Continued:

- logging whole tag isn't a good idea
- yes, the HTML is sometimes broken, e.g. <meta> and not <meta /> (self-closing)
- the open tag causes the warning

diff --git a/fba/http/csrf.py b/fba/http/csrf.py
index ddfe408c2f3c8c4028dd8eeb9afe9822c753ac6e..f9fa0b3430c9346d0a7ee6e1b0652247d7332f82 100644 (file)
--- a/fba/http/csrf.py
+++ b/fba/http/csrf.py
@@ -75,7 +75,7 @@ def determine(domain: str, headers: dict) -> dict:
         except bs4.builder.ParserRejectedMarkup:
             logger.warning("domain='%s' has returned invalid HTML markup", domain)
 
-        logger.debug("tag[%s]='%s'", type(tag), tag)
+        logger.debug("tag[]='%s'", type(tag))
         if tag is None:
             logger.debug("domain='%s' does not have CSRF token", domain)
         elif "content" in tag:
@@ -85,7 +85,7 @@ def determine(domain: str, headers: dict) -> dict:
             logger.debug("Adding CSRF token='%s' for domain='%s'", tag["data-token"], domain)
             reqheaders["X-CSRF-Token"] = tag["data-token"]
         else:
-            logger.warning("domain='%s' has unknown CSRF token: tag(%d)='%s'", domain, len(tag), tag)
+            logger.warning("domain='%s' has unknown CSRF token: tag()=%d", domain, len(tag))
     elif not validators.url(response_url):
         logger.warning("response_url='%s' is not valid - Raising exception ...", response_url)