MCPcopy
hub / github.com/django/django / _set_csrf_cookie

Method _set_csrf_cookie

django/middleware/csrf.py:253–269  ·  view source on GitHub ↗
(self, request, response)

Source from the content-addressed store, hash-verified

251 return csrf_secret
252
253 def _set_csrf_cookie(self, request, response):
254 if settings.CSRF_USE_SESSIONS:
255 if request.session.get(CSRF_SESSION_KEY) != request.META["CSRF_COOKIE"]:
256 request.session[CSRF_SESSION_KEY] = request.META["CSRF_COOKIE"]
257 else:
258 response.set_cookie(
259 settings.CSRF_COOKIE_NAME,
260 request.META["CSRF_COOKIE"],
261 max_age=settings.CSRF_COOKIE_AGE,
262 domain=settings.CSRF_COOKIE_DOMAIN,
263 path=settings.CSRF_COOKIE_PATH,
264 secure=settings.CSRF_COOKIE_SECURE,
265 httponly=settings.CSRF_COOKIE_HTTPONLY,
266 samesite=settings.CSRF_COOKIE_SAMESITE,
267 )
268 # Set the Vary header since content varies with the CSRF cookie.
269 patch_vary_headers(response, ("Cookie",))
270
271 def _origin_verified(self, request):
272 request_origin = request.META["HTTP_ORIGIN"]

Callers 1

process_responseMethod · 0.95

Calls 3

patch_vary_headersFunction · 0.90
getMethod · 0.45
set_cookieMethod · 0.45

Tested by

no test coverage detected