innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
31,138 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

106 Commits

Author SHA1 Message Date
Anvesh Mishra 6220c445c4 Fixed #29186 -- Fixed pickling HttpRequest and subclasses. 2022-09-14 13:04:34 +02:00
Carlton Gibson bd062445cf Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header. 
Thanks to Motoyasu Saburi for the report.
 2022-08-03 08:46:31 +02:00
Anv3sh d7f5bfd241 Fixed #32969 -- Fixed pickling HttpResponse and subclasses. 2022-06-20 08:51:26 +02:00
Carlton Gibson bb61f0186d Refs #32365 -- Removed internal uses of utils.timezone.utc alias. 
Remaining test case ensures that uses of the alias are mapped
canonically by the migration writer.
 2022-03-24 06:29:50 +01:00
Luke Plant f3bf6c4218 Refs #33562 -- Made HttpResponse.set_cookie() raise ValueError when both "expires" and "max_age" are passed. 
This fixes the case where you might pass set_cookie(expires=val, max_age=val)
and max_age is silently ignored.
 2022-03-07 08:04:18 +01:00
Luke Plant ae2da5ba65 Fixed #33562 -- Made HttpResponse.set_cookie() support timedelta for the max_age argument. 2022-03-07 07:57:14 +01:00
Keryn Knight 95b7d01d38 Refs #33546 -- Optimized handling content types in HttpResponseBase.__init__(). 
This removes an extraneous conditional causing "Content-Type" to be
checked within the ResponseHeaders twice, if a content_type parameter
is provided.
 2022-03-02 20:23:39 +01:00
Keryn Knight 4b2f6ace57 Refs #33546 -- Optimized HttpResponseBase.charset a bit. 
This avoids scanning the Content-Type if it's empty, allowing the
Content-Type header itself to have a charset assigned without using
the re module.
 2022-03-02 20:23:39 +01:00
Keryn Knight 51f896fe25 Refs #33546 -- Optimized ResponseHeaders._convert_to_charset() by reducing the type-checking duplication. 
In the common case, where keys and values are be encoded into
ascii/latin-1, defer the checking for newlines until it's been
successfully coerced to a string.

Co-authored-by: Nick Pope <nick@nickpope.me.uk>
 2022-03-02 20:23:39 +01:00
Keryn Knight e0b197c63c Refs #33546 -- Avoided unpacking data in ResponseHeaders when not necessary. 2022-03-02 20:23:39 +01:00
django-bot 9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Carlton Gibson 4a58dfd9db
Refs #30509 -- Adjusted internal FileResponse variable name. 
Follow up to dc724c5bf9.
 2021-10-15 07:29:55 +02:00
Piotr Kunicki dc724c5bf9 Fixed #30509 -- Made FileResponse better handle buffers and non-zero file offsets. 2021-10-14 15:05:04 +02:00
Illia Volochii bc4c7e5d68 Optimized handling case-insensitive mappings. 
Elements yielded by _destruct_iterable_mapping_values are always
unpacked. Since unpacking can be done with any iterable, there is no
need to convert elements to tuples. Also, such elements can be used
directly in for loops, creating a dictionary of them is excessive.

Co-authored-by: Nick Pope <nick@nickpope.me.uk>
 2021-09-22 09:26:21 +02:00
Illia Volochii f03ba0ad52
Simplified serializing HTTP response headers. 
Since ResponseHeaders was introduced, header names and values are stored
as strings. There is no need to check whether they are bytes.

Co-authored-by: Nick Pope <nick@nickpope.me.uk>
 2021-08-02 09:24:48 +02:00
Nicolas Restrepo bbb3965826 Refs #24121 -- Added __repr__() to StreamingHttpResponse and subclasses. 2021-06-22 21:28:48 +02:00
Nick Pope d06c5b3581 Fixed #32366 -- Updated datetime module usage to recommended approach. 
- Replaced datetime.utcnow() with datetime.now().
- Replaced datetime.utcfromtimestamp() with datetime.fromtimestamp().
- Replaced datetime.utctimetuple() with datetime.timetuple().
- Replaced calendar.timegm() and datetime.utctimetuple() with datetime.timestamp().
 2021-05-12 11:08:41 +02:00
Nick Pope 2161db0792
Fixed capitalization of "ECMAScript" and "JavaScript". 2021-04-29 20:29:08 +02:00
Illia Volochii 3c004075b1 Fixed #32389 -- Fixed ResponseHeaders crash when data is not mapping. 2021-01-28 10:10:08 +01:00
ᴙɘɘᴙgYmɘᴙɘj 2c5d6dc447
Fixed grammar in HttpResponse docstring. 2020-12-08 12:18:42 +01:00
Mariusz Felisiak 1fd9b44a6b Refs #32074 -- Fixed handling memoryview content by HttpResponse on Python 3.10+. 
An iterator was added to memoryview in Python 3.10,
see https://bugs.python.org/issue41732

Refs #30294
 2020-11-10 09:56:15 +01:00
Tom Carrick dcb69043d0 Fixed #32002 -- Added headers parameter to HttpResponse and subclasses. 2020-10-07 09:19:57 +02:00
Tom Carrick bcc2befd0e Fixed #31789 -- Added a new headers interface to HttpResponse. 2020-09-14 08:41:59 +02:00
Hasan Ramezani d2d08c8cf6 Fixed #31982 -- Made HttpResponse.set_cookie() cast max_age argument to an integer. 2020-09-05 10:07:23 +02:00
Mariusz Felisiak 240cbb63bf
Fixed #31790 -- Fixed setting SameSite and Secure cookies flags in HttpResponse.delete_cookie(). 
Cookies with the "SameSite" flag set to None and without the "secure"
flag will be soon rejected by latest browser versions.

This affects sessions and messages cookies.
 2020-07-16 08:16:58 +02:00
Jon Dufresne d6aff369ad Refs #30116 -- Simplified regex match group access with Match.__getitem__(). 
The method has been available since Python 3.6. The shorter syntax is
also marginally faster.
 2020-05-11 12:01:28 +02:00
Florian Apolloner 41a3b3d186 Fixed #31240 -- Properly closed FileResponse when wsgi.file_wrapper is used. 
Thanks to Oskar Persson for the report.
 2020-02-11 20:39:12 +01:00
Florian Apolloner 549445519c Reverted "Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes file-like object." 
This reverts commit cce47ff65a.
 2020-02-11 20:39:12 +01:00
Osaetin Daniel b33bfc3839 Fixed #30862 -- Allowed setting SameSite cookies flags to 'none'. 
Thanks Florian Apolloner and Carlton Gibson for reviews.
 2019-12-12 10:52:31 +01:00
Hasan Ramezani e3d0b4d550 Fixed #30899 -- Lazily compiled import time regular expressions. 2019-10-29 09:22:26 +01:00
Chris Jerdonek cce47ff65a Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes file-like object. 2019-06-20 11:48:49 +02:00
ShingenPizza de4832c49b Fixed #30196 -- Made FileResponse set Content-Disposition inline if filename is available. 2019-05-17 12:07:27 +02:00
sage 9aa56cb0d5 Fixed #30294 -- Allowed HttpResponse to accept memoryview content. 2019-03-29 09:43:49 -04:00
Jon Dufresne 7785e03ba8 Fixed #30137 -- Replaced OSError aliases with the canonical OSError. 
Used more specific errors (e.g. FileExistsError) as appropriate.
 2019-01-28 11:15:06 -05:00
Tim Graham 8045dff98c Refs #27829 -- Removed settings.DEFAULT_CONTENT_TYPE per deprecation timeline. 2019-01-17 10:50:25 -05:00
Jon Dufresne 8c3e0eb1c1 Normalized spelling of "lowercase" and "lowercased". 2018-09-25 10:30:18 -04:00
Jon Dufresne ad9a28ee38 Refs #29784 -- Normalized Python docs links to omit the version. 2018-09-25 10:19:42 +02:00
Claude Paroz a177f854c3
Fixed #16470 -- Allowed FileResponse to auto-set some Content headers. 
Thanks Simon Charette, Jon Dufresne, and Tim Graham for the reviews.
 2018-05-15 18:12:11 +02:00
Alex Gaynor 9a56b4b13e Fixed #27863 -- Added support for the SameSite cookie flag. 
Thanks Alex Gaynor for contributing to the patch.
 2018-04-13 20:58:31 -04:00
Tim Graham 7d96f0c49a Refs #27795 -- Replaced force_bytes() usage in django.http. 2018-02-07 14:28:15 -05:00
Alvin Lindstam 47a99d7012 Fixed #28989 -- Fixed HttpResponse.delete_cookie() for cookies that use __Secure/Host prefixes. 2018-01-08 12:32:47 -05:00
Alexey 0afffae4ec Fixed #28965 -- Updated Set-Cookie's Expires date format to follow RFC 7231. 2018-01-02 11:22:59 -05:00
Дилян Палаузов 23bf4ad87f Fixed #28795 -- Removed 'not in' checks and used dict.setdefault(). 2017-11-14 10:52:52 -05:00
Дилян Палаузов 6c0042430e Fixed #28776 -- Fixed a/an/and typos in docs and comments. 2017-11-06 22:41:03 -05:00
Tim Graham 6e4c6281db Reverted "Fixed #27818 -- Replaced try/except/pass with contextlib.suppress()." 
This reverts commit 550cb3a365
because try/except performs better.
 2017-09-07 08:16:21 -04:00
Mads Jensen 550cb3a365 Fixed #27818 -- Replaced try/except/pass with contextlib.suppress(). 2017-06-28 14:07:55 -04:00
Tom 7afb476469 Fixed #28226 -- Replaced use of str.join() with concatenation. 2017-05-27 13:59:05 -04:00
Claude Paroz 301de774c2 Refs #27795 -- Replaced many force_text() with str() 
Thanks Tim Graham for the review.
 2017-04-27 09:10:02 +02:00
Anton Samarchyan 3eb679a869 Refs #27656 -- Updated django.forms/http docstring verbs according to PEP 257. 2017-02-20 19:57:33 -05:00
chillaranand d6eaf7c018 Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-25 12:23:46 -05:00