Luke Plant
8e70cef9b6
Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
...
This is a large change to CSRF protection for Django. It includes:
* removing the dependency on the session framework.
* deprecating CsrfResponseMiddleware, and replacing with a core template tag.
* turning on CSRF protection by default by adding CsrfViewMiddleware to
the default value of MIDDLEWARE_CLASSES.
* protecting all contrib apps (whatever is in settings.py)
using a decorator.
For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.
Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.
Details of the rationale for these changes is found here:
http://code.djangoproject.com/wiki/CsrfProtection
As of this commit, the CSRF code is mainly in 'contrib'. The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Jacob Kaplan-Moss
d1da261417
Fixed #11371 : Made `django.test.Client.put()` work for non-form-data PUT (i.e. JSON, etc.). Thanks, phyfus.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11656 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 15:02:54 +00:00
Russell Keith-Magee
8dc73e8425
Fixed #10571 -- Ensured that unicode POST data is correctly encoded by the test client. Thanks to Rick Wagner for his help identifying and fixing this problem.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10513 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-11 09:20:10 +00:00
Gary Wilson Jr
13ea4a9133
Fixed #9978 -- Fixed a KeyError exception that was being raised when using the logout method on the test client on an unauthenticated user, based on patch from ericholscher.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10228 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-30 22:52:48 +00:00
Jacob Kaplan-Moss
c485e236bd
Fixed #8193 : all dynamic imports in Django are now done correctly. I know this because Brett Cannon borrowed the time machine and brought Python 2.7's '`importlib` back for inclusion in Django. Thanks for the patch-from-the-future, Brett!
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10088 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-18 16:55:59 +00:00
Russell Keith-Magee
ee2f04d79e
Fixed #10482 -- Unified access to response.context when inspecting responses from the test client. Thanks to James Bennett for the design, and Julien Phalip for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10084 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-18 10:46:55 +00:00
Russell Keith-Magee
e735fe7160
Fixed #4476 -- Added a ``follow`` option to the test client request methods. This implements browser-like behavior for the test client, following redirect chains when a 30X response is received. Thanks to Marc Fargas and Keith Bussell for their work on this.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9911 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-02-27 13:14:59 +00:00
Russell Keith-Magee
cd0611bd83
Fixed #8551 -- Added REMOTE_ADDR to the default Test Client environment. Thanks to schmichael for the report and patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9847 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-02-21 07:19:12 +00:00
Karen Tracey
344f16e220
Fixed #8138 -- Changed django.test.TestCase to rollback tests (when the database supports it) instead of flushing and reloading the database. This can substantially reduce the time it takes to run large test suites.
...
This change may be slightly backwards incompatible, if existing tests need to test transactional behavior, or if they rely on invalid assumptions or a specific test case ordering. For the first case, django.test.TransactionTestCase should be used. TransactionTestCase is also a quick fix to get around test case errors revealed by the new rollback approach, but a better long-term fix is to correct the test case. See the testing doc for full details.
Many thanks to:
* Marc Remolt for the initial proposal and implementation.
* Luke Plant for initial testing and improving the implementation.
* Ramiro Morales for feedback and help with tracking down a mysterious PostgreSQL issue.
* Eric Holscher for feedback regarding the effect of the change on the Ellington testsuite.
* Russell Keith-Magee for guidance and feedback from beginning to end.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9756 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-01-16 02:30:22 +00:00
Russell Keith-Magee
98ec741a03
Fixed #9585 -- Corrected code committed in [9398] that wasn't compatible with Python 2.3/2.4. Thanks to Karen Tracey for the report and fix.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9465 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-16 08:20:25 +00:00
Russell Keith-Magee
95d8c0619a
Fixed #9351 -- Modified the test client to pass on URL encoded parameters to the underlying views. Thanks to sime for the suggestion.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9398 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-12 11:22:05 +00:00
Russell Keith-Magee
a53ccc8297
Fixed #9369 -- Added QUERY_STRING info for PUT and DELETE requests in the test client. Thanks to david for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9397 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-12 11:20:32 +00:00
Russell Keith-Magee
ecc1ed4ce1
Fixed #8646 -- Modified test client to set a fully WSGI compliant environment. Thanks to Adam Lofts for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9396 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-12 11:19:37 +00:00
Malcolm Tredinnick
cd8eeaacf5
Fixed #5888 -- Added methods to the test client to support HEAD, PUT, DELETE
...
and OPTIONS support. Thanks Scott Barr and Leah Culver.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9188 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-07 09:23:40 +00:00
Russell Keith-Magee
eeb230aa1c
Fixed #9117 : Made the test client a new-style class. Thanks to Jan Oberst for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9066 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-17 11:32:11 +00:00
Russell Keith-Magee
229f2c1ca0
Fixed #8636 : Corrected the test client to use the string '80' in the request META, rather than the integer 80. Thanks to Adam Lofts for the report and fix.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8655 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-28 11:52:50 +00:00
Russell Keith-Magee
50b548d01b
Fixed #7416 : Modified test client to preserve session when a user logs in. Thanks to lakin.wecker@gmail.com for the report and Eric Holscher for the patch and test case.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8372 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-15 12:08:29 +00:00
Jacob Kaplan-Moss
34a3bd5225
Major refactoring of django.dispatch with an eye towards speed. The net result is that signals are up to 90% faster.
...
Though some attempts and backwards-compatibility were made, speed trumped compatibility. Thus, as usual, check BackwardsIncompatibleChanges for the complete list of backwards-incompatible changes.
Thanks to Jeremy Dunck and Keith Busell for the bulk of the work; some ideas from Brian Herring's previous work (refs #4561 ) were incorporated.
Documentation is, sigh, still forthcoming.
Fixes #6814 and #3951 (with the new dispatch_uid argument to connect).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8223 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-06 15:32:46 +00:00
Malcolm Tredinnick
bfcecbffd3
Changed/fixed the way Django handles SCRIPT_NAME and PATH_INFO (or
...
equivalents). Basically, URL resolving will only use the PATH_INFO and the
SCRIPT_NAME will be prepended by reverse() automatically. Allows for more
portable development and installation. Also exposes SCRIPT_NAME in the
HttpRequest instance.
There are a number of cases where things don't work completely transparently,
so mod_python and fastcgi users should read the relevant docs.
Fixed #285 , #1516 , #3414 .
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8015 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-21 07:57:10 +00:00
Malcolm Tredinnick
189c704ae6
Revert [7991] - [7993]. I was committing from the wrong branch. Sorry 'bout
...
that, folks. :-(
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7995 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-19 19:37:55 +00:00
Malcolm Tredinnick
b653cdcfb2
First part of setting request.path correctly.
...
Still needs:
- testing
- docs changes
- some way of fixing reverse().
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7991 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-19 19:32:01 +00:00
Jacob Kaplan-Moss
9dabd1f8ff
Fixed #7651 : uploading multiple files with the same name now work. Also, in order to test the problem the test client now handles uploading multiple files at once. Patch from Mike Axiak.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7858 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-07 22:06:32 +00:00
Gary Wilson Jr
f5c1bb1cad
Got rid of a bit of repetition by using `dict.update()`.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7821 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-02 04:48:58 +00:00
Gary Wilson Jr
7e210f68a9
Minor style fixes.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7820 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-02 04:34:05 +00:00
Jacob Kaplan-Moss
d725cc9734
Fixed #2070 : refactored Django's file upload capabilities.
...
A description of the new features can be found in the new [http://www.djangoproject.com/documentation/upload_handing/ upload handling documentation]; the executive summary is that Django will now happily handle uploads of large files without issues.
This changes the representation of uploaded files from dictionaries to bona fide objects; see BackwardsIncompatibleChanges for details.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7814 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-01 15:10:51 +00:00
Russell Keith-Magee
8a7bbc3c34
Fixed #5836 -- Corrected the logic in the Test Client when an exception raised by a view is caught and re-raised. Thanks for the report, test case, and fix, Chris Wagner.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7583 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-07 06:25:59 +00:00
Russell Keith-Magee
46cd8bb5b6
Fixed #7143 -- Modified the test client to better match (most) real browser behavior when uploading files. Now, only the file name is sent, rather than the full path. Thanks for the report, cpinto.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7577 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-06 13:39:42 +00:00
Malcolm Tredinnick
597f9d6105
Fixed #5982 -- Changed test client's URL processing to match core's (everything
...
gets run through urllib.unquote()). Patch from Leo Shklovskii and Russell
Keith-Magee.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7330 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-20 06:50:54 +00:00
Malcolm Tredinnick
f1a24be01c
Fixed #6481 -- Fixed a bunch of import problems (and some whitespace cleanups).
...
Found by Bastian Kleineidam with help from pyflakes. Thanks.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7131 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-02-19 00:08:08 +00:00
Malcolm Tredinnick
f45dab3061
Fixed #6479 -- Use settings.SESSION_COOKIE_NAME instead of hard-coded "sessionid" in the test client. Thanks, Bastian Kleineidam.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7058 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-02-03 01:37:29 +00:00
Malcolm Tredinnick
3ee3d6b5f3
Fixed #5898 -- Changed a few response processing paths to make things harder to get wrong and easier to get right. Previous behaviour wasn't buggy, but it was harder to use than necessary.
...
We now have automatic HEAD processing always (previously required ConditionalGetMiddleware), middleware benefits from the Location header rewrite, so they can use relative URLs as well, and responses with response codes 1xx, 204 or 304 will always have their content removed, in accordance with the HTTP spec (so it's much harder to indavertently deliver invalid responses).
Based on a patch and diagnosis from regexbot@gmail.com .
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6662 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-11 03:55:44 +00:00
Jacob Kaplan-Moss
c3a489d817
Cleaned up a couple of mistakes (a handful of bugs in the test client) that I missed in [6333].
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6338 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-15 21:44:05 +00:00
Jacob Kaplan-Moss
bcf7e9a9fe
Fixed #2066 : session data can now be stored in the cache or on the filesystem. This should be fully backwards-compatible (the database cache store is still the default). A big thanks to John D'Agostino for the bulk of this code.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6333 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-15 21:29:14 +00:00
Jacob Kaplan-Moss
ad077ccbc0
Fixed #5445 : added some compatibility code for the lack of __iter__ in Jython 2.2. Thanks, Leo Soto.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6211 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-14 19:55:24 +00:00
Russell Keith-Magee
3bf4ef0c77
Fixed #4988 -- In the test client, Added tracking of the client and request that caused a response so that the assertRedirects check can use the correct client when following a redirect. Well spotted, alex@gc-web.de.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6039 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-03 11:21:40 +00:00
Russell Keith-Magee
258af283fc
Fixed #4457 -- Corrected the handling of exceptions in the test client when the 500.html template is not available. Thanks to Chris Wager <cw264701@ohiou.edu> for his help in tracking down this problem.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6023 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-08-28 13:03:22 +00:00
Russell Keith-Magee
8dff1cd91d
Fixed #5189 -- Added logout method to test Client. Thanks, Jakub Wisniowski <restless.being@gmail.com>.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5916 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-08-17 14:20:25 +00:00
Russell Keith-Magee
f2303b6f7a
Fixed #4402 -- Modified test client to allow multi-valued inputs on GET requests. Thanks for the suggestion, eddymul@gmail.com.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5741 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-21 05:17:20 +00:00
Adrian Holovaty
55de110627
Negligible capitalization fix in test/client.py docstring
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5699 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-14 17:04:30 +00:00
Russell Keith-Magee
b8d0dc73c7
Fixed #4526 -- Modified the test Client login method to fail when a user is inactive. Thanks, marcin@elksoft.pl.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5677 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-12 15:26:37 +00:00
Malcolm Tredinnick
953badbea5
Merged Unicode branch into trunk (r4952:5608). This should be fully
...
backwards compatible for all practical purposes.
Fixed #2391 , #2489 , #2996 , #3322 , #3344 , #3370 , #3406 , #3432 , #3454 , #3492 , #3582 , #3690 , #3878 , #3891 , #3937 , #4039 , #4141 , #4227 , #4286 , #4291 , #4300 , #4452 , #4702
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5609 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-04 12:11:04 +00:00
Malcolm Tredinnick
a4d773b580
Fixed a bug in the way file uploads were constructed. The new behaviour
...
should emulate a form upload more accurately.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5465 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-11 20:03:07 +00:00
Russell Keith-Magee
36b164d838
Backwards incompatible change: Changed the way test.Client.login operates. Old implemenation was fragile, and tightly bound to forms. New implementation interfaces directly with the login system, is compatible with any authentication backend, and doesn't depend upon specific template inputs being available.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5152 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-05-05 15:16:15 +00:00
Russell Keith-Magee
f157bcefca
Fixes #3212 -- Added code to test client to allow posting of multi-form values (e.g., MultipleChoiceFields). Thanks, Ben Dean Kawamura.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4774 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-03-22 10:23:52 +00:00
Russell Keith-Magee
895633a80d
Fixed #3210 -- Modified test Client.login() to use urlparse, allowing absolute URLs in the Location header. Thanks, Ben Dean Kawamura.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4540 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-02-18 08:02:00 +00:00
Russell Keith-Magee
d6d51c9546
Fixed #3160 -- Added the ability to control the content type in a test client POST request. This is to allow easier testing of json-rpc/xml-rpc/soap etc interfaces. Thanks to Mikeal Rogers for the suggestion, and Ben <afternoon@uk2.net> for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4529 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-02-17 00:23:09 +00:00
Russell Keith-Magee
f9cdde0cb4
Fixed #3162 -- Added coded to catch and rethrow exceptions that are thrown by the views visited by the test client. Thanks, Ben <afternoon@uk2.net>.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4482 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-02-11 00:23:31 +00:00
Russell Keith-Magee
9ba27afce0
Added a ``session`` attribute to the test Client, to make it easier to test if session variables have been modified in a view. Also renamed Client.cookie to Client.cookies, to match documentation and common sense.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4464 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-02-09 13:47:36 +00:00
Adrian Holovaty
15e7805ae4
Changed BaseHandler.get_response() to take a single parameter (an HttpRequest object) rather than a URL and the HttpRequest object, which is redundant
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3875 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-28 01:56:02 +00:00
Russell Keith-Magee
d043200077
Refs #2333 - Re-added the template rendering signal for testing purposes; however, the signal is not available during normal operation. It is only added as part of an instrumentation step that occurs during test framework setup. Previous attempt (r3659) was reverted (r3666) due to performance concerns.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3707 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-09-02 09:26:24 +00:00