Refs #32311 -- Fixed CSRF_FAILURE_VIEW system check errors code.
This commit is contained in:
parent
fdc3d9dcaf
commit
ba3fb2e4d0
|
@ -54,7 +54,7 @@ def check_csrf_failure_view(app_configs, **kwargs):
|
||||||
"The CSRF failure view '%s' could not be imported." %
|
"The CSRF failure view '%s' could not be imported." %
|
||||||
settings.CSRF_FAILURE_VIEW
|
settings.CSRF_FAILURE_VIEW
|
||||||
)
|
)
|
||||||
errors.append(Error(msg, id='security.E025'))
|
errors.append(Error(msg, id='security.E102'))
|
||||||
else:
|
else:
|
||||||
try:
|
try:
|
||||||
inspect.signature(view).bind(None, reason=None)
|
inspect.signature(view).bind(None, reason=None)
|
||||||
|
@ -63,5 +63,5 @@ def check_csrf_failure_view(app_configs, **kwargs):
|
||||||
"The CSRF failure view '%s' does not take the correct number of arguments." %
|
"The CSRF failure view '%s' does not take the correct number of arguments." %
|
||||||
settings.CSRF_FAILURE_VIEW
|
settings.CSRF_FAILURE_VIEW
|
||||||
)
|
)
|
||||||
errors.append(Error(msg, id='security.E024'))
|
errors.append(Error(msg, id='security.E101'))
|
||||||
return errors
|
return errors
|
||||||
|
|
|
@ -495,16 +495,16 @@ The following checks are run if you use the :option:`check --deploy` option:
|
||||||
should consider enabling this header to protect user privacy.
|
should consider enabling this header to protect user privacy.
|
||||||
* **security.E023**: You have set the :setting:`SECURE_REFERRER_POLICY` setting
|
* **security.E023**: You have set the :setting:`SECURE_REFERRER_POLICY` setting
|
||||||
to an invalid value.
|
to an invalid value.
|
||||||
* **security.E024**: The CSRF failure view ``'path.to.view'`` does not take the
|
|
||||||
correct number of arguments.
|
|
||||||
* **security.E025**: The CSRF failure view ``'path.to.view'`` could not be
|
|
||||||
imported.
|
|
||||||
|
|
||||||
The following checks verify that your security-related settings are correctly
|
The following checks verify that your security-related settings are correctly
|
||||||
configured:
|
configured:
|
||||||
|
|
||||||
* **security.E100**: :setting:`DEFAULT_HASHING_ALGORITHM` must be ``'sha1'`` or
|
* **security.E100**: :setting:`DEFAULT_HASHING_ALGORITHM` must be ``'sha1'`` or
|
||||||
``'sha256'``.
|
``'sha256'``.
|
||||||
|
* **security.E101**: The CSRF failure view ``'path.to.view'`` does not take the
|
||||||
|
correct number of arguments.
|
||||||
|
* **security.E102**: The CSRF failure view ``'path.to.view'`` could not be
|
||||||
|
imported.
|
||||||
|
|
||||||
Signals
|
Signals
|
||||||
-------
|
-------
|
||||||
|
|
|
@ -486,13 +486,13 @@ class CSRFFailureViewTest(SimpleTestCase):
|
||||||
[
|
[
|
||||||
Error(
|
Error(
|
||||||
"The CSRF failure view '' could not be imported.",
|
"The CSRF failure view '' could not be imported.",
|
||||||
id='security.E025',
|
id='security.E102',
|
||||||
)
|
)
|
||||||
],
|
],
|
||||||
)
|
)
|
||||||
|
|
||||||
@override_settings(
|
@override_settings(
|
||||||
CSRF_FAILURE_VIEW=f'{__name__}.failure_view_with_invalid_signature',
|
CSRF_FAILURE_VIEW='check_framework.test_security.failure_view_with_invalid_signature',
|
||||||
)
|
)
|
||||||
def test_failure_view_invalid_signature(self):
|
def test_failure_view_invalid_signature(self):
|
||||||
msg = (
|
msg = (
|
||||||
|
@ -502,5 +502,5 @@ class CSRFFailureViewTest(SimpleTestCase):
|
||||||
)
|
)
|
||||||
self.assertEqual(
|
self.assertEqual(
|
||||||
csrf.check_csrf_failure_view(None),
|
csrf.check_csrf_failure_view(None),
|
||||||
[Error(msg, id='security.E024')],
|
[Error(msg, id='security.E101')],
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in New Issue