CSRF Attack Detecked loop on POST requests.

2019-10-15 20:03:22 +03:00
parent 41798c446c
commit b1eefcc662
2 changed files with 8 additions and 5 deletions
--- a/erepublik/citizen.py
+++ b/erepublik/citizen.py
@ -130,10 +130,6 @@ class Citizen(classes.CitizenAPI):
        """
        resp = self._req.get(self.url)
        self.r = resp
-        try:
-            self.update_citizen_info(resp.text)
-        except:
-            pass
        if self._errors_in_response(resp):
            self.get_csrf_token()
            return
@ -149,6 +145,10 @@ class Citizen(classes.CitizenAPI):
            self._login()
        else:
            raise classes.ErepublikException("Something went wrong! Can't find token in page! Exiting!")
+        try:
+            self.update_citizen_info(resp.text)
+        except:
+            pass

    def _login(self):
        # MUST BE CALLED TROUGH self.get_csrf_token()
--- a/erepublik/classes.py
+++ b/erepublik/classes.py
@ -221,7 +221,10 @@ class SlowRequests(Session):
    def _log_request(self, url, method, data=None, json=None, params=None, **kwargs):
        if self.debug:
            args = {}
-            args.update({'kwargs': kwargs})
+            kwargs.pop('allow_redirects', None)
+            if kwargs:
+                args.update({'kwargs': kwargs})
+
            if data:
                args.update({"data": data})