innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
22,818 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

222 Commits

Author SHA1 Message Date
Jon Dufresne d13881bd34 Fixed #26783 -- Fixed SessionMiddleware's empty cookie deletion when using SESSION_COOKIE_PATH. 2016-06-21 11:03:25 -04:00
Florian Apolloner 9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005. 
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
 2016-05-17 07:22:22 -04:00
Claude Paroz 8dcf352c03 Pulled translations from Transifex 2016-04-30 14:27:07 +02:00
Claude Paroz d9a00ad16b Removed deprecated Chinese language codes for contrib apps 
Refs #18149.
 2016-04-30 14:26:47 +02:00
Tobias Kroenke b040ac06eb Fixed #26520 -- Fixed a regression where SessionBase.pop() didn't return a KeyError. 2016-04-20 13:06:47 -04:00
Tim Graham df8d8d4292 Fixed E128 flake8 warnings in django/. 2016-04-08 09:51:06 -04:00
Jon Dufresne 5faf745999 Refs #21608 -- Fixed incorrect cache key in cache session backend's save(). 
The bug was introduced commit 3389c5ea22.
 2016-04-04 07:41:59 -04:00
Tore Lundqvist 3389c5ea22 Fixed #21608 -- Prevented logged out sessions being resurrected by concurrent requests. 
Thanks Simon Charette for the review.
 2016-02-26 18:56:56 -05:00
Tim Graham 98839e9066 Removed British/Austrialian word: whilist. 2015-12-31 14:29:52 -05:00
Claude Paroz 273ce8aa6a Pulled contrib translations from Transifex 
Forward port of 6a4649c27e from stable/1.9.x
 2015-12-01 20:37:57 +01:00
Brian Gianforcaro a3fffdca24 Fixed #25558 -- Fixed nondeterministic test failure on Windows: test_clearsessions_command. 
The test session without an expiration date added in refs #22938 wasn't
always deleted on Windows because get_expiry_age() returns zero and the
file backend didn't consider that an expired session.
 2015-10-17 10:03:11 -04:00
Aleksandra Tarkowska c055224763 Fixed #22938 -- Allowed clearsessions to remove file-based sessions. 2015-10-03 09:21:10 -04:00
Dražen Odobašić b1e33ceced Fixed #23395 -- Limited line lengths to 119 characters. 2015-09-12 11:40:50 -04:00
Sergey Kolosov 22bb548900 Fixed #22634 -- Made the database-backed session backends more extensible. 
Introduced an AbstractBaseSession model and hooks providing the option
of overriding the model class used by the session store and the session
store class used by the model.
 2015-08-27 15:00:09 -04:00
Tim Graham 8cc41ce7a7 Fixed DoS possiblity in contrib.auth.views.logout() 
Thanks Florian Apolloner and Carl Meyer for review.

This is a security fix.
 2015-08-18 08:03:43 -04:00
Carl Meyer df049ed77a Fixed #19324 -- Avoided creating a session record when loading the session. 
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.

This is a security fix; disclosure to follow shortly.
 2015-07-08 15:23:03 -04:00
David Bannon f4416b1a8b Fixed #24915 -- Added stricter session key validation 
Changed _session_key attribute to a property and implemented basic
validation in the setter. The session key must be 'truthy' and
at least 8 characters long. Otherwise, the value is set to None.
 2015-06-06 20:04:20 -04:00
Tim Graham 088579638b Fixed incorrect session.flush() in cached_db session backend. 
This is a security fix; disclosure to follow shortly.

Thanks Sam Cooke for the report and draft patch.
 2015-05-20 13:48:06 -04:00
Bo Lopker 2dee853ed4 Fixed #24799 -- Fixed session cookie deletion when using SESSION_COOKIE_DOMAIN 2015-05-15 11:23:41 -04:00
Piotr Jakimiak 4157c502a5 Removed unnecessary arguments in .get method calls 2015-05-13 20:51:18 +02:00
Claude Paroz 6aed5cfc6f Updated translations from Transifex 
Updates for languages: Indonesian, Belarusian, Persian, and Dutch.
Forward port of cb370f8510 from stable/1.8.x
 2015-04-30 14:29:08 +02:00
Adam Zapletal 872eb26f54 Fixed #24621 -- Fixed and documented SessionBase.pop's second argument 
Changed SessionBase.pop's second argument to explicitly be default=None
rather than *args since _session is always a dict. Thanks gabor for the
report and Tim Graham for the review.
 2015-04-13 10:32:03 -04:00
Claude Paroz 88dfe544f6 Fetched updated contrib translations from Transifex 
Forward port of 5483c66f85 from stable/1.8.x
 2015-04-01 19:51:50 +02:00
Tim Graham 8a481498aa Fixed #24468 -- Made signed cookies cache backend resilient to unpickling exceptions. 2015-03-12 08:19:54 -04:00
Tim Graham fac3a34cbb Moved contrib.sessions tests out of contrib. 2015-02-11 10:19:22 -05:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Matt 55c76f4e3b Fixed #24223 -- Prevented a session test from leaking. 2015-01-29 14:36:01 -05:00
Tim Graham b19b81b396 Fixed #24153 -- Fixed cookie test compatibility with Python 3.4.3+ 2015-01-19 15:12:57 -05:00
Claude Paroz 53e1423eda Updated en translation catalogs 
Forward port of 666c12e52 from stable/1.8.x
 2015-01-17 11:19:37 +01:00
Claude Paroz 51890ce889 Applied ignore_warnings to Django tests 2014-12-30 18:16:25 +01:00
Markus Holtermann aa5ef0d4fc Fixed #23822 -- Added support for serializing model managers in migration 
Thanks to Shai Berger, Loïc Bistuer, Simon Charette, Andrew Godwin,
Tim Graham, Carl Meyer, and others for their review and input.
 2014-12-15 08:34:15 -05:00
Michael Hall 895dc880eb Fixed #23812 -- Changed django.utils.six.moves.xrange imports to range 2014-12-13 12:45:58 -05:00
Berker Peksag 560b4207b1 Removed redundant numbered parameters from str.format(). 
Since Python 2.7 and 3.1, "{0} {1}" is equivalent to "{} {}".
 2014-12-03 14:27:38 -05:00
Berker Peksag f7969b0920 Fixed #23620 -- Used more specific assertions in the Django test suite. 2014-11-03 11:56:37 -05:00
Claude Paroz d6a15026c4 Updated translations from Transifex 
Forward port of e9c8aefbce from stable/1.7.x
 2014-09-30 20:55:50 +02:00
Tim Graham 1101467ce0 Limited lines to 119 characters in django/ 
refs #23395.
 2014-09-05 09:22:16 -04:00
Claude Paroz efa67b897b Fetched translations from Transifex 
Forward port of 49280a73ea from stable/1.7.x
 2014-08-20 10:22:41 +02:00
Nick Sandford b157ffdbb9 Fixed #22849 -- Added Session.__str__() 2014-07-24 21:33:51 +01:00
Maxime Turcotte 9996158db4 Fixed #22835 -- Deprecated NoArgsCommand. 2014-06-19 08:54:59 -04:00
Tim Graham 37a8f5aeed Added database migration for contrib.sessions. 
refs #22170.
 2014-06-16 10:18:42 -04:00
Claude Paroz 1a69d276bd Updated translation catalogs 2014-05-19 15:17:35 +02:00
Matt Robenolt 393c0e2422 Fixed #20936 -- When logging out/ending a session, don't create a new, empty session. 
Previously, when logging out, the existing session was overwritten by a
new sessionid instead of deleting the session altogether.

This behavior added overhead by creating a new session record in
whichever backend was in use: db, cache, etc.

This extra session is unnecessary at the time since no session data is
meant to be preserved when explicitly logging out.
 2014-05-11 21:42:26 -03:00
Alex Gaynor 2bcb8bfc8d Fix many many typos in comments throughout the codebase 2014-04-26 10:18:45 -07:00
James Jenkins ec675ed6cc Fixed #22070 -- Changed verbose_name for apps in django.contrib to use title case 
Thanks bendavis78 for the report.
 2014-03-06 18:43:04 -05:00
Berker Peksag 5d263dee30 Fixed #21674 -- Deprecated the import_by_path() function in favor of import_string(). 
Thanks Aymeric Augustin for the suggestion and review.
 2014-02-08 11:12:19 -05:00
Aymeric Augustin 2ff93e027c Fixed #21829 -- Added default AppConfigs. 
Thanks Russell for the report, Marc for the initial patch, Carl for the
final review, and everyone who contributed to the design discussion.
 2014-01-25 10:41:56 +01:00
Aymeric Augustin 27afd302c6 Fixed #21675 -- Added app configs for contrib apps. 2014-01-05 21:18:33 +01:00
Aymeric Augustin e32095616c Imported override_settings from its new location. 2013-12-23 21:37:56 +01:00
Loic Bistuer 6685713869 Fixed E127 pep8 warnings. 2013-12-14 11:59:15 -05:00
Christopher Medrela 7477a4ffde Fixed E125 pep8 warnings 2013-11-28 08:50:11 -05:00