Claude Paroz
b42e5ca058
Fixed #22971 -- Properly parsed RFC 2388 encoded headers
...
Thanks homm for the report, Cea Stapleton for patch improvements
and Ian Cordasco, Christian Schmitt and Tim Graham for the review.
2014-08-14 11:45:43 +02:00
qingfeng
0d23450e81
Fixed #19802 -- Fixed HttpResponse.set_cookie() with unicode data on Python 2.
...
Thanks django at patrickbregman.eu for the report.
2014-08-03 12:50:25 -04:00
Daniel Hahler
fff7b507ef
Added a space before explanation of "Invalid HTTP_HOST header: ..."
2014-07-05 20:18:52 -04:00
Duncan Parkes
fd4ccd045c
Fixed #22799 -- Made GET and POST on HttpRequest QueryDicts, and FILES a MultiValueDict.
...
Previously, GET, POST, and FILES on an HttpRequest were created in
the __init__ method as dictionaries. This was not something you would
usually notice causing trouble in production as you'd only see a
WSGIRequest, but in testing using the test client, calling .getlist
on GET, POST, or FILES for a request with no get/post data resulted in
an AttributeError.
Changed GET and POST on an HttpRequest object to be mutable
QueryDicts (mutable because the Django tests, and probably many
third party tests, were expecting it).
2014-06-24 22:03:22 -04:00
Duncan Parkes
d68987ae25
Fixed #22897 -- Made QueryDict query_string argument optional.
...
Now QueryDict() is equivalent to QueryDict('') or QueryDict(None).
2014-06-24 22:02:03 -04:00
Duncan Parkes
7f4e2ef1e9
Improved documentation for QueryDict.
2014-06-24 21:40:21 -04:00
Yazhong Liu
97adfc2bf8
Added HTTP 308 status and its description.
2014-06-20 13:35:59 -04:00
Florian Apolloner
e2efc8965e
Fixed #22680 -- I/O operation on closed file.
...
This patch is two-fold; first it ensure that Django does close everything in
request.FILES at the end of the request and secondly the storage system should
no longer close any files during save, it's up to the caller to handle that --
or let Django close the files at the end of the request.
2014-06-11 08:57:30 +02:00
Unai Zalakain
11284a63d4
Fixed #18314 -- Corrected request.build_absolute_uri() handling of paths starting with //
...
``HttpRequest.build_absolute_uri()`` now correctly handles paths starting with ``//``.
``WSGIRequest`` now doesn't remove all the leading slashes either,
because ``http://test/server `` and http://test//server `` aren't the same thing
(RFC2396).
Thanks to SmileyChris for the initial patch.
2014-06-07 08:59:02 -04:00
mbacho
8a9d54aa69
Fixed typo in multipartparser.py
2014-05-16 05:34:40 -04:00
Aymeric Augustin
3800f63721
Dropped fix_IE_for_vary/attach.
...
This is a security fix. Disclosure following shortly.
2014-05-14 10:19:48 +02:00
Alex Gaynor
2bcb8bfc8d
Fix many many typos in comments throughout the codebase
2014-04-26 10:18:45 -07:00
Tim Graham
981b864fbd
Replaced urllib/urlparse imports with from django.utils.six.moves.
2014-03-31 07:54:22 -04:00
Rodolfo Carvalho
0d91225892
Fixed many typos in comments and docstrings.
...
Thanks Piotr Kasprzyk for help with the patch.
2014-03-03 07:38:09 -05:00
Lukasz Balcerzak
0242134d32
Fixed #17942 -- Added a JsonResponse class to more easily create JSON encoded responses.
...
Thanks leahculver for the suggestion and Erik Romijn,
Simon Charette, and Marc Tamlyn for the reviews.
2014-02-14 18:25:19 -05:00
Martin Matusiak
63ff03c4ec
Fixed typo in docstring.
2014-01-16 22:34:35 +01:00
Loic Bistuer
6685713869
Fixed E127 pep8 warnings.
2013-12-14 11:59:15 -05:00
Christopher Medrela
7477a4ffde
Fixed E125 pep8 warnings
2013-11-28 08:50:11 -05:00
Aymeric Augustin
a480f8320a
Simplified iteration in HTTP response objects.
...
Fixed #20187 -- Allowed repeated iteration of HttpResponse.
All this became possible when support for old-style streaming responses was
finally removed.
2013-11-23 17:03:43 +01:00
Baptiste Mispelon
ceecc962ad
Fixed #21447 -- Restored code erroneously removed in 20472aa827
.
...
Also added some tests for HttpRequest.__repr__.
Note that the added tests don't actually catch the accidental code
removal (see ticket) but they do cover a codepath that wasn't tested
before.
Thanks to Tom Christie for the report and the original patch.
2013-11-16 01:09:35 +01:00
Alex Gaynor
10a09b8e60
Fixed the use of the -ise suffix, where -ize is prefered
2013-11-15 05:23:14 -08:00
Alex Gaynor
c347f78cc1
Fixed all E226 violations
2013-11-03 10:08:55 -08:00
Milton Mazzarri
cbc7cbbc5b
Fixed flake8 E251 violations
2013-11-03 03:22:11 -06:00
Alex Gaynor
fe995e6cbd
Fixed the remaining E302 violations int eh django package
2013-11-02 17:37:15 -07:00
coagulant
3bc0d46a84
Fixed all E261 warnings
2013-11-02 18:20:39 -04:00
Alex Gaynor
7548aa8ffd
More attacking E302 violators
2013-11-02 13:12:09 -07:00
Tim Graham
36ded01527
Fixed #21302 -- Fixed unused imports and import *.
2013-11-02 15:24:56 -04:00
Alex Gaynor
f2d8027c9a
Fixed up some more flake8 violations (this particular violation still has many occurrences in the tests/ dir so it can't be removed from setup.cfg yet)
2013-10-26 10:50:40 -07:00
Claude Paroz
c052699be3
Fixed #20338 -- Stripped ending dot during host validation
...
Thanks manfre for the report and Timo Graham for the review.
2013-10-24 21:24:04 +02:00
Alasdair Nicol
b289fcf1bf
Fixed #21288 -- Fixed E126 pep8 warnings
2013-10-21 08:31:30 -04:00
Alasdair Nicol
a800036981
Fixed #21287 -- Fixed E123 pep8 warnings
2013-10-18 10:07:39 +01:00
Claude Paroz
a14f087233
Fixed #21282 -- Made HttpResponse.serialize_headers accept latin-1
...
Thanks Raphaël Barrois for the report and the initial patch and
Aymeric Augustin for the review.
2013-10-17 18:14:35 +02:00
Unai Zalakain
c7634cd7fe
Fixed #7603 -- Added a 'scheme' property to the HttpRequest object
...
`HttpRequest.scheme` is `https` if `settings.SECURE_PROXY_SSL_HEADER` is
appropriately set and falls back to `HttpRequest._get_scheme()` (a hook
for subclasses to implement) otherwise.
`WSGIRequest._get_scheme()` makes use of the `wsgi.url_scheme` WSGI
environ variable to determine the request scheme.
`HttpRequest.is_secure()` simply checks if `HttpRequest.scheme` is
`https`.
This provides a way to check the current scheme in templates, for example.
It also allows us to deal with other schemes.
Thanks nslater for the suggestion.
2013-10-15 09:04:12 -04:00
Tim Graham
58d555caf5
Fixed #16822 -- Added RawPostDataException
...
Thanks jaylett for the patch.
2013-10-08 08:05:39 -04:00
Baptiste Mispelon
20472aa827
Fixed #21189 : Cleaned up usage of bare except clauses.
...
Thanks to berkerpeksag for the report and to claudep
for the review.
2013-10-05 11:50:03 +02:00
e0ne
f2a4452882
Fixed #18403 -- Initialized bad_cookies in SimpleCookie
...
Thanks Stefano Crosta for the report.
2013-09-10 08:26:54 -04:00
Daniel Boeve
6dca603abb
Fixed #20889 -- Prevented email.Header from inserting newlines
...
Passed large maxlinelen to email.Header to prevent newlines from being
inserted into value returned by _convert_to_charset
Thanks mjl at laubach.at for the report.
2013-09-09 08:47:41 -04:00
Aymeric Augustin
365c3e8b73
Replaced "not PY3" by "PY2", new in six 1.4.0.
2013-09-02 12:11:02 +02:00
Claude Paroz
f4e9804567
Fixed #20961 -- Fixed HttpResponse default empty content
...
Thanks epandurski at gmail.com for the report.
2013-08-24 18:10:12 +02:00
Will Hardy
1c3c21b38d
Fixed #19987 -- Disabled host validation when DEBUG=True.
...
The documentation promises that host validation is disabled when
DEBUG=True, that all hostnames are accepted. Domains not compliant with
RFC 1034/1035 were however being validated, this validation has now been
removed when DEBUG=True.
Additionally, when DEBUG=False a more detailed SuspiciousOperation
exception message is provided when host validation fails because the
hostname is not RFC 1034/1035 compliant.
2013-07-31 10:38:59 -04:00
Baptiste Mispelon
3c45fb8589
Fixed #10491 -- Allowed passing lazy objects to HttpResponseRedirect.
...
Thanks liangent for the report.
2013-07-30 13:39:44 -04:00
Claude Paroz
5c1143910e
Removed most of absolute_import imports
...
Should be unneeded with Python 2.7 and up.
Added some unicode_literals along the way.
2013-07-29 20:28:13 +02:00
Benjamin Kagia
b0953dc913
Fixed #13721 -- Added UploadedFile.content_type_extra.
...
Thanks Waldemar Kornewald and mvschaik for work on the patch.
2013-07-11 09:11:59 -04:00
Aymeric Augustin
8b9b8d3bda
Removed compatibility code for streaming responses.
...
This code provided a deprecation path for old-style streaming responses.
Refs #6527 , #7581 .
2013-06-29 18:49:36 +02:00
Ramiro Morales
8eadbc5a03
Removed 'mimetype' arguments from a few places, as per deprecation TL.
...
This includes HttpResponse and co. __init__() methods,
django.shortcuts.render_to_response() and the index(), sitemap() sitemap
app views.
2013-06-28 21:48:16 -03:00
Loic Bistuer
48ce167d89
Fixed missing initializations in WSGIRequest. Refs #20619
2013-06-26 14:36:25 +07:00
CHI Cheng
659d090025
Fixed #20598 -- Add new HTTP status codes defined in rfc6585
...
428, 429, 431 and 511
2013-06-14 23:22:52 +10:00
Claude Paroz
de66b56790
Fixed #18481 -- Wrapped request.FILES read error in UnreadablePostError
...
Thanks KyleMac for the report, André Cruz for the initial patch and
Hiroki Kiyohara for the tests.
2013-06-01 10:26:46 +02:00
Preston Holmes
d228c1192e
Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation.
...
SuspiciousOperations have been differentiated into subclasses, and
are now logged to a 'django.security.*' logger. SuspiciousOperations
that reach django.core.handlers.base.BaseHandler will now return a 400
instead of a 500.
Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft
for review.
2013-05-25 16:27:34 -07:00
Łukasz Langa
0594fed9ff
Fixed #20472 : response.content should be bytes on both Python 2 and 3
2013-05-21 01:28:16 +02:00
Aymeric Augustin
cb86f707a0
Fixed #12747 -- Made reason phrases customizable.
2013-05-19 13:14:54 +02:00
Eric Urban
c278e56baf
Corrected documentation on the constructor arguments of MultiPartParser
2013-05-17 19:49:33 -04:00
Aymeric Augustin
9c487b5974
Replaced an antiquated pattern.
...
Thanks Lennart Regebro for pointing it out.
2013-05-17 18:08:58 +02:00
Baptiste Mispelon
c250f9c99b
Fixed #20038 -- Better error message for host validation.
2013-04-03 14:27:20 -06:00
konarkmodi
bc4111ba68
Fixed #18003 -- Preserved tracebacks when re-raising errors.
...
Thanks jrothenbuhler for draft patch, Konark Modi for updates.
2013-03-19 15:42:39 -07:00
Aymeric Augustin
ce76fbfc5a
Fixed #20019 -- Ensured HttpRequest.resolver_match always exists.
...
Obviously it isn't set until the URL is resolved.
2013-03-10 23:28:19 +01:00
Carl Meyer
d51fb74360
Added a new required ALLOWED_HOSTS setting for HTTP host header validation.
...
This is a security fix; disclosure and advisory coming shortly.
2013-02-19 11:23:29 -07:00
Hiroki Kiyohara
e94f405d94
Fixed #18558 -- Added url property to HttpResponseRedirect*
...
Thanks coolRR for the report.
2013-02-13 10:29:32 +01:00
Matt Robenolt
222a956ecc
Kill mx.TextTools with fire
2013-01-15 10:15:40 -08:00
Claude Paroz
f08e739bc2
Fixed #19585 -- Fixed loading cookie value as a dict
...
This regression was introduced by the 'unicode_literals' patch.
2013-01-11 21:09:33 +01:00
Aymeric Augustin
acc5396e6d
Fixed #19519 -- Fired request_finished in the WSGI iterable's close().
2012-12-31 12:47:34 +01:00
Aymeric Augustin
ef017a5f00
Advanced pending deprecation warnings.
...
Also added stacklevel argument, fixed #18127 .
2012-12-29 21:59:07 +01:00
Aymeric Augustin
4a6490a4a0
Removed HttpRequest.raw_post_data.
2012-12-29 21:59:07 +01:00
Florian Apolloner
27560924ec
Fixed a security issue in get_host.
...
Full disclosure and new release forthcoming.
2012-12-10 22:11:40 +01:00
Claude Paroz
2a67374b51
Fixed #19036 -- Fixed base64 uploads decoding
...
Thanks anthony at adsorbtion.org for the report, and johannesl for
bringing the patch up-to-date.
2012-11-17 17:25:21 +01:00
Aymeric Augustin
fc10418fba
Fixed #18963 -- Used a subclass-friendly pattern
...
for Python 2 object model compatibility methods.
2012-11-03 22:07:35 +01:00
Aymeric Augustin
095eca8dd8
Fixed #19101 -- Decoding of non-ASCII POST data on Python 3.
...
Thanks Claude Paroz.
2012-11-03 13:03:15 +01:00
Aymeric Augustin
da56e1bac6
Fixed #18796 -- Refactored conversion to bytes in HttpResponse
...
Thanks mrmachine for the review.
2012-10-25 08:49:51 +02:00
Aymeric Augustin
82b3e6ffcb
Fixed #13222 -- Made HttpResponse iterable once
...
response.content can be accessed many times as desired, and always
returns the same result.
iter(response) works only once and consumes the iterator.
2012-10-24 17:19:56 +02:00
Aymeric Augustin
495a8b8107
Fixed #6527 -- Provided repeatable content access
...
in HttpResponses instantiated with iterators.
2012-10-24 17:08:37 +02:00
Aymeric Augustin
ea57112d53
Reverted 6a64822bf4
.
...
This commit caused every test that does two or more assertContains to
fail, because of #6527 . It also made HttpResponse non-pickleable.
Refs #13222 .
2012-10-23 00:11:17 +02:00
Aymeric Augustin
6a64822bf4
Fixed #13222 -- Repeated iteration of HttpResponse
...
Thanks teepark for the report and grahamd for his insights.
2012-10-22 22:52:36 +02:00
Alex Gaynor
b4066d7d21
Cleaned up the the http module. Moved all of the code from __init__.py to request.py, response.py and utils.py
2012-10-21 11:12:59 -07:00
Aymeric Augustin
4b27813198
Fixed #7581 -- Added streaming responses.
...
Thanks mrmachine and everyone else involved on this long-standing ticket.
2012-10-20 20:05:11 +02:00
Claude Paroz
dfd4a71751
Fixed #5611 -- Restricted accepted content types in parsing POST data
...
Thanks paulegan for the report and Preston Holmes for the review.
2012-10-20 14:56:16 +02:00
Preston Holmes
9305c0e12d
Fixed a security issue related to password resets
...
Full disclosure and new release are forthcoming
2012-10-17 14:36:41 -07:00
Aymeric Augustin
9b07b5edeb
Fixed #18916 -- Allowed non-ASCII headers.
...
Thanks Malcolm Tredinnick for the review.
2012-09-07 19:08:57 -04:00
Alex Gaynor
335a9f9cf1
Removed many uses of bare "except:", which were either going to a) silence real issues, or b) were impossible to hit.
2012-09-07 15:08:07 -04:00
Claude Paroz
ae88e73fa6
Replaced some smart_xxx by force_xxx equivalent
...
smart_str/smart_text should only be used when a potential lazy
string should be preserved in the result of the function call.
2012-08-30 15:46:16 +02:00
Claude Paroz
ebc773ada3
Replaced many smart_bytes by force_bytes
...
In all those occurrences, we didn't care about preserving the
lazy status of the strings, but we really wanted to obtain a
real bytestring.
2012-08-29 11:20:32 +02:00
Claude Paroz
44c09de555
Fixed #18678 -- HttpResponse init arguments allowed for subclasses
...
Thanks hp1337@gmail.com for the report.
2012-08-23 10:59:22 +02:00
Claude Paroz
7cfe8e8fce
Fixed #11340 -- Prevented HttpResponseNotModified to have content/content-type
...
The HTTP 1.1 spec tells that the 304 response MUST NOT contain a
message body.
Thanks aparajita for the report.
2012-08-22 20:55:24 +02:00
Claude Paroz
e2b4eddc11
Used the decorator syntax for properties in django.http
2012-08-22 20:55:24 +02:00
Aymeric Augustin
5f2d9cdbb1
[py3] Fixed another regression from 2892cb0ec4
.
2012-08-19 18:24:50 +02:00
Aymeric Augustin
2892cb0ec4
[py3] Fixed regression introduced in 536b030363
.
...
Refs #18764 .
Reverted 536b030363
and switched to a more explicit way of avoiding
calling bytes(<int>).
This definitely deserves a refactoring. Specifically, _get_content
should just return b''.join(self). Unfortunately that's impossible
with the current tests.
2012-08-19 17:56:46 +02:00
Aymeric Augustin
536b030363
[py3] Supported integers in HttpResponse
...
Fixed #18764 .
2012-08-19 16:38:21 +02:00
Claude Paroz
4d393e1bd9
[py3] Fixed HTTP header serialization
2012-08-15 13:39:39 +02:00
Claude Paroz
0120985095
[py3] Fixed file_uploads tests
2012-08-14 23:35:12 +02:00
Claude Paroz
c35501a128
[py3] Fixed HttpResponse when initialized with bytes
2012-08-14 16:15:50 +02:00
Aymeric Augustin
e04230e2e4
[py3] Ported django.http according to PEP 3333.
...
Perfomed some style cleanup while I was in the area.
2012-08-14 10:32:16 +02:00
Claude Paroz
363dbd920e
[py3] Fixed contrib.formtools tests
2012-08-13 21:26:12 +02:00
Claude Paroz
a025b75f6c
[py3] Fixed iterlists usage in QueryDict
2012-08-13 21:25:27 +02:00
Claude Paroz
09c589810d
[py3] Used smart_str to prevent regressions in http handling
2012-08-11 15:29:29 +02:00
Claude Paroz
f10a1b0641
[py3] Fixed Python 3 compatibility of http handling
...
* Using str() when Python 2 expects bytes and Python 3 Unicode
* Fixed reraise-ing syntax
* Fixed slicing of byte strings
2012-08-11 14:47:44 +02:00
Aymeric Augustin
5c09c59bc7
[py3] Renamed `next` to `__next__` in iterators.
...
See PEP 3114. `next` is retained as an alias for Python 2.
2012-08-09 14:36:05 +02:00
Claude Paroz
db729266d6
[py3] Fixed 'iterable but non string' detection
...
In Python 3, the str type has an __iter__ attribute. Therefore, the
presence of an __iter__ attribute is not sufficient to distinguish
'standard' iterables (list, tuple) from strings.
2012-08-08 18:02:25 +02:00
Aymeric Augustin
bf4da7a442
[py3] Made a small fix in django.http.
...
This is necessary for the 'utils' tests to pass.
2012-08-07 12:00:24 +02:00
Aymeric Augustin
c5ef65bcf3
[py3] Ported django.utils.encoding.
...
* Renamed smart_unicode to smart_text (but kept the old name under
Python 2 for backwards compatibility).
* Renamed smart_str to smart_bytes.
* Re-introduced smart_str as an alias for smart_text under Python 3
and smart_bytes under Python 2 (which is backwards compatible).
Thus smart_str always returns a str objects.
* Used the new smart_str in a few places where both Python 2 and 3
want a str.
2012-08-07 12:00:22 +02:00
Claude Paroz
9908201d7f
Replaced some byte strings by str() calls
...
This is a useful trick when Python 2 awaits byte strings and
Python 3 Unicode (regular) strings.
2012-08-03 15:18:13 +02:00
Florian Apolloner
4129201c3e
Fixed a security issue in http redirects. Disclosure and new release forthcoming.
2012-07-30 22:01:50 +02:00
Aymeric Augustin
ca07fda2ef
[py3] Switched to Python 3-compatible imports.
...
xrange/range will be dealt with in a separate commit due to the huge
number of changes.
2012-07-22 09:29:56 +02:00
Aymeric Augustin
0d914d08a0
[py3] Updated urllib/urllib2/urlparse imports.
...
Lots of functions were moved. Use explicit imports in all cases
to keey it easy to identify where the functions come from.
2012-07-22 09:29:55 +02:00
Aymeric Augustin
bdca5ea345
[py3] Replaced unicode/str by six.text_type/bytes.
2012-07-22 09:29:54 +02:00
Aymeric Augustin
d796c94b03
[py3] Used six.reraise wherever necessary.
2012-07-22 09:29:52 +02:00
Claude Paroz
23f94f0741
Fixed #18561 -- Made HttpResponse.tell() support non-ascii chars
2012-07-17 22:00:54 +02:00
Alex Gaynor
8f002867b2
Cleaned up the QueryDict implementation.
...
- Use super().
- Don't poke at internals.
- Don't override methods for no reason.
2012-07-14 14:07:11 -07:00
Claude Paroz
da200c5e35
Fixed #16519 -- Deprecated mimetype kwarg of HttpResponse __init__
...
This keyword was already deprecated in the code (supported for
backwards compatibility only), but never formally deprecated.
Thanks Paul McMillan for the report and yasar11732 for the initial
patch.
2012-06-30 21:27:47 +02:00
Claude Paroz
4a103086d5
Fixed #18269 -- Applied unicode_literals for Python 3 compatibility.
...
Thanks Vinay Sajip for the support of his django3 branch and
Jannis Leidel for the review.
2012-06-07 18:08:47 +02:00
Claude Paroz
38408f8007
Marked bytestrings with b prefix. Refs #18269
...
This is a preparation for unicode literals general usage in
Django (Python 3 compatibility).
2012-05-19 17:43:34 +02:00
Claude Paroz
169b1a404c
Replaced foo.next() by next(foo).
...
This new syntax for next() has been introduced in Python 2.6 and is
compatible with Python 3.
2012-05-10 20:15:49 +02:00
Claude Paroz
d7dfab59ea
Replaced cStringIO.StringIO by io.BytesIO.
...
Also replaced StringIO.StringIO by BytesIO in some other appropriate
places. StringIO is not available in Python 3.
2012-05-05 21:41:44 +02:00
Aymeric Augustin
e84f79f051
Fixed #18042 -- Advanced deprecation warnings.
...
Thanks Ramiro for the patch.
2012-05-03 15:27:01 +02:00
Claude Paroz
3904b74a3f
Fixed #18013 -- Use the new 'as' syntax for exceptions.
...
Thanks Clueless for the initial patch.
Note that unittest has been purposely left out (external package only used by Python 2.6).
2012-04-29 20:57:15 +02:00
Aymeric Augustin
bfbe4dfff7
Removed deprecated CompatCookie.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17843 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-31 12:54:40 +00:00
Claude Paroz
a1ffb02107
Fixed #18029 -- Removed mod_python as of deprecation process. Thanks Aymeric Augustin for the review.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17835 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-31 10:34:11 +00:00
Claude Paroz
23d3459761
Fixed #17965 -- Definitely dropped support for Python 2.5. Thanks jonash for the initial patch and Aymeric Augustin for the review.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17834 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-31 08:24:29 +00:00
Aymeric Augustin
c8e2f7591d
Fixed #17931 -- Accepted aware datetimes to set cookies expiry dates. Thanks jaddison for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17766 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-18 20:58:22 +00:00
Aymeric Augustin
8d71734f15
Fixed #17923 -- Added missing import in the MySQL and Oracle backends. Thanks aldaran for the report. Also removed two duplicate imports.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17758 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-17 09:11:24 +00:00
Carl Meyer
0ce6636102
Fixed #17277 - Wrap IOErrors raised due to client disconnect in a specific IOError subclass so they can be distinguished from more serious errors. Thanks David Lowe.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17493 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-02-10 22:51:07 +00:00
Adrian Holovaty
bfb4ed1425
Negligible spacing fixes to comments in django/http/__init__.py
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17221 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-17 02:40:35 +00:00
Adrian Holovaty
81bf5e3950
Fixed comma splice in DeprecationWarning for CompatCookie
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17220 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-17 02:37:26 +00:00
Adrian Holovaty
3f003a3c4b
Fixed #17323 -- Renamed HttpRequest.raw_post_data to request.body. Thanks for the patch, dstufft
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17210 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-16 23:40:32 +00:00
Adrian Holovaty
61f0aff811
Fixed #14597 -- Added a SECURE_PROXY_SSL_HEADER setting for cases when you're behind a proxy that 'swallows' the fact that a request is HTTPS
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17209 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-16 22:06:06 +00:00
Luke Plant
a935d436e9
Fixed #15863 - SimpleCookies are not correctly serialized with the file or database cache backends
...
Thanks to rakuco for the report and for the tests.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17200 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-11 21:04:56 +00:00
Aymeric Augustin
affca1369c
Fixed #16632 -- Crash on responses without Content-Type with IE. Thanks juan for the report and kenth for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17196 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-11 08:58:14 +00:00
Alex Gaynor
396fcaaef9
Remove all relative imports. We have always been at war with relative imports.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17009 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-18 00:47:49 +00:00
Paul McMillan
2fa433ed55
Slight cleanup to r16829, thanks Alex Gaynor for the note.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16830 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-14 23:58:12 +00:00
Paul McMillan
50255e3305
Fixed #16494 by normalizing HttpResponse behavior with non-string input. HttpResponse now always converts content to string on output, regardless of input type.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16829 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-14 23:27:35 +00:00
Russell Keith-Magee
893cea211a
Added protection against spoofing of X_FORWARDED_HOST headers. A security announcement will be made shortly.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16758 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-10 00:46:38 +00:00
Jannis Leidel
fb590bfa9b
Replaced `has_key()` calls with `in` to ease Python 3 port. Thanks, Martin von Löwis.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16740 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-09 19:33:40 +00:00
Jannis Leidel
bce890ace4
Fixed #16584 -- Fixed a bunch of typos in code comments. Thanks, Bernhard Essl.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16598 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-12 14:14:15 +00:00
Luke Plant
6d029359e9
Fixed bug with our SimpleCookie regarding load/custom Morsel, and simplified implementation
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16526 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-08 12:07:54 +00:00
Luke Plant
89e0e8b6bc
Fixed our SimpleCookie overriding and use to be compatible with a (potential) stdlib SimpleCookie that fixes http://bugs.python.org/issue2193
...
The previous code tested the stdlib in a way that would always fail. It then
used an overridden SimpleCookie.load method that wouldn't work for the
stdlib. And it did some completely unnecessary monkey patching.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16485 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-29 15:12:48 +00:00
Jannis Leidel
a6cd78662e
Fixed #15785 -- Stopped HttpRequest.read() from reading beyond the end of a wsgi.input stream and removed some redundant code in the multipartparser. Thanks, tomchristie, grahamd and isagalaev.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16479 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-28 10:17:56 +00:00
Ramiro Morales
c159374a33
Fixed #15852 -- Modified cookie parsing so it can handle duplicate invalid cookie names. Thanks goes to Fredrik Stålnacke for the report and to vung for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16452 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-25 16:18:40 +00:00
Jannis Leidel
dfa29161e2
Fixed #14020 -- Made the `HttpResponse` class slightly more behave like a dictionary, allowing the alternative argument to be unset. Serious thanks to schmichael and moopet.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16417 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-16 16:34:46 +00:00
Russell Keith-Magee
9e952be26f
Fixed #16201 -- Ensure that requests with Content-Length=0 don't break the multipart parser. Thanks to albsen for the report and patch
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16353 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-10 08:39:38 +00:00
Luke Plant
db2f9bfae1
Fixed #16178 - Cleanup request classes' `__repr__()`
...
Thanks to julien for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16350 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-09 23:15:42 +00:00
Ramiro Morales
dff31de20a
Fixed #16155 -- Removed Python 2.4 compatibility constructs from code and mentions from docs. Thanks Aymeric Augustin for the report and patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16349 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-09 20:01:28 +00:00
Jannis Leidel
f60d428463
Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-21 14:41:14 +00:00
Jannis Leidel
eb24b54634
Fixed #15496 -- Corrected handling of base64 file upload encoding. Thanks, gene and Claude Paroz.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16176 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-07 16:59:16 +00:00
Russell Keith-Magee
1d4390b26b
Advanced deprecation on CompatCookie.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15984 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-02 08:40:38 +00:00
Luke Plant
8bb46d8b7c
Fixed #15679 - regression in HttpRequest.POST and raw_post_data access.
...
Thanks to vkryachko for the report.
This also fixes a slight inconsistency with raw_post_data after parsing of a
multipart request, and adds a test for that. (Previously accessing
raw_post_data would have returned the empty string rather than raising an
Exception).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15938 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-28 16:11:40 +00:00
Adrian Holovaty
13864703bc
Removed a bunch more Python 2.4 workarounds now that we don't support that version. Refs #15702 -- thanks to jonash for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15927 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-28 02:11:19 +00:00
Adrian Holovaty
8121aa60fd
Fixed #15642 -- Removed redundant imports in http/__init__.py. Thanks, jammon
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15916 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-26 03:13:22 +00:00
Alex Gaynor
6ffe1d1e1f
Removed some dead code, and old/bad constructs from the HttpResponse classes.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15781 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-09 04:09:47 +00:00
Jannis Leidel
f6c991667f
Fixed #4992 -- Respect the GET request query string when creating cache keys. Thanks PeterKz and guettli for the initial patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15705 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-02 12:47:36 +00:00
Ramiro Morales
f6aa469b1d
Fixed #13007 -- Made cookie parsing resilent to the presence of cookies with invalid characters in their names. Thanks Warlax for the report, Ubercore for his work on a fix and Jannis and Luke for review and guidance.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15523 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-13 02:24:05 +00:00
Russell Keith-Magee
1f5309a99e
Fixed #15046 -- Added "CHROMEFRAME" as a user agent alias for various MSIE fixes. Thanks to chrj for the report and patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15340 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-27 03:13:39 +00:00
Luke Plant
42c31f6bf0
Rationalised CompatCookie/SimpleCookie into single SimpleCookie class with all fixes.
...
Since upstream Python has fixed the encoding bug (see
http://bugs.python.org/issue9824 ), we don't want a separate class for this
bug fix, or several layers for the different fixes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15298 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-24 20:35:46 +00:00