From: Roland Häder Date: Fri, 15 Nov 2024 00:15:25 +0000 (+0100) Subject: Continued: X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=refs%2Fheads%2Fmaster;p=fba.git Continued: - better handling of CSRF meta tags --- diff --git a/fba/http/csrf.py b/fba/http/csrf.py index 6843905..bf2648e 100644 --- a/fba/http/csrf.py +++ b/fba/http/csrf.py @@ -79,9 +79,16 @@ def determine(domain: str, headers: dict) -> dict: logger.warning("domain='%s' has returned invalid HTML markup", domain) logger.debug("tag[%s]='%s'", type(tag), tag) - if tag is not None: + if tag is None: + logger.debug("domain='%s' does not have CSRF token", domain) + elif "content" in tag: logger.debug("Adding CSRF token='%s' for domain='%s'", tag["content"], domain) reqheaders["X-CSRF-Token"] = tag["content"] + elif "data-token" in tag: + logger.debug("Adding CSRF token='%s' for domain='%s'", tag["data-token"], domain) + reqheaders["X-CSRF-Token"] = tag["data-token"] + else: + logger.warning("domain='%s' has unknown CSRF token: tag()=%d", domain, len(tag)) elif not validators.url(response_url): logger.warning("response_url='%s' is not valid - Raising exception ...", response_url)