github/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2025-12-10 16:51:24 +01:00
Code Issues Projects Releases Packages Wiki Activity

Better test for Vary header

Browse source
This commit is contained in:
Simon Willison 2020-06-06 12:26:19 -07:00
commit 070838bfa1
2 changed files with 6 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
tests/fixtures.py
View file

@ -132,8 +132,6 @@ class TestClient:
if csrftoken_from is True: if csrftoken_from is True:
csrftoken_from = path csrftoken_from = path
token_response = await self._request(csrftoken_from) token_response = await self._request(csrftoken_from)
# Check this had a Vary: Cookie header
assert "Cookie" == token_response.headers["vary"]
csrftoken = token_response.cookies["ds_csrftoken"] csrftoken = token_response.cookies["ds_csrftoken"]
cookies["ds_csrftoken"] = csrftoken cookies["ds_csrftoken"] = csrftoken
post_data["csrftoken"] = csrftoken post_data["csrftoken"] = csrftoken

6
tests/test_canned_write.py
View file

@ -100,6 +100,12 @@ def test_custom_params(canned_write_client):
assert '<input type="text" id="qp3" name="extra" value="foo">' in response.text assert '<input type="text" id="qp3" name="extra" value="foo">' in response.text
def test_vary_header(canned_write_client):
# These forms embed a csrftoken so they should be served with Vary: Cookie
assert "vary" not in canned_write_client.get("/data").headers
assert "Cookie" == canned_write_client.get("/data/update_name").headers["vary"]
def test_canned_query_permissions_on_database_page(canned_write_client): def test_canned_query_permissions_on_database_page(canned_write_client):
# Without auth only shows three queries # Without auth only shows three queries
query_names = [ query_names = [