Aymeric Augustin
7fef18ba9e
[1.7.x] Dropped fix_IE_for_vary/attach.
...
This is a security fix. Disclosure following shortly.
2014-05-14 10:18:26 +02:00
Aaron France
1150053b99
Fixed #21912 -- Improved error message if a view returns None.
...
Thanks brycenesbitt for the report.
2014-02-15 11:18:16 -05:00
Berker Peksag
5d263dee30
Fixed #21674 -- Deprecated the import_by_path() function in favor of import_string().
...
Thanks Aymeric Augustin for the suggestion and review.
2014-02-08 11:12:19 -05:00
Claude Paroz
e6dd70b4db
Fixed #21383 -- Added request details in SuspiciousOperation messages
2013-11-09 12:11:58 +01:00
coagulant
3bc0d46a84
Fixed all E261 warnings
2013-11-02 18:20:39 -04:00
Alasdair Nicol
b289fcf1bf
Fixed #21288 -- Fixed E126 pep8 warnings
2013-10-21 08:31:30 -04:00
Alasdair Nicol
bab9123daa
Fixed #21268 -- Fixed E303 pep8 warnings
2013-10-18 01:46:24 +01:00
Aymeric Augustin
636860fbfb
Moved two WSGI-specific functions to the WSGI handler.
...
They were defined in base when the mod_python handler used them. See bfcecbff
.
2013-09-07 10:03:49 -05:00
Preston Holmes
d228c1192e
Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation.
...
SuspiciousOperations have been differentiated into subclasses, and
are now logged to a 'django.security.*' logger. SuspiciousOperations
that reach django.core.handlers.base.BaseHandler will now return a 400
instead of a 500.
Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft
for review.
2013-05-25 16:27:34 -07:00
Aymeric Augustin
6633eeb886
Changed API to disable ATOMIC_REQUESTS per view.
...
A decorator is easier to apply to CBVs. Backwards compatibility isn't an
issue here, except for people running on a recent clone of master.
Fixed a few minor problems in the transactions docs while I was there.
2013-05-19 19:53:16 +02:00
Aymeric Augustin
1267d2d9bc
Fixed #20330 -- Normalized spelling of "web server".
...
Thanks Baptiste Mispelon for the report.
2013-04-29 19:40:43 +02:00
Loic Bistuer
521765f63d
Fixed #19541 -- Fixed BaseHandler to enable reversing URLs in response middlewares
...
and streamed responses with respect to per-request urlconf.
2013-03-25 03:19:19 +07:00
Aymeric Augustin
ac37ed21b3
Deprecated TransactionMiddleware and TRANSACTIONS_MANAGED.
...
Replaced them with per-database options, for proper multi-db support.
Also toned down the recommendation to tie transactions to HTTP requests.
Thanks Jeremy for sharing his experience.
2013-03-11 15:04:05 +01:00
Claude Paroz
7c5b244826
Fixed #17061 -- Factored out importing object from a dotted path
...
Thanks Carl Meyer for the report.
2013-02-04 16:38:25 +01:00
Aymeric Augustin
1e4a27d087
Fixed #19468 -- Decoded request.path correctly on Python 3.
...
Thanks aliva for the report and claudep for the feedback.
2012-12-22 13:32:39 +01:00
Aymeric Augustin
be9f2919e0
Edited the middleware doc for completeness, clarity, and consistency.
2012-12-09 22:30:01 +01:00
Florian Apolloner
6a6f589bfe
Merge branch 'ticket15695'
2012-09-29 21:57:50 +02:00
Florian Apolloner
b946db5241
Fixed #15695 -- Added `ResolverMatch` to the request object.
2012-09-27 15:06:58 +02:00
Claude Paroz
26ff2be787
Imported getLogger directly from logging module
...
This was a remainder of some 2.4 compatibility code.
2012-09-20 21:03:24 +02:00
Aymeric Augustin
27d16a3ca4
[py3] Fixed middleware_exceptions tests.
2012-08-15 22:53:52 +02:00
Claude Paroz
64531df5df
Sent got_request_exception signal before handle_uncaught_exception
...
In some cases (notably Python 3), when handle_uncaught_exception was
itself raising an exception, the got_request_exception was storing
the latter exception instead of the original exception.
2012-08-15 10:58:26 +02:00
Claude Paroz
15fffcc751
[py3] Fixed reraising of exceptions
...
reraise with second argument to None is not supported.
2012-08-11 23:46:23 +02:00
Aymeric Augustin
c5ef65bcf3
[py3] Ported django.utils.encoding.
...
* Renamed smart_unicode to smart_text (but kept the old name under
Python 2 for backwards compatibility).
* Renamed smart_str to smart_bytes.
* Re-introduced smart_str as an alias for smart_text under Python 3
and smart_bytes under Python 2 (which is backwards compatible).
Thus smart_str always returns a str objects.
* Used the new smart_str in a few places where both Python 2 and 3
want a str.
2012-08-07 12:00:22 +02:00
Aymeric Augustin
d796c94b03
[py3] Used six.reraise wherever necessary.
2012-07-22 09:29:52 +02:00
Claude Paroz
4a103086d5
Fixed #18269 -- Applied unicode_literals for Python 3 compatibility.
...
Thanks Vinay Sajip for the support of his django3 branch and
Jannis Leidel for the review.
2012-06-07 18:08:47 +02:00
Claude Paroz
3904b74a3f
Fixed #18013 -- Use the new 'as' syntax for exceptions.
...
Thanks Clueless for the initial patch.
Note that unittest has been purposely left out (external package only used by Python 2.6).
2012-04-29 20:57:15 +02:00
Jannis Leidel
f0a1633425
Fixed #17358 -- Updated logging calls to use official syntax for arguments instead of string interpolation. Thanks, spulec.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17480 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-02-09 18:58:36 +00:00
Carl Meyer
145a77edc9
Fixed #16360 -- Added WSGI entrypoint to startproject layout, and enabled internal servers (runserver and runfcgi) to use an externally-defined WSGI application. Thanks to Armin Ronacher, Jannis Leidel, Alex Gaynor, ptone, and Jacob Kaplan-Moss.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17022 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-22 04:30:10 +00:00
Alex Gaynor
8e1226b4a0
Kill some more dead code.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16795 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-10 22:46:44 +00:00
Alex Gaynor
e95d0afe9e
Fixed #16810 , corrected a bad docstring. Thanks to kenkam for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16790 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-10 21:29:21 +00:00
Jannis Leidel
1ca6e9b9e2
Fixed #9847 -- Added 403 response handler. Many thanks to kgrandis, adamnelson, vkryachko, fvox13 and Chris Beaven.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16606 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-12 14:15:31 +00:00
Jannis Leidel
cb2d8cd3a4
Fixed #16399 -- Minor cleanup in core handler. Thanks, aaugustin.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16506 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-04 16:20:16 +00:00
Carl Meyer
43503b093a
Fixed #16288 -- Enabled django.request exception logger regardless of DEBUG setting.
...
Thanks Matt Bennett for report and draft patch; Vinay Sajip and Russell Keith-Magee for review.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16444 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-22 06:01:44 +00:00
Luke Plant
45e55b9143
Fixed #14614 - filtering of sensitive information in 500 error reports.
...
This adds a flexible mechanism for filtering what request/traceback
information is shown in 500 error emails and logs. It also applies
screening to some views known to be sensitive e.g. views that handle
passwords.
Thanks to oaylanc for the report and many thanks to Julien Phalip for the
patch and the rest of the work on this.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16339 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-08 22:18:46 +00:00
Luke Plant
a482cc0ba3
Fixed #16004 - csrf_protect does not send cookie if view returns TemplateResponse
...
The root bug was in decorator_from_middleware, and the fix also corrects
bugs with gzip_page and other decorators.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16276 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-24 21:28:43 +00:00
Russell Keith-Magee
f89f1c8acb
Fixed #15083 -- Corrected the order of TemplateResponse middleware handling, ensuring that custom URLConfs are valid, and that ResponseMiddleware is invoked if the TemplateResponseMiddleware causes errors. Thanks to Sayane for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15226 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-16 15:38:03 +00:00
Russell Keith-Magee
e0dcd7666a
Fixed #12815 -- Added TemplateResponse, a lazy-evaluated Response class. Thanks to Simon Willison for the original idea, and to Mikhail Korobov and Ivan Sagalaev for their assistance, including the draft patch from Mikhail.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14850 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-07 13:57:01 +00:00
Alex Gaynor
96cc7baf0c
Fixed #13684 -- if settings.ROOT_URLCONF isn't defined don't blow up with an UnboundLocalError.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14488 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-07 16:02:22 +00:00
Russell Keith-Magee
52e0bcbc62
Fixed #14588 -- Corrected r14393 to ensure that response middlewares are are always applied. Includes a battery of tests to validate the expected behavior of the middleware cycle. Thanks to Petr Marhoun for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14398 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-30 07:19:04 +00:00
Russell Keith-Magee
3086b55b0e
Fixed #14523 -- Modified response handling so that exceptions raised by process_response() in a middleware are caught and handled like any other exception. Thanks to Ivan Sagalaev for the report and patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14393 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-29 07:43:56 +00:00
Russell Keith-Magee
a904e55859
Fixed #11509 -- Modified usage of "Web" to match our style guide in various documentation, comments and code. Thanks to timo and Simon Meers for the work on the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14069 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-09 08:12:50 +00:00
Russell Keith-Magee
fea159282b
Fixed #14406 -- Added a Python 2.4 compatibility to the logging interface. Thanks to Łukasz Rekucki for the report, and to Luke Plant for original patch this was based on.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13989 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-06 15:02:26 +00:00
Russell Keith-Magee
24acca4139
Fixed #12012 -- Added support for logging. Thanks to Vinay Sajip for his draft patch, and to the many people who gave feedback during development of the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13981 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-04 15:12:39 +00:00
Luke Plant
3e1e04d6d0
Fixed #10758 - sys.exc_info() should not be stored on a local variable
...
Thanks piotr.findeisen for report, kevinh for patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13318 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-06-03 18:50:04 +00:00
Russell Keith-Magee
667ced2abc
Fixed #12594 -- Ensured that a meaningful exception is raised when the urlconf_module is None. Thanks to buriy for the report and patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12854 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-26 15:08:24 +00:00
Russell Keith-Magee
794690c272
Fixed #13090 -- Corrected handling of errors in middleware when DEBUG=False. Thanks to EroSennin for the report, and Ivan Sagalaev for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12773 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-12 16:45:29 +00:00
Adrian Holovaty
7d9de178e7
Fixed #6094 again -- fixed broken unit tests. Thanks, isagalaev
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12186 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-10 18:48:08 +00:00
Adrian Holovaty
5ceed0a053
Changed a whole bunch of places to raise exception instances instead of old-style raising exception classes plus a comma. Good for the future Python 3 conversion
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12180 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-10 18:36:20 +00:00
Adrian Holovaty
ca6f64a43f
Fixed #6094 -- Middleware exceptions are now caught by the core handler. Thanks, isagalaev
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12165 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-10 17:35:01 +00:00
Brian Rosner
6c61ca3d74
Fixed #5034 -- honor request.urlconf in reverse and resolve.
...
This enables {% url %} to honor request.urlconf set from process_request
middleware methods.
Thanks SmileyChris for the initial patch work.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11740 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-16 01:58:00 +00:00