Show _all_ Request Headers in CSRF_DEBUG view

the less relevant ones grayed out This may help in debugging #100
2026-03-10 08:01:17 +00:00 · 2025-05-12 10:31:12 +02:00
parent 0c14962d92
commit 6b4fac0f86
3 changed files with 6 additions and 7 deletions
--- a/bugsink/debug_views.py
+++ b/bugsink/debug_views.py
@@ -217,11 +217,10 @@ def csrf_debug(request):
            "posted": True,
            "POST": request.POST,
            "META": {
-                k: request.META.get(k) for k in [
-                    "HTTP_ORIGIN",
-                    "HTTP_REFERER",
-                ]
+                k: request.META.get(k) for k in request.META.keys() if k.startswith("HTTP_")
            },
+            "SECURE_PROXY_SSL_HEADER": settings.SECURE_PROXY_SSL_HEADER[0] if settings.SECURE_PROXY_SSL_HEADER else None,
+
            "process_view": _process_view_steps(middleware, request, context),
        })

--- a/templates/bugsink/csrf_debug.html
+++ b/templates/bugsink/csrf_debug.html
@@ -29,9 +29,9 @@
    </form>
    {% else %}

-    <h2 class="text-2xl font-bold mt-4">META</h2>
+    <h2 class="text-2xl font-bold mt-4">Request Headers (META)</h2>
    {% for key, value in META|items %}
-        <div class="flex {% if forloop.first %}border-slate-300 border-t-2{% endif %}">
+    <div class="flex {% if forloop.first %}border-slate-300 border-t-2{% endif %} {% if key == "HTTP_ORIGIN" or key == "HTTP_REFERER" or key == SECURE_PROXY_SSL_HEADER %}text-black{% else %}text-slate-300{% endif %}">
            <div class="w-1/4 {% if not forloop.last %}border-b-2 border-dotted border-slate-300{% endif %}">{{ key }}</div>
            <div class="w-3/4 {% if not forloop.last %} border-b-2 border-dotted border-slate-300{% endif %} font-mono">{{ value }}</div>
        </div>
--- a/theme/static/css/dist/styles.css
+++ b/theme/static/css/dist/styles.css