Message ID | 1d28cdf8dfc8a8d9b9f593ef8efcdbe92c68f355.1679080713.git.felgru@posteo.net |
---|---|
State | New |
Headers | show |
Series | Add datasette and python-sqlite-utils. | expand |
Hi, Felix Gruber <felgru@posteo.net> writes: > * gnu/packages/python-web.scm (python-asgi-csrf): New variable. > --- > gnu/packages/python-web.scm | 25 +++++++++++++++++++++++++ > 1 file changed, 25 insertions(+) > > diff --git a/gnu/packages/python-web.scm b/gnu/packages/python-web.scm > index 83e7d77da8..8c172d64c9 100644 > --- a/gnu/packages/python-web.scm > +++ b/gnu/packages/python-web.scm > @@ -570,6 +570,31 @@ (define-public python-asgiref > WSGI. This package includes libraries for implementing ASGI servers.") > (license license:bsd-3))) > > +(define-public python-asgi-csrf > + (package > + (name "python-asgi-csrf") > + (version "0.9") > + (source (origin > + (method url-fetch) > + (uri (pypi-uri "asgi-csrf" version)) > + (sha256 > + (base32 > + "06klgxfxzjfkyjky3rkvmf2r07r7r2my53qq7g9qy6mcmvfkp7bf")))) > + (build-system python-build-system) > + (propagated-inputs (list python-itsdangerous python-multipart)) > + (native-inputs (list python-asgi-lifespan > + python-httpx > + python-pytest > + python-pytest-asyncio > + python-pytest-cov > + python-starlette)) > + (home-page "https://github.com/simonw/asgi-csrf") > + (synopsis "ASGI middleware for protecting against CSRF attacks") > + (description "This middleware implements the Double Submit Cookie > +pattern, where a cookie is set that is then compared to a csrftoken > +hidden form field or a x-csrftoken HTTP header.") > + (license license:asl2.0))) Please define ASGI and CSRF in full, at least in the description. I'd also adorn the 'csrftoken' and 'x-csrftoken' words with @code.
diff --git a/gnu/packages/python-web.scm b/gnu/packages/python-web.scm index 83e7d77da8..8c172d64c9 100644 --- a/gnu/packages/python-web.scm +++ b/gnu/packages/python-web.scm @@ -570,6 +570,31 @@ (define-public python-asgiref WSGI. This package includes libraries for implementing ASGI servers.") (license license:bsd-3))) +(define-public python-asgi-csrf + (package + (name "python-asgi-csrf") + (version "0.9") + (source (origin + (method url-fetch) + (uri (pypi-uri "asgi-csrf" version)) + (sha256 + (base32 + "06klgxfxzjfkyjky3rkvmf2r07r7r2my53qq7g9qy6mcmvfkp7bf")))) + (build-system python-build-system) + (propagated-inputs (list python-itsdangerous python-multipart)) + (native-inputs (list python-asgi-lifespan + python-httpx + python-pytest + python-pytest-asyncio + python-pytest-cov + python-starlette)) + (home-page "https://github.com/simonw/asgi-csrf") + (synopsis "ASGI middleware for protecting against CSRF attacks") + (description "This middleware implements the Double Submit Cookie +pattern, where a cookie is set that is then compared to a csrftoken +hidden form field or a x-csrftoken HTTP header.") + (license license:asl2.0))) + (define-public python-asgi-lifespan (package (name "python-asgi-lifespan")