Webhooks: fix 403 Forbidden errors (csrf check)

* csrf_exempt must be applied to View.dispatch, not View.post. * In base WebhookTestCase, enable Django test Client enforce_csrf_checks. (Test Client by default disables CSRF protection.) Closes #19
2025-12-20 03:41:05 -05:00 · 2016-05-31 11:54:18 -07:00
parent 34af81aee6
commit af0e36ab65
3 changed files with 19 additions and 2 deletions
--- a/tests/webhook_cases.py
+++ b/tests/webhook_cases.py
@@ -6,7 +6,7 @@ from mock import create_autospec, ANY
 from anymail.exceptions import AnymailInsecureWebhookWarning
 from anymail.signals import tracking, inbound

-from .utils import AnymailTestMixin
+from .utils import AnymailTestMixin, ClientWithCsrfChecks


 def event_handler(sender, event, esp_name, **kwargs):
@@ -22,6 +22,8 @@ class WebhookTestCase(AnymailTestMixin, SimpleTestCase):
    - sets up basic auth by default (since most ESP webhooks warn if it's not enabled)
    """

+    client_class = ClientWithCsrfChecks
+
    def setUp(self):
        super(WebhookTestCase, self).setUp()
        # Use correct basic auth by default (individual tests can override):