innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
17,814 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

224 Commits

Author SHA1 Message Date
Florian Apolloner 1ff11304dc [1.7.x] Fixed #22680 -- I/O operation on closed file. 
This patch is two-fold; first it ensure that Django does close everything in
request.FILES at the end of the request and secondly the storage system should
no longer close any files during save, it's up to the caller to handle that --
or let Django close the files at the end of the request.

Backport of e2efc8965e from master.
 2014-06-11 09:03:11 +02:00
mbacho 6f0dcec44c [1.7.x] Fixed typo in multipartparser.py 
Backport of 8a9d54aa69 from master
 2014-05-16 05:35:28 -04:00
Aymeric Augustin 7fef18ba9e [1.7.x] Dropped fix_IE_for_vary/attach. 
This is a security fix. Disclosure following shortly.
 2014-05-14 10:18:26 +02:00
Alex Gaynor 996564df4d [1.7.x] Fix many many typos in comments throughout the codebase 
Backport of 2bcb8bfc8d from master
 2014-04-26 14:35:57 -04:00
Tim Graham 07c42cee7f [1.7.x] Replaced urllib/urlparse imports with from django.utils.six.moves. 
Backport of 981b864fbd from master
 2014-03-31 07:55:25 -04:00
Rodolfo Carvalho 0d91225892 Fixed many typos in comments and docstrings. 
Thanks Piotr Kasprzyk for help with the patch.
 2014-03-03 07:38:09 -05:00
Lukasz Balcerzak 0242134d32 Fixed #17942 -- Added a JsonResponse class to more easily create JSON encoded responses. 
Thanks leahculver for the suggestion and Erik Romijn,
Simon Charette, and Marc Tamlyn for the reviews.
 2014-02-14 18:25:19 -05:00
Martin Matusiak 63ff03c4ec Fixed typo in docstring. 2014-01-16 22:34:35 +01:00
Loic Bistuer 6685713869 Fixed E127 pep8 warnings. 2013-12-14 11:59:15 -05:00
Christopher Medrela 7477a4ffde Fixed E125 pep8 warnings 2013-11-28 08:50:11 -05:00
Aymeric Augustin a480f8320a Simplified iteration in HTTP response objects. 
Fixed #20187 -- Allowed repeated iteration of HttpResponse.

All this became possible when support for old-style streaming responses was
finally removed.
 2013-11-23 17:03:43 +01:00
Baptiste Mispelon ceecc962ad Fixed #21447 -- Restored code erroneously removed in 20472aa827. 
Also added some tests for HttpRequest.__repr__.
Note that the added tests don't actually catch the accidental code
removal (see ticket) but they do cover a codepath that wasn't tested
before.

Thanks to Tom Christie for the report and the original patch.
 2013-11-16 01:09:35 +01:00
Alex Gaynor 10a09b8e60 Fixed the use of the -ise suffix, where -ize is prefered 2013-11-15 05:23:14 -08:00
Alex Gaynor c347f78cc1 Fixed all E226 violations 2013-11-03 10:08:55 -08:00
Milton Mazzarri cbc7cbbc5b Fixed flake8 E251 violations 2013-11-03 03:22:11 -06:00
Alex Gaynor fe995e6cbd Fixed the remaining E302 violations int eh django package 2013-11-02 17:37:15 -07:00
coagulant 3bc0d46a84 Fixed all E261 warnings 2013-11-02 18:20:39 -04:00
Alex Gaynor 7548aa8ffd More attacking E302 violators 2013-11-02 13:12:09 -07:00
Tim Graham 36ded01527 Fixed #21302 -- Fixed unused imports and import *. 2013-11-02 15:24:56 -04:00
Alex Gaynor f2d8027c9a Fixed up some more flake8 violations (this particular violation still has many occurrences in the tests/ dir so it can't be removed from setup.cfg yet) 2013-10-26 10:50:40 -07:00
Claude Paroz c052699be3 Fixed #20338 -- Stripped ending dot during host validation 
Thanks manfre for the report and Timo Graham for the review.
 2013-10-24 21:24:04 +02:00
Alasdair Nicol b289fcf1bf Fixed #21288 -- Fixed E126 pep8 warnings 2013-10-21 08:31:30 -04:00
Alasdair Nicol a800036981 Fixed #21287 -- Fixed E123 pep8 warnings 2013-10-18 10:07:39 +01:00
Claude Paroz a14f087233 Fixed #21282 -- Made HttpResponse.serialize_headers accept latin-1 
Thanks Raphaël Barrois for the report and the initial patch and
Aymeric Augustin for the review.
 2013-10-17 18:14:35 +02:00
Unai Zalakain c7634cd7fe Fixed #7603 -- Added a 'scheme' property to the HttpRequest object 
`HttpRequest.scheme` is `https` if `settings.SECURE_PROXY_SSL_HEADER` is
appropriately set and falls back to `HttpRequest._get_scheme()` (a hook
for subclasses to implement) otherwise.

`WSGIRequest._get_scheme()` makes use of the `wsgi.url_scheme` WSGI
environ variable to determine the request scheme.

`HttpRequest.is_secure()` simply checks if `HttpRequest.scheme` is
`https`.

This provides a way to check the current scheme in templates, for example.
It also allows us to deal with other schemes.

Thanks nslater for the suggestion.
 2013-10-15 09:04:12 -04:00
Tim Graham 58d555caf5 Fixed #16822 -- Added RawPostDataException 
Thanks jaylett for the patch.
 2013-10-08 08:05:39 -04:00
Baptiste Mispelon 20472aa827 Fixed #21189: Cleaned up usage of bare except clauses. 
Thanks to berkerpeksag for the report and to claudep
for the review.
 2013-10-05 11:50:03 +02:00
e0ne f2a4452882 Fixed #18403 -- Initialized bad_cookies in SimpleCookie 
Thanks Stefano Crosta for the report.
 2013-09-10 08:26:54 -04:00
Daniel Boeve 6dca603abb Fixed #20889 -- Prevented email.Header from inserting newlines 
Passed large maxlinelen to email.Header to prevent newlines from being
inserted into value returned by _convert_to_charset

Thanks mjl at laubach.at for the report.
 2013-09-09 08:47:41 -04:00
Aymeric Augustin 365c3e8b73 Replaced "not PY3" by "PY2", new in six 1.4.0. 2013-09-02 12:11:02 +02:00
Claude Paroz f4e9804567 Fixed #20961 -- Fixed HttpResponse default empty content 
Thanks epandurski at gmail.com for the report.
 2013-08-24 18:10:12 +02:00
Will Hardy 1c3c21b38d Fixed #19987 -- Disabled host validation when DEBUG=True. 
The documentation promises that host validation is disabled when
DEBUG=True, that all hostnames are accepted. Domains not compliant with
RFC 1034/1035 were however being validated, this validation has now been
removed when DEBUG=True.

Additionally, when DEBUG=False a more detailed SuspiciousOperation
exception message is provided when host validation fails because the
hostname is not RFC 1034/1035 compliant.
 2013-07-31 10:38:59 -04:00
Baptiste Mispelon 3c45fb8589 Fixed #10491 -- Allowed passing lazy objects to HttpResponseRedirect. 
Thanks liangent for the report.
 2013-07-30 13:39:44 -04:00
Claude Paroz 5c1143910e Removed most of absolute_import imports 
Should be unneeded with Python 2.7 and up.
Added some unicode_literals along the way.
 2013-07-29 20:28:13 +02:00
Benjamin Kagia b0953dc913 Fixed #13721 -- Added UploadedFile.content_type_extra. 
Thanks Waldemar Kornewald and mvschaik for work on the patch.
 2013-07-11 09:11:59 -04:00
Aymeric Augustin 8b9b8d3bda Removed compatibility code for streaming responses. 
This code provided a deprecation path for old-style streaming responses.

Refs #6527, #7581.
 2013-06-29 18:49:36 +02:00
Ramiro Morales 8eadbc5a03 Removed 'mimetype' arguments from a few places, as per deprecation TL. 
This includes HttpResponse and co. __init__() methods,
django.shortcuts.render_to_response() and the index(), sitemap() sitemap
app views.
 2013-06-28 21:48:16 -03:00
Loic Bistuer 48ce167d89 Fixed missing initializations in WSGIRequest. Refs #20619 2013-06-26 14:36:25 +07:00
CHI Cheng 659d090025 Fixed #20598 -- Add new HTTP status codes defined in rfc6585 
428, 429, 431 and 511
 2013-06-14 23:22:52 +10:00
Claude Paroz de66b56790 Fixed #18481 -- Wrapped request.FILES read error in UnreadablePostError 
Thanks KyleMac for the report, André Cruz for the initial patch and
Hiroki Kiyohara for the tests.
 2013-06-01 10:26:46 +02:00
Preston Holmes d228c1192e Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation. 
SuspiciousOperations have been differentiated into subclasses, and
are now logged to a 'django.security.*' logger. SuspiciousOperations
that reach django.core.handlers.base.BaseHandler will now return a 400
instead of a 500.

Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft
for review.
 2013-05-25 16:27:34 -07:00
Łukasz Langa 0594fed9ff Fixed #20472: response.content should be bytes on both Python 2 and 3 2013-05-21 01:28:16 +02:00
Aymeric Augustin cb86f707a0 Fixed #12747 -- Made reason phrases customizable. 2013-05-19 13:14:54 +02:00
Eric Urban c278e56baf Corrected documentation on the constructor arguments of MultiPartParser 2013-05-17 19:49:33 -04:00
Aymeric Augustin 9c487b5974 Replaced an antiquated pattern. 
Thanks Lennart Regebro for pointing it out.
 2013-05-17 18:08:58 +02:00
Baptiste Mispelon c250f9c99b Fixed #20038 -- Better error message for host validation. 2013-04-03 14:27:20 -06:00
konarkmodi bc4111ba68 Fixed #18003 -- Preserved tracebacks when re-raising errors. 
Thanks jrothenbuhler for draft patch, Konark Modi for updates.
 2013-03-19 15:42:39 -07:00
Aymeric Augustin ce76fbfc5a Fixed #20019 -- Ensured HttpRequest.resolver_match always exists. 
Obviously it isn't set until the URL is resolved.
 2013-03-10 23:28:19 +01:00
Carl Meyer d51fb74360 Added a new required ALLOWED_HOSTS setting for HTTP host header validation. 
This is a security fix; disclosure and advisory coming shortly.
 2013-02-19 11:23:29 -07:00
Hiroki Kiyohara e94f405d94 Fixed #18558 -- Added url property to HttpResponseRedirect* 
Thanks coolRR for the report.
 2013-02-13 10:29:32 +01:00