[bug#60838] [PATCH 0/8] Add datasette and python-sqlite-utils.

[Maxim Cournoyer]

Hi,

Felix Gruber <felgru@posteo.net> writes:

> * gnu/packages/python-web.scm (python-asgi-csrf): New variable.
> ---
>  gnu/packages/python-web.scm | 25 +++++++++++++++++++++++++
>  1 file changed, 25 insertions(+)
>
> diff --git a/gnu/packages/python-web.scm b/gnu/packages/python-web.scm
> index 83e7d77da8..8c172d64c9 100644
> --- a/gnu/packages/python-web.scm
> +++ b/gnu/packages/python-web.scm
> @@ -570,6 +570,31 @@ (define-public python-asgiref
>  WSGI.  This package includes libraries for implementing ASGI servers.")
>      (license license:bsd-3)))
>  
> +(define-public python-asgi-csrf
> +  (package
> +    (name "python-asgi-csrf")
> +    (version "0.9")
> +    (source (origin
> +              (method url-fetch)
> +              (uri (pypi-uri "asgi-csrf" version))
> +              (sha256
> +               (base32
> +                "06klgxfxzjfkyjky3rkvmf2r07r7r2my53qq7g9qy6mcmvfkp7bf"))))
> +    (build-system python-build-system)
> +    (propagated-inputs (list python-itsdangerous python-multipart))
> +    (native-inputs (list python-asgi-lifespan
> +                         python-httpx
> +                         python-pytest
> +                         python-pytest-asyncio
> +                         python-pytest-cov
> +                         python-starlette))
> +    (home-page "https://github.com/simonw/asgi-csrf";)
> +    (synopsis "ASGI middleware for protecting against CSRF attacks")
> +    (description "This middleware implements the Double Submit Cookie
> +pattern, where a cookie is set that is then compared to a csrftoken
> +hidden form field or a x-csrftoken HTTP header.")
> +    (license license:asl2.0)))

Please define ASGI and CSRF in full, at least in the description.
I'd also adorn the 'csrftoken' and 'x-csrftoken' words with @code.

-- 
Thanks,
Maxim