CTFd/tests/utils/test_sessions.py

from tests.helpers import create_ctfd, destroy_ctfd


def test_sessions_set_httponly():
    app = create_ctfd()
    with app.app_context():
        with app.test_client() as client:
            r = client.get("/")
            cookie = dict(r.headers)["Set-Cookie"]
            assert "HttpOnly;" in cookie
    destroy_ctfd(app)


def test_sessions_set_samesite():
    app = create_ctfd()
    with app.app_context():
        with app.test_client() as client:
            r = client.get("/")
            cookie = dict(r.headers)["Set-Cookie"]
            assert "SameSite=" in cookie
    destroy_ctfd(app)
2.1.0 (#957) https://github.com/CTFd/CTFd/milestone/6 2019-04-17 05:36:30 +00:00			`from tests.helpers import create_ctfd, destroy_ctfd`
Default SameSite session cookie setting to Lax (#824) 2019-01-08 07:52:51 +00:00

			`def test_sessions_set_httponly():`
			`app = create_ctfd()`
			`with app.app_context():`
			`with app.test_client() as client:`
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/*/'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty. 2019-05-12 01:09:37 +00:00			`r = client.get("/")`
			`cookie = dict(r.headers)["Set-Cookie"]`
			`assert "HttpOnly;" in cookie`
Default SameSite session cookie setting to Lax (#824) 2019-01-08 07:52:51 +00:00			`destroy_ctfd(app)`


			`def test_sessions_set_samesite():`
			`app = create_ctfd()`
			`with app.app_context():`
			`with app.test_client() as client:`
Format all the things (#991) * Format Javascript and CSS files with `prettier`: `prettier --write 'CTFd/themes/*/'` * Format Python with `black`: `black CTFd` & `black tests` * Travis now uses xenial instead of trusty. 2019-05-12 01:09:37 +00:00			`r = client.get("/")`
			`cookie = dict(r.headers)["Set-Cookie"]`
			`assert "SameSite=" in cookie`
Default SameSite session cookie setting to Lax (#824) 2019-01-08 07:52:51 +00:00			`destroy_ctfd(app)`