Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix type hint for CSRFProtectMiddleware #17

Merged
merged 1 commit into from
Apr 9, 2024

Conversation

letuanhai
Copy link
Contributor

Parameter csrf_secret of class CSRFProtectMiddleware should be of type Optional[str] instead of Optional[ByteString] as generate_csrf and validate_csrf take in csrf_secret as str. Passing a ByteString as csrf_secret to CSRFProtectMiddleware cause token validation to raise BadSignature exception, and validate_csrf to raise ValidationError('The CSRF token is invalid.').

Parameter `csrf_secret` of class `CSRFProtectMiddleware` should be of type `Optional[str]` instead of `Optional[ByteString]` as `generate_csrf` and `validate_csrf` take in `csrf_secret` as `str`.
Passing a `ByteString` as `csrf_secret` to `CSRFProtectMiddleware` cause token validation to raise `BadSignature` exception, and `validate_csrf` to raise `ValidationError('The CSRF token is invalid.')`.
@amorey amorey changed the base branch from main to v0.4.4 April 9, 2024 06:53
@amorey amorey merged commit bb6a25e into kubetail-org:v0.4.4 Apr 9, 2024
@amorey
Copy link
Member

amorey commented Apr 9, 2024

Awesome! Thanks for the bugfix.

@amorey amorey mentioned this pull request Apr 9, 2024
amorey added a commit that referenced this pull request Apr 9, 2024
* Added support for form prefixes (#15)
* Fixed type hint issue in CSRFProtectMiddleware (#17)
* Fixed deprecation warnings in tests
* Updated README to latest dev best practices
* Fixed bugs in examples, added READMEs and requirements.txt files

---------

Co-authored-by: Le Tuan Hai <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants