Well, looks like I've found workaround. At first we should test if a view
have CSRF protection:
def test_csrf_protected(self):
request = RequestFactory().post('', data={})
response = views.register_form(request)
self.assertEqual(response.status_code, 403)
(fix me, it is very weak test for example purpose)
Then we actually test view, providing request._dont_enforce_csrf_checks =
True. And voila. Remember that you shouldn't test Django library, so it's
obsolete to test "CSRF bypassing + view" chain. Test your view only and
that it is protected with @csrf_protect is absolutely enough.
четверг, 18 июля 2013 г., 11:35:00 UTC+2 пользователь Vladimir Ignatev
написал:
>
> I need using RequestFactory instead of Client to test one of my views. So
> the question is how to generate proper CSRF token to provide it to my
> @csrf_protect'ed view? At this moment I get 403 error when generating POST
> request.
> I've read similar topic in this group dated 2011 year, but that topic
> observed solution of the problem using Client class and it's parameter
> enforce_csrf.
>
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
For more options, visit https://groups.google.com/groups/opt_out.
