Aymeric Augustin
47a9347b98
Fixed #6992 -- Improved error when middleware omits HttpResponse.
...
Thanks guettli for the report.
2014-06-07 19:48:45 +02:00
Unai Zalakain
11284a63d4
Fixed #18314 -- Corrected request.build_absolute_uri() handling of paths starting with //
...
``HttpRequest.build_absolute_uri()`` now correctly handles paths starting with ``//``.
``WSGIRequest`` now doesn't remove all the leading slashes either,
because ``http://test/server `` and http://test//server `` aren't the same thing
(RFC2396).
Thanks to SmileyChris for the initial patch.
2014-06-07 08:59:02 -04:00
Aymeric Augustin
3800f63721
Dropped fix_IE_for_vary/attach.
...
This is a security fix. Disclosure following shortly.
2014-05-14 10:19:48 +02:00
Claude Paroz
210d0489c5
Fixed #21188 -- Introduced subclasses for to-be-removed-in-django-XX warnings
...
Thanks Anssi Kääriäinen for the idea and Simon Charette for the
review.
2014-03-08 09:57:40 +01:00
Rodolfo Carvalho
0d91225892
Fixed many typos in comments and docstrings.
...
Thanks Piotr Kasprzyk for help with the patch.
2014-03-03 07:38:09 -05:00
Aaron France
1150053b99
Fixed #21912 -- Improved error message if a view returns None.
...
Thanks brycenesbitt for the report.
2014-02-15 11:18:16 -05:00
Curtis
f43e895b15
Replace _parse_content_type with cgi.parse_header
2014-02-09 10:01:16 +11:00
Berker Peksag
5d263dee30
Fixed #21674 -- Deprecated the import_by_path() function in favor of import_string().
...
Thanks Aymeric Augustin for the suggestion and review.
2014-02-08 11:12:19 -05:00
Curtis
d7a4b156d9
Use cached_property for request.GET and request.COOKIES
2013-12-24 21:57:57 +11:00
Claude Paroz
e6dd70b4db
Fixed #21383 -- Added request details in SuspiciousOperation messages
2013-11-09 12:11:58 +01:00
coagulant
3bc0d46a84
Fixed all E261 warnings
2013-11-02 18:20:39 -04:00
Tim Graham
36ded01527
Fixed #21302 -- Fixed unused imports and import *.
2013-11-02 15:24:56 -04:00
Alasdair Nicol
b289fcf1bf
Fixed #21288 -- Fixed E126 pep8 warnings
2013-10-21 08:31:30 -04:00
Alasdair Nicol
bab9123daa
Fixed #21268 -- Fixed E303 pep8 warnings
2013-10-18 01:46:24 +01:00
Bouke Haarsma
2fb5a51fa3
Fixed #18659 -- Deprecated request.REQUEST and MergeDict
...
Thanks Aymeric Augustin for the suggestion.
2013-10-17 09:42:28 -04:00
Unai Zalakain
c7634cd7fe
Fixed #7603 -- Added a 'scheme' property to the HttpRequest object
...
`HttpRequest.scheme` is `https` if `settings.SECURE_PROXY_SSL_HEADER` is
appropriately set and falls back to `HttpRequest._get_scheme()` (a hook
for subclasses to implement) otherwise.
`WSGIRequest._get_scheme()` makes use of the `wsgi.url_scheme` WSGI
environ variable to determine the request scheme.
`HttpRequest.is_secure()` simply checks if `HttpRequest.scheme` is
`https`.
This provides a way to check the current scheme in templates, for example.
It also allows us to deal with other schemes.
Thanks nslater for the suggestion.
2013-10-15 09:04:12 -04:00
Aymeric Augustin
8aaca651cf
Fixed #20557 -- Properly decoded non-ASCII cookies on Python 3.
...
Thanks mitsuhiko for the report.
Non-ASCII values are supported. Non-ASCII keys still aren't, because the
current parser mangles them. That's another bug.
2013-09-07 10:25:43 -05:00
Aymeric Augustin
ae7f9afaf6
Minor cleanup in the WSGI handler.
2013-09-07 10:25:16 -05:00
Aymeric Augustin
4e88d106dc
Refactored the unmangling of the WSGI environ.
2013-09-07 10:03:50 -05:00
Aymeric Augustin
636860fbfb
Moved two WSGI-specific functions to the WSGI handler.
...
They were defined in base when the mod_python handler used them. See bfcecbff
.
2013-09-07 10:03:49 -05:00
Alex Gaynor
3e0eb2d788
Fixed a number of lint warnings, particularly around unused variables.
2013-08-04 09:17:10 -07:00
Loic Bistuer
48ce167d89
Fixed missing initializations in WSGIRequest. Refs #20619
2013-06-26 14:36:25 +07:00
Preston Holmes
d228c1192e
Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation.
...
SuspiciousOperations have been differentiated into subclasses, and
are now logged to a 'django.security.*' logger. SuspiciousOperations
that reach django.core.handlers.base.BaseHandler will now return a 400
instead of a 500.
Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft
for review.
2013-05-25 16:27:34 -07:00
Aymeric Augustin
6633eeb886
Changed API to disable ATOMIC_REQUESTS per view.
...
A decorator is easier to apply to CBVs. Backwards compatibility isn't an
issue here, except for people running on a recent clone of master.
Fixed a few minor problems in the transactions docs while I was there.
2013-05-19 19:53:16 +02:00
Aymeric Augustin
cb86f707a0
Fixed #12747 -- Made reason phrases customizable.
2013-05-19 13:14:54 +02:00
Alex Gaynor
ea3a378c22
Added an HTTP status code to Django's WSGI application that was missing (reason unknown).
2013-05-08 12:45:31 -07:00
Aymeric Augustin
1267d2d9bc
Fixed #20330 -- Normalized spelling of "web server".
...
Thanks Baptiste Mispelon for the report.
2013-04-29 19:40:43 +02:00
Julien Phalip
2f81a0ca65
Fixed #20169 -- Ensured that the WSGI request's path is correctly based on the `SCRIPT_NAME` environment parameter or the `FORCE_SCRIPT_NAME` setting, regardless of whether or not those have a trailing slash. Thanks to bmispelon for the review.
2013-04-01 12:04:44 -07:00
Loic Bistuer
521765f63d
Fixed #19541 -- Fixed BaseHandler to enable reversing URLs in response middlewares
...
and streamed responses with respect to per-request urlconf.
2013-03-25 03:19:19 +07:00
Aymeric Augustin
f5dbb566ee
Fixed #17550 -- Removed a workaround for a bug in flup 1.0.1.
...
This reverts commit 948a833eb7
.
flup appears to be dead, and this fix breaks legitimate uses of Django.
Refs #8490 .
2013-03-24 10:57:38 +01:00
Aymeric Augustin
ac37ed21b3
Deprecated TransactionMiddleware and TRANSACTIONS_MANAGED.
...
Replaced them with per-database options, for proper multi-db support.
Also toned down the recommendation to tie transactions to HTTP requests.
Thanks Jeremy for sharing his experience.
2013-03-11 15:04:05 +01:00
Claude Paroz
7c5b244826
Fixed #17061 -- Factored out importing object from a dotted path
...
Thanks Carl Meyer for the report.
2013-02-04 16:38:25 +01:00
Aymeric Augustin
acc5396e6d
Fixed #19519 -- Fired request_finished in the WSGI iterable's close().
2012-12-31 12:47:34 +01:00
Aymeric Augustin
1e4a27d087
Fixed #19468 -- Decoded request.path correctly on Python 3.
...
Thanks aliva for the report and claudep for the feedback.
2012-12-22 13:32:39 +01:00
Aymeric Augustin
be9f2919e0
Edited the middleware doc for completeness, clarity, and consistency.
2012-12-09 22:30:01 +01:00
Claude Paroz
6de6988f99
Fixed #5076 -- Properly decode POSTs with non-utf-8 payload encoding
...
Thanks daniel at blogg.se for the report and Aymeric Augustin for
his assistance on the patch.
2012-10-30 09:00:32 +01:00
Alex Gaynor
1b096ad773
Removed a function that is already fully implemented by a base class.
2012-10-24 12:49:57 -07:00
Florian Apolloner
6a6f589bfe
Merge branch 'ticket15695'
2012-09-29 21:57:50 +02:00
Florian Apolloner
b946db5241
Fixed #15695 -- Added `ResolverMatch` to the request object.
2012-09-27 15:06:58 +02:00
Claude Paroz
26ff2be787
Imported getLogger directly from logging module
...
This was a remainder of some 2.4 compatibility code.
2012-09-20 21:03:24 +02:00
Florian Apolloner
9ca17f883d
Replace nested try/finally try/except with try/except/finally.
2012-09-09 13:00:10 +02:00
Claude Paroz
ae88e73fa6
Replaced some smart_xxx by force_xxx equivalent
...
smart_str/smart_text should only be used when a potential lazy
string should be preserved in the result of the function call.
2012-08-30 15:46:16 +02:00
Aymeric Augustin
27d16a3ca4
[py3] Fixed middleware_exceptions tests.
2012-08-15 22:53:52 +02:00
Claude Paroz
f8ea12f36b
[py3] Removed excessive usage of smart_bytes
2012-08-15 12:13:54 +02:00
Claude Paroz
64531df5df
Sent got_request_exception signal before handle_uncaught_exception
...
In some cases (notably Python 3), when handle_uncaught_exception was
itself raising an exception, the got_request_exception was storing
the latter exception instead of the original exception.
2012-08-15 10:58:26 +02:00
Claude Paroz
15fffcc751
[py3] Fixed reraising of exceptions
...
reraise with second argument to None is not supported.
2012-08-11 23:46:23 +02:00
Aymeric Augustin
c5ef65bcf3
[py3] Ported django.utils.encoding.
...
* Renamed smart_unicode to smart_text (but kept the old name under
Python 2 for backwards compatibility).
* Renamed smart_str to smart_bytes.
* Re-introduced smart_str as an alias for smart_text under Python 3
and smart_bytes under Python 2 (which is backwards compatible).
Thus smart_str always returns a str objects.
* Used the new smart_str in a few places where both Python 2 and 3
want a str.
2012-08-07 12:00:22 +02:00
Claude Paroz
9908201d7f
Replaced some byte strings by str() calls
...
This is a useful trick when Python 2 awaits byte strings and
Python 3 Unicode (regular) strings.
2012-08-03 15:18:13 +02:00
Aymeric Augustin
d796c94b03
[py3] Used six.reraise wherever necessary.
2012-07-22 09:29:52 +02:00
Alex Gaynor
e0fce8706d
Switch to using context managers for acquiring and releasing locks.
2012-06-23 08:11:15 -07:00