diff options
Diffstat (limited to 'pkgs/development/python-modules/flask-seasurf/0001-Fix-with-new-dependency-versions.patch')
-rw-r--r-- | pkgs/development/python-modules/flask-seasurf/0001-Fix-with-new-dependency-versions.patch | 45 |
1 files changed, 38 insertions, 7 deletions
diff --git a/pkgs/development/python-modules/flask-seasurf/0001-Fix-with-new-dependency-versions.patch b/pkgs/development/python-modules/flask-seasurf/0001-Fix-with-new-dependency-versions.patch index c12c85e0de25..2506a10268b2 100644 --- a/pkgs/development/python-modules/flask-seasurf/0001-Fix-with-new-dependency-versions.patch +++ b/pkgs/development/python-modules/flask-seasurf/0001-Fix-with-new-dependency-versions.patch @@ -1,17 +1,17 @@ -From 001549503eed364d4baaa5804242f67c6236f6c2 Mon Sep 17 00:00:00 2001 +From d3aed2c18cc3a1c88a8052af1f34d7f81f1be11a Mon Sep 17 00:00:00 2001 From: Flakebi <flakebi@t-online.de> -Date: Sat, 2 Dec 2023 16:55:05 +0100 +Date: Wed, 28 Feb 2024 23:24:14 +0100 Subject: [PATCH] Fix with new dependency versions - cookie_jar is private in werkzeug 2.3, so recreate the client instead - set_cookie does not take a hostname argument anymore, use domain instead - Headers need to specify a content type --- - test_seasurf.py | 63 ++++++++++++++++++++++++------------------------- - 1 file changed, 31 insertions(+), 32 deletions(-) + test_seasurf.py | 71 ++++++++++++++++++++++++------------------------- + 1 file changed, 35 insertions(+), 36 deletions(-) diff --git a/test_seasurf.py b/test_seasurf.py -index 517b2d7..501f82d 100644 +index 517b2d7..f940b91 100644 --- a/test_seasurf.py +++ b/test_seasurf.py @@ -71,18 +71,18 @@ class SeaSurfTestCase(BaseTestCase): @@ -37,6 +37,15 @@ index 517b2d7..501f82d 100644 self.assertIn(b('403 Forbidden'), rv.data) def test_json_token_validation_bad(self): +@@ -93,7 +93,7 @@ class SeaSurfTestCase(BaseTestCase): + with self.app.test_client() as client: + with client.session_transaction() as sess: + sess[self.csrf._csrf_name] = tokenA +- client.set_cookie('www.example.com', self.csrf._csrf_name, tokenB) ++ client.set_cookie(self.csrf._csrf_name, tokenB, domain='www.example.com') + + rv = client.post('/bar', data=data) + self.assertEqual(rv.status_code, 403, rv) @@ -107,7 +107,7 @@ class SeaSurfTestCase(BaseTestCase): data = {'_csrf_token': token} with self.app.test_client() as client: @@ -55,7 +64,7 @@ index 517b2d7..501f82d 100644 sess[self.csrf._csrf_name] = token # once this is reached the session was stored -@@ -144,7 +144,7 @@ class SeaSurfTestCase(BaseTestCase): +@@ -144,18 +144,18 @@ class SeaSurfTestCase(BaseTestCase): with client.session_transaction() as sess: token = self.csrf._generate_token() @@ -64,6 +73,19 @@ index 517b2d7..501f82d 100644 sess[self.csrf._csrf_name] = token # once this is reached the session was stored +- rv = client.post('/bar', ++ rv = client.post('/bar', content_type='application/json', + data={self.csrf._csrf_name: token}, + base_url='https://www.example.com', + headers={'Referer': 'https://www.example.com/foobar'}) + + self.assertEqual(rv.status_code, 200) + +- rv = client.post(u'/bar/\xf8', ++ rv = client.post(u'/bar/\xf8', content_type='application/json', + data={self.csrf._csrf_name: token}, + base_url='https://www.example.com', + headers={'Referer': 'https://www.example.com/foobar\xf8'}) @@ -167,7 +167,7 @@ class SeaSurfTestCase(BaseTestCase): with client.session_transaction() as sess: token = self.csrf._generate_token() @@ -252,6 +274,15 @@ index 517b2d7..501f82d 100644 self.assertEqual(res2.status_code, 200) def test_header_set_cookie_samesite(self): +@@ -789,7 +788,7 @@ class SeaSurfTestCaseGenerateNewToken(BaseTestCase): + client.get('/foo') + tokenA = self.csrf._get_token() + +- client.set_cookie('www.example.com', self.csrf._csrf_name, tokenA) ++ client.set_cookie(self.csrf._csrf_name, tokenA, domain='www.example.com') + with client.session_transaction() as sess: + sess[self.csrf._csrf_name] = tokenA + -- -2.42.0 +2.43.0 |