[py3] Made csrf context processor return Unicode

d774ad75 · Claude Paroz · 5e958b95 · d774ad75 · d774ad75 · d774ad75
Kaydet (Commit) d774ad75 authored Agu 13, 2012 tarafından Claude Paroz
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 8 deletions

context_processors.py django/core/context_processors.py +7 -4

csrf.py django/middleware/csrf.py +4 -3

tests.py tests/regressiontests/csrf_tests/tests.py +1 -1

No files found.
--- a/django/core/context_processors.py
+++ b/django/core/context_processors.py
@@ -6,12 +6,15 @@ and returns a dictionary to add to the context.
 These are referenced from the setting TEMPLATE_CONTEXT_PROCESSORS and used by
 RequestContext.
 """
+from __future__ import unicode_literals

 from django.conf import settings
 from django.middleware.csrf import get_token
-from django.utils.encoding import smart_bytes
+from django.utils import six
+from django.utils.encoding import smart_text
 from django.utils.functional import lazy

+
 def csrf(request):
    """
    Context processor that provides a CSRF token, or the string 'NOTPROVIDED' if
@@ -23,10 +26,10 @@ def csrf(request):
            # In order to be able to provide debugging info in the
            # case of misconfiguration, we use a sentinel value
            # instead of returning an empty dict.
-            return b'NOTPROVIDED'
+            return 'NOTPROVIDED'
        else:
-            return smart_bytes(token)
-    _get_val = lazy(_get_val, str)
+            return smart_text(token)
+    _get_val = lazy(_get_val, six.text_type)

    return {'csrf_token': _get_val() }


--- a/django/middleware/csrf.py
+++ b/django/middleware/csrf.py
@@ -4,6 +4,7 @@ Cross Site Request Forgery Middleware.
 This module provides a middleware that implements protection
 against request forgeries from other sites.
 """
+from __future__ import unicode_literals

 import hashlib
 import re
@@ -12,6 +13,7 @@ import random
 from django.conf import settings
 from django.core.urlresolvers import get_callable
 from django.utils.cache import patch_vary_headers
+from django.utils.encoding import force_text
 from django.utils.http import same_origin
 from django.utils.log import getLogger
 from django.utils.crypto import constant_time_compare, get_random_string
@@ -51,11 +53,10 @@ def get_token(request):


 def _sanitize_token(token):
-    # Allow only alphanum, and ensure we return a 'str' for the sake
-    # of the post processing middleware.
+    # Allow only alphanum
    if len(token) > CSRF_KEY_LENGTH:
        return _get_new_csrf_key()
-    token = re.sub('[^a-zA-Z0-9]+', '', str(token.decode('ascii', 'ignore')))
+    token = re.sub('[^a-zA-Z0-9]+', '', force_text(token))
    if token == "":
        # In case the cookie has been truncated to nothing at some point.
        return _get_new_csrf_key()

--- a/tests/regressiontests/csrf_tests/tests.py
+++ b/tests/regressiontests/csrf_tests/tests.py
@@ -216,7 +216,7 @@ class CsrfViewMiddlewareTest(TestCase):
        """
        req = self._get_GET_no_csrf_cookie_request()
        resp = token_view(req)
-        self.assertEqual("", resp.content)
+        self.assertEqual(resp.content, b'')

    def test_token_node_empty_csrf_cookie(self):
        """