[Django] #32579: Two outdated code comments in CsrfViewMiddleware.process_view()

[Django]

#32579: Two outdated code comments in CsrfViewMiddleware.process_view()
-------------------------------------+-------------------------------------
Reporter: Chris | Owner: nobody
Jerdonek |
Type: | Status: new
Cleanup/optimization |
Component: CSRF | Version: dev
Severity: Normal | Keywords: CsrfViewMiddleware
Triage Stage: | Has patch: 0
Unreviewed |
Needs documentation: 0 | Needs tests: 0
Patch needs improvement: 0 | Easy pickings: 0
UI/UX: 0 |
-------------------------------------+-------------------------------------
I noticed that a couple code comments in
`CsrfViewMiddleware.process_view()` are outdated:

First, there's this one:
https://github.com/django/django/blob/41e6b2a3c5e723256506b9ff49437d52a1f3bf43/django/middleware/csrf.py#L333-L334
which wasn't updated here:
https://github.com/django/django/commit/b0c56b895fd2694d7f5d4595bdbbc41916607f45

There's also this one:
https://github.com/django/django/blob/41e6b2a3c5e723256506b9ff49437d52a1f3bf43/django/middleware/csrf.py#L314-L316
which wasn't updated quite correctly here:
https://github.com/django/django/commit/ddf169cdaca91e92dd5bfe6796bb6f38369ecb68

Something like this would be better for the second one:

{{{
- # If there isn't a CSRF_COOKIE_DOMAIN, require an exact match
- # match on host:port. If not, obey the cookie rules (or those
- # for the session cookie, if CSRF_USE_SESSIONS).
good_referer = (
settings.SESSION_COOKIE_DOMAIN
if settings.CSRF_USE_SESSIONS
else settings.CSRF_COOKIE_DOMAIN
)
- if good_referer is not None:
- server_port = request.get_port()
- if server_port not in ('443', '80'):
- good_referer = '%s:%s' % (good_referer, server_port)
- else:
+ if good_referer is None:
+ # If no cookie domain is configured, allow matching the
+ # current host:port.
try:
# request.get_host() includes the port.
good_referer = request.get_host()
except DisallowedHost:
pass
+ else:
+ server_port = request.get_port()
+ if server_port not in ('443', '80'):
+ good_referer = '%s:%s' % (good_referer, server_port)
}}}

--
Ticket URL: <https://code.djangoproject.com/ticket/32579>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

[Django]

#32579: Two outdated code comments in CsrfViewMiddleware.process_view()

--------------------------------------+------------------------------------
Reporter: Chris Jerdonek | Owner: nobody
Type: Cleanup/optimization | Status: new
Component: CSRF | Version: dev
Severity: Normal | Resolution:
Keywords: CsrfViewMiddleware | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0

--------------------------------------+------------------------------------
Changes (by Mariusz Felisiak):

* stage: Unreviewed => Accepted

--
Ticket URL: <https://code.djangoproject.com/ticket/32579#comment:1>

[Django]

#32579: Two outdated code comments in CsrfViewMiddleware.process_view()
-------------------------------------+-------------------------------------

Reporter: Chris Jerdonek | Owner: Chris
Type: | Jerdonek
Cleanup/optimization | Status: assigned
Component: CSRF | Version: dev

Severity: Normal | Resolution:
Keywords: CsrfViewMiddleware | Triage Stage: Accepted

Has patch: 0 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------

Changes (by Chris Jerdonek):

* owner: nobody => Chris Jerdonek
* status: new => assigned

--
Ticket URL: <https://code.djangoproject.com/ticket/32579#comment:2>

[Django]

#32579: Two outdated code comments in CsrfViewMiddleware.process_view()
-------------------------------------+-------------------------------------

Reporter: Chris Jerdonek | Owner: Chris
Type: | Jerdonek
Cleanup/optimization | Status: assigned

Component: CSRF | Version: dev

Severity: Normal | Resolution:
Keywords: CsrfViewMiddleware | Triage Stage: Accepted

Has patch: 1 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------

Changes (by Chris Jerdonek):

* has_patch: 0 => 1

Comment:

PR: https://github.com/django/django/pull/14176

--
Ticket URL: <https://code.djangoproject.com/ticket/32579#comment:3>

[Django]

#32579: Two outdated code comments in CsrfViewMiddleware.process_view()
-------------------------------------+-------------------------------------

Reporter: Chris Jerdonek | Owner: Chris
Type: | Jerdonek
Cleanup/optimization | Status: assigned

Component: CSRF | Version: dev
Severity: Normal | Resolution:
Keywords: CsrfViewMiddleware | Triage Stage: Ready for
| checkin
Has patch: 1 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------

Changes (by Mariusz Felisiak):

* stage: Accepted => Ready for checkin

--
Ticket URL: <https://code.djangoproject.com/ticket/32579#comment:4>

[Django]

#32579: Two outdated code comments in CsrfViewMiddleware.process_view()
-------------------------------------+-------------------------------------

Reporter: Chris Jerdonek | Owner: Chris
Type: | Jerdonek
Cleanup/optimization | Status: assigned

Component: CSRF | Version: dev

Severity: Normal | Resolution:
Keywords: CsrfViewMiddleware | Triage Stage: Ready for
| checkin

Has patch: 1 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------

Comment (by Mariusz Felisiak <felisiak.mariusz@…>):

In [changeset:"f3825248a2327b47798b358c96cfb183dcb49418" f382524]:
{{{
#!CommitTicketReference repository=""
revision="f3825248a2327b47798b358c96cfb183dcb49418"
Refs #32579 -- Fixed cookie domain comment in
CsrfViewMiddleware.process_view().
}}}

--
Ticket URL: <https://code.djangoproject.com/ticket/32579#comment:6>

[Django]

#32579: Two outdated code comments in CsrfViewMiddleware.process_view()
-------------------------------------+-------------------------------------

Reporter: Chris Jerdonek | Owner: Chris
Type: | Jerdonek
Cleanup/optimization | Status: assigned

Component: CSRF | Version: dev

Severity: Normal | Resolution:
Keywords: CsrfViewMiddleware | Triage Stage: Ready for
| checkin

Has patch: 1 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------

Comment (by Mariusz Felisiak <felisiak.mariusz@…>):

In [changeset:"70332e6c431dc5988230dd3d91d3d8108b9aa0f0" 70332e6c]:
{{{
#!CommitTicketReference repository=""
revision="70332e6c431dc5988230dd3d91d3d8108b9aa0f0"
Refs #32579 -- Optimized good_hosts creation in
CsrfViewMiddleware.process_view().
}}}

--
Ticket URL: <https://code.djangoproject.com/ticket/32579#comment:5>

[Django]

#32579: Two outdated code comments in CsrfViewMiddleware.process_view()
-------------------------------------+-------------------------------------

Reporter: Chris Jerdonek | Owner: Chris
Type: | Jerdonek

Cleanup/optimization | Status: closed
Component: CSRF | Version: dev
Severity: Normal | Resolution: fixed

Keywords: CsrfViewMiddleware | Triage Stage: Ready for
| checkin

Has patch: 1 | Needs documentation: 0

Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------

Changes (by Mariusz Felisiak):

* status: assigned => closed
* resolution: => fixed

--
Ticket URL: <https://code.djangoproject.com/ticket/32579#comment:7>