Merge pull request #3512 from luhn/csrf-allow-no-origin

Add allow_no_origin option to CSRF
author: Michael Merickel <michael@merickel.org> 2019-09-30 15:38:27 -0500
committer: GitHub <noreply@github.com> 2019-09-30 15:38:27 -0500
commit: 502149ae3694bcb8eefb42974e84a5bf603aaebb (patch)
tree: b786809fbd15e69b5ecfcc010f1e0ff83b764bc7 /tests/test_csrf.py
parent: f63d45aa7561098f5588eb93b6c3cde126c5e711 (diff)
parent: 070642056a2863c5da20cbc28626f4e8e1c49cdb (diff)
download: pyramid-502149ae3694bcb8eefb42974e84a5bf603aaebb.tar.gz
pyramid-502149ae3694bcb8eefb42974e84a5bf603aaebb.tar.bz2
pyramid-502149ae3694bcb8eefb42974e84a5bf603aaebb.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/tests/test_csrf.py b/tests/test_csrf.py
index d1b569c32..f93a1afde 100644
--- a/tests/test_csrf.py
+++ b/tests/test_csrf.py
@@ -363,6 +363,12 @@ class Test_check_csrf_origin(unittest.TestCase):
         request.registry.settings = {}
         self.assertTrue(self._callFUT(request))
 
+    def test_success_with_allow_no_origin(self):
+        request = testing.DummyRequest()
+        request.scheme = "https"
+        request.referrer = None
+        self.assertTrue(self._callFUT(request, allow_no_origin=True))
+
     def test_fails_with_wrong_host(self):
         from pyramid.exceptions import BadCSRFOrigin
author	Michael Merickel <michael@merickel.org>	2019-09-30 15:38:27 -0500
committer	GitHub <noreply@github.com>	2019-09-30 15:38:27 -0500
commit	502149ae3694bcb8eefb42974e84a5bf603aaebb (patch)
tree	b786809fbd15e69b5ecfcc010f1e0ff83b764bc7 /tests/test_csrf.py
parent	f63d45aa7561098f5588eb93b6c3cde126c5e711 (diff)
parent	070642056a2863c5da20cbc28626f4e8e1c49cdb (diff)
download	pyramid-502149ae3694bcb8eefb42974e84a5bf603aaebb.tar.gz pyramid-502149ae3694bcb8eefb42974e84a5bf603aaebb.tar.bz2 pyramid-502149ae3694bcb8eefb42974e84a5bf603aaebb.zip