python3Packages.flask-seasurf: fix with werkzeug update

pyrox.dev / nixpkgs

fork atom

lol

fork atom

Flakebi 2 years ago 2124ef40 13aff9b3

+38 -7

1 changed file

expand all

pkgs

development

python-modules

flask-seasurf

0001-Fix-with-new-dependency-versions.patch

+38 -7

pkgs/development/python-modules/flask-seasurf/0001-Fix-with-new-dependency-versions.patch

··· 1 - From 001549503eed364d4baaa5804242f67c6236f6c2 Mon Sep 17 00:00:00 2001 1 + From d3aed2c18cc3a1c88a8052af1f34d7f81f1be11a Mon Sep 17 00:00:00 2001 2 2 From: Flakebi <flakebi@t-online.de> 3 - Date: Sat, 2 Dec 2023 16:55:05 +0100 3 + Date: Wed, 28 Feb 2024 23:24:14 +0100 4 4 Subject: [PATCH] Fix with new dependency versions 5 5 6 6 - cookie_jar is private in werkzeug 2.3, so recreate the client instead 7 7 - set_cookie does not take a hostname argument anymore, use domain instead 8 8 - Headers need to specify a content type 9 9 --- 10 - test_seasurf.py | 63 ++++++++++++++++++++++++------------------------- 11 - 1 file changed, 31 insertions(+), 32 deletions(-) 10 + test_seasurf.py | 71 ++++++++++++++++++++++++------------------------- 11 + 1 file changed, 35 insertions(+), 36 deletions(-) 12 12 13 13 diff --git a/test_seasurf.py b/test_seasurf.py 14 - index 517b2d7..501f82d 100644 14 + index 517b2d7..f940b91 100644 15 15 --- a/test_seasurf.py 16 16 +++ b/test_seasurf.py 17 17 @@ -71,18 +71,18 @@ class SeaSurfTestCase(BaseTestCase): ··· 37 37 self.assertIn(b('403 Forbidden'), rv.data) 38 38 39 39 def test_json_token_validation_bad(self): 40 + @@ -93,7 +93,7 @@ class SeaSurfTestCase(BaseTestCase): 41 + with self.app.test_client() as client: 42 + with client.session_transaction() as sess: 43 + sess[self.csrf._csrf_name] = tokenA 44 + - client.set_cookie('www.example.com', self.csrf._csrf_name, tokenB) 45 + + client.set_cookie(self.csrf._csrf_name, tokenB, domain='www.example.com') 46 + 47 + rv = client.post('/bar', data=data) 48 + self.assertEqual(rv.status_code, 403, rv) 40 49 @@ -107,7 +107,7 @@ class SeaSurfTestCase(BaseTestCase): 41 50 data = {'_csrf_token': token} 42 51 with self.app.test_client() as client: ··· 55 64 sess[self.csrf._csrf_name] = token 56 65 57 66 # once this is reached the session was stored 58 - @@ -144,7 +144,7 @@ class SeaSurfTestCase(BaseTestCase): 67 + @@ -144,18 +144,18 @@ class SeaSurfTestCase(BaseTestCase): 59 68 with client.session_transaction() as sess: 60 69 token = self.csrf._generate_token() 61 70 ··· 64 73 sess[self.csrf._csrf_name] = token 65 74 66 75 # once this is reached the session was stored 76 + - rv = client.post('/bar', 77 + + rv = client.post('/bar', content_type='application/json', 78 + data={self.csrf._csrf_name: token}, 79 + base_url='https://www.example.com', 80 + headers={'Referer': 'https://www.example.com/foobar'}) 81 + 82 + self.assertEqual(rv.status_code, 200) 83 + 84 + - rv = client.post(u'/bar/\xf8', 85 + + rv = client.post(u'/bar/\xf8', content_type='application/json', 86 + data={self.csrf._csrf_name: token}, 87 + base_url='https://www.example.com', 88 + headers={'Referer': 'https://www.example.com/foobar\xf8'}) 67 89 @@ -167,7 +167,7 @@ class SeaSurfTestCase(BaseTestCase): 68 90 with client.session_transaction() as sess: 69 91 token = self.csrf._generate_token() ··· 252 274 self.assertEqual(res2.status_code, 200) 253 275 254 276 def test_header_set_cookie_samesite(self): 277 + @@ -789,7 +788,7 @@ class SeaSurfTestCaseGenerateNewToken(BaseTestCase): 278 + client.get('/foo') 279 + tokenA = self.csrf._get_token() 280 + 281 + - client.set_cookie('www.example.com', self.csrf._csrf_name, tokenA) 282 + + client.set_cookie(self.csrf._csrf_name, tokenA, domain='www.example.com') 283 + with client.session_transaction() as sess: 284 + sess[self.csrf._csrf_name] = tokenA 285 + 255 286 -- 256 - 2.42.0 287 + 2.43.0 257 288