbcf5d537ff.tar.gz
pyramid-8840437df934a3a29a19be4bfee96cbcf5d537ff.tar.bz2
pyramid-8840437df934a3a29a19be4bfee96cbcf5d537ff.zip
3 files changed, 11 insertions, 11 deletions
diff --git a/pyramid/session.py b/pyramid/session.py
index 36ebc2f00..811c81fb4 100644
--- a/pyramid/session.py
+++ b/pyramid/session.py
@@ -182,7 +182,7 @@ def check_csrf_origin(request, trusted_origins=None, raises=True):
                     "pyramid.csrf_trusted_origins", [])
             )
 
-        if request.host_port not in set([80, 443]):
+        if request.host_port not in set(["80", "443"]):
             trusted_origins.append("{0.domain}:{0.host_port}".format(request))
         else:
             trusted_origins.append(request.domain)
diff --git a/pyramid/tests/test_session.py b/pyramid/tests/test_session.py
index e08f9a919..3a308d08b 100644
--- a/pyramid/tests/test_session.py
+++ b/pyramid/tests/test_session.py
@@ -721,7 +721,7 @@ class Test_check_csrf_origin(unittest.TestCase):
         request = testing.DummyRequest()
         request.scheme = "https"
         request.host = "example.com"
-        request.host_port = 443
+        request.host_port = "443"
         request.referrer = "https://example.com/login/"
         request.registry.settings = {}
         self.assertTrue(self._callFUT(request))
@@ -730,7 +730,7 @@ class Test_check_csrf_origin(unittest.TestCase):
         request = testing.DummyRequest()
         request.scheme = "https"
         request.host = "example.com"
-        request.host_port = 443
+        request.host_port = "443"
         request.headers = {"Origin": "https://example.com/"}
         request.referrer = "https://not-example.com/"
         request.registry.settings = {}
@@ -740,7 +740,7 @@ class Test_check_csrf_origin(unittest.TestCase):
         request = testing.DummyRequest()
         request.scheme = "https"
         request.host = "example.com"
-        request.host_port = 443
+        request.host_port = "443"
         request.referrer = "https://not-example.com/login/"
         request.registry.settings = {
             "pyramid.csrf_trusted_origins": ["not-example.com"],
@@ -751,7 +751,7 @@ class Test_check_csrf_origin(unittest.TestCase):
         request = testing.DummyRequest()
         request.scheme = "https"
         request.host = "example.com:8080"
-        request.host_port = 8080
+        request.host_port = "8080"
         request.referrer = "https://example.com:8080/login/"
         request.registry.settings = {}
         self.assertTrue(self._callFUT(request))
@@ -761,7 +761,7 @@ class Test_check_csrf_origin(unittest.TestCase):
         request = testing.DummyRequest()
         request.scheme = "https"
         request.host = "example.com"
-        request.host_port = 443
+        request.host_port = "443"
         request.referrer = "https://not-example.com/login/"
         request.registry.settings = {}
         self.assertRaises(BadCSRFOrigin, self._callFUT, request)
@@ -780,7 +780,7 @@ class Test_check_csrf_origin(unittest.TestCase):
         request = testing.DummyRequest()
         request.scheme = "https"
         request.host = "example.com"
-        request.host_port = 443
+        request.host_port = "443"
         request.referrer = "http://example.com/evil/"
         request.registry.settings = {}
         self.assertRaises(BadCSRFOrigin, self._callFUT, request)
@@ -791,7 +791,7 @@ class Test_check_csrf_origin(unittest.TestCase):
         request = testing.DummyRequest()
         request.scheme = "https"
         request.host = "example.com:8080"
-        request.host_port = 8080
+        request.host_port = "8080"
         request.referrer = "https://example.com/login/"
         request.registry.settings = {}
         self.assertRaises(BadCSRFOrigin, self._callFUT, request)
diff --git a/pyramid/tests/test_viewderivers.py b/pyramid/tests/test_viewderivers.py
index ae02e0152..4767da580 100644
--- a/pyramid/tests/test_viewderivers.py
+++ b/pyramid/tests/test_viewderivers.py
@@ -1148,7 +1148,7 @@ class TestDeriveView(unittest.TestCase):
         request = self._makeRequest()
         request.scheme = "https"
         request.domain = "example.com"
-        request.host_port = 443
+        request.host_port = "443"
         request.referrer = "https://example.com/login/"
         request.method = 'POST'
         request.session = DummySession({'csrf_token': 'foo'})
@@ -1208,7 +1208,7 @@ class TestDeriveView(unittest.TestCase):
         request = self._makeRequest()
         request.method = "POST"
         request.scheme = "https"
-        request.host_port = 443
+        request.host_port = "443"
         request.domain = "example.com"
         request.referrer = "https://not-example.com/evil/"
         request.registry.settings = {}
@@ -1221,7 +1221,7 @@ class TestDeriveView(unittest.TestCase):
         request = self._makeRequest()
         request.method = "POST"
         request.scheme = "https"
-        request.host_port = 443
+        request.host_port = "443"
         request.domain = "example.com"
         request.headers = {"Origin": "https://not-example.com/evil/"}
         request.registry.settings = {}
author	Donald Stufft <donald@stufft.io>	2016-04-17 12:09:58 -0400
committer	Michael Merickel <michael@merickel.org>	2016-04-17 19:52:41 -0500
commit	8840437df934a3a29a19be4bfee96cbcf5d537ff (patch)
tree	5d4d5a1ba269267d1fce55e83343d45657227e5d
parent	b4ea370131a9b28cd02db3c674d1b4fcdd7ce6d5 (diff)
download	pyramid-8840437df934a3a29a19be4bfee96cbcf5d537ff.tar.gz pyramid-8840437df934a3a29a19be4bfee96cbcf5d537ff.tar.bz2 pyramid-8840437df934a3a29a19be4bfee96cbcf5d537ff.zip