Commits

Steve Losh committed 6bcd8c6 Merge

Merge.

Comments (0)

Files changed (1)

 from flask import abort, request, session, g
 from werkzeug.routing import NotFound
 
+_exempt_views = []
 
-_exempt_views = []
 
 def csrf_exempt(view):
     _exempt_views.append(view)
     return view
 
+
 def csrf(app, on_csrf=None):
     @app.before_request
     def _csrf_check_exemptions():
     
     @app.before_request
     def _csrf_protect():
+        # This simplifies unit testing, wherein CSRF seems to break
+        if app.config.get('TESTING'):
+            return
         if not g._csrf_exempt:
             if request.method == "POST":
                 csrf_token = session.pop('_csrf_token', None)
             session['_csrf_token'] = str(uuid4())
         return session['_csrf_token']
     
-    app.jinja_env.globals['csrf_token'] = generate_csrf_token
-
-
+    app.jinja_env.globals['csrf_token'] = generate_csrf_token