From 1c5c0b9867b41fcdfea5c3677ba777f571a9251e Mon Sep 17 00:00:00 2001
From: cblgh <cblgh@cblgh.org>
Date: Mon, 19 Apr 2021 16:03:12 +0200
Subject: [PATCH] make tests more robust when validating specific csrf token

---
 web/handlers/invites_test.go | 2 +-
 web/handlers/notices_test.go | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/web/handlers/invites_test.go b/web/handlers/invites_test.go
index da516d7..c6b3489 100644
--- a/web/handlers/invites_test.go
+++ b/web/handlers/invites_test.go
@@ -131,7 +131,7 @@ func TestInviteConsumeInviteHTTP(t *testing.T) {
 	})
 
 	// get the corresponding token from the page
-	csrfTokenElem := doc.Find("input[name='gorilla.csrf.Token']")
+	csrfTokenElem := doc.Find(`form[action="/invite/consume"] input[name="gorilla.csrf.Token"]`)
 	a.Equal(1, csrfTokenElem.Length())
 	csrfName, has := csrfTokenElem.Attr("name")
 	a.True(has, "should have a name attribute")
diff --git a/web/handlers/notices_test.go b/web/handlers/notices_test.go
index c79f954..73ae295 100644
--- a/web/handlers/notices_test.go
+++ b/web/handlers/notices_test.go
@@ -92,7 +92,7 @@ func TestNoticesEditButtonVisible(t *testing.T) {
 	csrfCookie := resp.Result().Cookies()
 	a.True(len(csrfCookie) > 0, "should have one cookie for CSRF protection validation")
 
-	csrfTokenElem := doc.Find("input[type=hidden]")
+	csrfTokenElem := doc.Find(`form[action="/fallback/finalize"] input[type="hidden"]`)
 	a.Equal(1, csrfTokenElem.Length())
 
 	csrfName, has := csrfTokenElem.Attr("name")