Turn short and hex XSRF tests into success tests

2014-07-08 09:07:18 +02:00 · 2014-07-08 09:07:18 +02:00 · d881dd2f87
parent 22e8614fdd
commit d881dd2f87
1 changed files with 14 additions and 14 deletions
--- a/tornado/test/web_test.py
+++ b/tornado/test/web_test.py
@ -1954,20 +1954,6 @@ class XSRFTest(SimpleHandlerTestCase):
                body=urllib_parse.urlencode(dict(_xsrf=self.xsrf_token)))
        self.assertEqual(response.code, 403)

-    def test_xsrf_success_short_token(self):
-        with ExpectLog(gen_log, ".*XSRF cookie does not match POST"):
-            response = self.fetch(
-                "/", method="POST",
-                body=urllib_parse.urlencode(dict(_xsrf='deadbeef')))
-        self.assertEqual(response.code, 403)
-
-    def test_xsrf_success_non_hex_token(self):
-        with ExpectLog(gen_log, ".*XSRF cookie is not a hexadecimal"):
-            response = self.fetch(
-                "/", method="POST",
-                body=urllib_parse.urlencode(dict(_xsrf='xoxo')))
-        self.assertEqual(response.code, 400)
-
    def test_xsrf_fail_cookie_no_body(self):
        with ExpectLog(gen_log, ".*'_xsrf' argument missing"):
            response = self.fetch(
@ -1975,6 +1961,20 @@ class XSRFTest(SimpleHandlerTestCase):
                headers=self.cookie_headers())
        self.assertEqual(response.code, 403)

+    def test_xsrf_success_short_token(self):
+        response = self.fetch(
+            "/", method="POST",
+            body=urllib_parse.urlencode(dict(_xsrf='deadbeef')),
+            headers=self.cookie_headers(token='deadbeef'))
+        self.assertEqual(response.code, 200)
+
+    def test_xsrf_success_non_hex_token(self):
+        response = self.fetch(
+            "/", method="POST",
+            body=urllib_parse.urlencode(dict(_xsrf='xoxo')),
+            headers=self.cookie_headers(token='xoxo'))
+        self.assertEqual(response.code, 200)
+
    def test_xsrf_success_post_body(self):
        response = self.fetch(
            "/", method="POST",