Florian Apolloner
20b9ad36ff
[4.0.x] Fixed #30530 , CVE-2021-44420 -- Fixed potential bypass of an upstream access control based on URL paths.
...
Thanks Sjoerd Job Postmus and TengMA(@te3t123) for reports.
Backport of d4dcd5b9dd
from main.
2021-12-07 06:29:34 +01:00
Angus Holder
3e73c65ffc
Fixed #32195 -- Added system check for invalid view in path() and improved error messages.
2021-06-09 09:06:42 +02:00
Mariusz Felisiak
8f89454bbc
Refs #32195 -- Added path() test for invalid view.
2021-06-09 08:58:41 +02:00
Mariusz Felisiak
98ae3925e5
Refs #31534 -- Removed django.conf.urls.url() per deprecation timeline.
2021-01-14 17:50:04 +01:00
Tim Park
ece18207cb
Fixed #31858 -- Reallowed whitespaces in URL paths outside of parameters.
...
Regression in 22394bd3a1
.
Thanks David Smith for the review.
2020-09-02 10:24:14 +02:00
David Smith
2522559d1a
Fixed #31534 -- Deprecated django.conf.urls.url().
2020-05-05 07:34:34 +02:00
Adam Johnson
4bb33bb074
Fixed #31459 -- Fixed handling invalid indentifiers in URL path conversion.
...
This patch adjusted existing tests that used invalid identifiers.
2020-04-15 11:29:35 +02:00
Jack Cushman
eb629f4c02
Fixed #30995 -- Allowed converter.to_url() to raise ValueError to indicate no match.
2020-01-09 14:41:41 +01:00
Jack Cushman
07f6ff09e4
Added tests for using the same name for multiple URL patterns.
2020-01-08 10:55:53 +01:00
Mariusz Felisiak
82a88d2f48
Fixed #31061 -- Ignored positional args in django.urls.resolve() when all optional named parameters are missing.
...
Regression in 76b993a117
.
Thanks Claude Paroz for the report and Carlton Gibson for reviews.
2019-12-06 09:32:51 +01:00
Hasan Ramezani
22394bd3a1
Fixed #29667 -- Prohibited whitespaces in path() URLs.
2019-08-20 11:53:10 +02:00
Min ho Kim
4f7328ce8a
Corrected multiple typos.
2019-08-12 12:53:36 +02:00
daniel a rios
76b993a117
Fixed #26431 -- Prevented django.urls.resolve() from returning missing optional parameters.
...
Previous behavior was inconsistent with django.urls.reverse() and
caused that translate_url() created an incorrect URL when an optional
parameter was missing.
2019-06-24 11:47:56 +02:00
daniel a rios
d640c71fa3
Refs #26431 -- Added tests for resolving URL and translate_url() with provided optional parameter.
2019-06-24 11:30:26 +02:00
Min ho Kim
6e8303d49b
Fixed typos in FakePayload docstring and SimplifiedURLTests test name.
2019-06-17 12:38:04 +02:00
Semen Zhydenko
255d6a26a8
Fixed spelling mistakes in comments and tests.
2019-02-11 08:55:57 -05:00
Benjamin Wohlwend
79c196cfb2
Fixed #28766 -- Added ResolverMatch.route.
...
Co-Authored-By: Xavier Fernandez <xavier.fernandez@polyconseil.fr>
2018-12-06 18:05:40 -05:00
Eric Brandwein
b0b4aac555
Fixed #29775 -- Fixed URL converters in a nested namespaced path.
...
When using include() without namespaces of some urlpatterns that
have an include() with namespace, the converters of the parent
include() weren't being used to convert the arguments of reverse().
2018-10-04 11:42:27 -04:00
Xaroth Brook
39283c8edb
Fixed #29415 -- Fixed detection of custom URL converters in included patterns.
2018-05-26 20:13:48 -04:00
Sjoerd Job Postmus
df41b5a05d
Fixed #28593 -- Added a simplified URL routing syntax per DEP 0201.
...
Thanks Aymeric Augustin for shepherding the DEP and patch review.
Thanks Marten Kenbeek and Tim Graham for contributing to the code.
Thanks Tom Christie, Shai Berger, and Tim Graham for the docs.
2017-09-20 18:04:42 -04:00