MCPcopy
hub / github.com/django/django / _bad_token_message

Method _bad_token_message

django/middleware/csrf.py:342–347  ·  view source on GitHub ↗
(self, reason, token_source)

Source from the content-addressed store, hash-verified

340 raise RejectRequest(REASON_BAD_REFERER % referer.geturl())
341
342 def _bad_token_message(self, reason, token_source):
343 if token_source != "POST":
344 # Assume it is a settings.CSRF_HEADER_NAME value.
345 header_name = HttpHeaders.parse_header_name(token_source)
346 token_source = f"the {header_name!r} HTTP header"
347 return f"CSRF token from {token_source} {reason}."
348
349 def _check_token(self, request):
350 # Access csrf_secret via self._get_secret() as rotate_token() may have

Callers 1

_check_tokenMethod · 0.95

Calls 1

parse_header_nameMethod · 0.80

Tested by

no test coverage detected