914c72be2a introduced a regression that
causes saving a NamedTemporaryFile in a FileField to raise a
SuspiciousFileOperation. To remedy this, if a File has an absolute
path as a filename, use only the basename as the filename.
File operations always raise a ENOENT error when a file doesn't exist.
Checking the file exists before the operation adds a race condition
condition where the file could be removed between operations. As the
operation already raises an error on a missing file, avoid this race and
avoid checking the file exists twice. Instead only check a file exists
by catching the ENOENT error.
Leading slashes in the second urljoin argument will return exactly that
argument, breaking FileSystemStorage.url behavior if called with a
parameter with leading slashes.
Also added test cases for null bytes and None. Thanks to Markus for
help and review.
New Storage.get_{accessed,created,modified}_time() methods convert the
naive time from now-deprecated {accessed,created_modified}_time()
methods into aware objects in UTC if USE_TZ=True.
This reverts commit f36151ed16.
Adding kwargs to deconstructed objects does not achieve useful
forward-compatibility in general, since additional arguments are silently
dropped rather than having their intended effect. In fact, it can make the
failure more difficult to diagnose. Thanks Shai Berger for discussion.
Added a test for the condition safe_join is designed to prevent.
Previously, a generic ValueError was raised. It was impossible to tell
an intentional exception raised to implement safe_join's contract from
an unintentional exception caused by incorrect inputs or unexpected
conditions. That resulted in bizarre exception catching patterns, which
this patch removes.
Since safe_join is a private API and since the change is unlikely to
create security issues for users who use it anyway -- at worst, an
uncaught SuspiciousFileOperation exception will bubble up -- it isn't
documented.
The following are recognized as ending a line: the Unix end-of-line
convention '\n', the Windows convention '\r\n', and the old
Macintosh convention '\r'.
http://www.python.org/dev/peps/pep-0278
Thanks tchaumeny for review.
This patch is two-fold; first it ensure that Django does close everything in
request.FILES at the end of the request and secondly the storage system should
no longer close any files during save, it's up to the caller to handle that --
or let Django close the files at the end of the request.
Added condition to prevent checking the existence of a file name of a
file like object when the name attribute is None. This is necessary
because a SpooledTemporaryFile won't exist on the file system or have a
name until it has reached its max_size. Also added tests.
Due to a mixup between text and bytes, iteration over
a File instance was broken under Python 3.
Thanks to trac user pdewacht for the report and patch.
There wasn't any file locking under Windows unless PyWin32 was
installed. This removes that (undocumented) dependency by using ctypes
instead.
Thanks to Anatoly Techtonik for writing the ctypes port upon which this
is based.
Previously when collecting static files, the directories would receive permissions
from the global umask. Now the default permission comes from FILE_UPLOAD_DIRECTORY_PERMISSIONS
and there's an option to specify the permissions by subclassing any of the
static files storage classes and setting the directory_permissions_mode parameter.
Previously, when collecting static files, the files would receive permission
from FILE_UPLOAD_PERMISSIONS. Now, there's an option to give different
permission from uploaded files permission by subclassing any of the static
files storage classes and setting the file_permissions_mode parameter.
Thanks dblack at atlassian.com for the suggestion.
- Noted that this does not allow for reading and writing the same open
file in different processes under Windows.
- Noted that the keyword arguments to NamedTemporaryFile no longer
match the Python version.
- TemporaryFile now minimally mocks the API of the Python standard
library class tempfile.NamedTemporaryFile to avoid AttributeError
exceptions.
- The symbol django.core.files.NamedTemporaryFile is actually assigned
as a different class on different operating systems.
- The bug only occurred if Django is running on Windows, hence why it
was hard to diagnose.
SuspiciousOperations have been differentiated into subclasses, and
are now logged to a 'django.security.*' logger. SuspiciousOperations
that reach django.core.handlers.base.BaseHandler will now return a 400
instead of a 500.
Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft
for review.
* Renamed the __unicode__ methods
* Applied the python_2_unicode_compatible decorator
* Removed the StrAndUnicode mix-in that is superseded by
python_2_unicode_compatible
* Kept the __unicode__ methods in classes that specifically
test it under Python 2
* Renamed smart_unicode to smart_text (but kept the old name under
Python 2 for backwards compatibility).
* Renamed smart_str to smart_bytes.
* Re-introduced smart_str as an alias for smart_text under Python 3
and smart_bytes under Python 2 (which is backwards compatible).
Thus smart_str always returns a str objects.
* Used the new smart_str in a few places where both Python 2 and 3
want a str.
Tim Graham
Ville Skyttä
Hugo Osvaldo Barrera
Jon Dufresne
Simon Charette
Cristiano
Maxim Novikov
rixx
James Aylett
Maxime Lorant
Carson Gee
David Danier
steve
Matt Hooks
Raúl Cumplido
Pavel Shpilev
Sergey Fedoseev
Carl Meyer
Aymeric Augustin
Loic Bistuer
Florian Apolloner
Claude Paroz
Alex Gaynor
Andrew Godwin
Baptiste Mispelon
Hans Lawrenz
smallcode
Rodolfo Carvalho
Dmitro
Kevin Christopher Henry
Berker Peksag
José Moreira
Loic Bistuer
Vajrasky Kok
xuxiang
Milton Mazzarri
coagulant
Alasdair Nicol
Gregor MacGregor
John Hensley
homm
Christopher Adams
Mel Collins
Benjamin Kagia
Russell Keith-Magee
Ramiro Morales
Preston Holmes
Daniel Lindsley
Marcin Biernat
Anton Baklanov
Karen Tracey