From 6dd21309e4d9b21162b8db3e015533be10db0601 Mon Sep 17 00:00:00 2001
From: Theron Luhn <theron@luhn.com>
Date: Thu, 19 Sep 2019 18:32:41 -0700
Subject: Add allow_no_origin option to CSRF.

---
 tests/test_csrf.py | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'tests/test_csrf.py')

diff --git a/tests/test_csrf.py b/tests/test_csrf.py
index d1b569c32..f93a1afde 100644
--- a/tests/test_csrf.py
+++ b/tests/test_csrf.py
@@ -363,6 +363,12 @@ class Test_check_csrf_origin(unittest.TestCase):
         request.registry.settings = {}
         self.assertTrue(self._callFUT(request))
 
+    def test_success_with_allow_no_origin(self):
+        request = testing.DummyRequest()
+        request.scheme = "https"
+        request.referrer = None
+        self.assertTrue(self._callFUT(request, allow_no_origin=True))
+
     def test_fails_with_wrong_host(self):
         from pyramid.exceptions import BadCSRFOrigin
 
-- 
cgit v1.2.3