Alex Gaynor
c347f78cc1
Fixed all E226 violations
2013-11-03 10:08:55 -08:00
Milton Mazzarri
cbc7cbbc5b
Fixed flake8 E251 violations
2013-11-03 03:22:11 -06:00
Alex Gaynor
fe995e6cbd
Fixed the remaining E302 violations int eh django package
2013-11-02 17:37:15 -07:00
coagulant
3bc0d46a84
Fixed all E261 warnings
2013-11-02 18:20:39 -04:00
Alex Gaynor
7548aa8ffd
More attacking E302 violators
2013-11-02 13:12:09 -07:00
Tim Graham
36ded01527
Fixed #21302 -- Fixed unused imports and import *.
2013-11-02 15:24:56 -04:00
Alex Gaynor
f2d8027c9a
Fixed up some more flake8 violations (this particular violation still has many occurrences in the tests/ dir so it can't be removed from setup.cfg yet)
2013-10-26 10:50:40 -07:00
Claude Paroz
c052699be3
Fixed #20338 -- Stripped ending dot during host validation
...
Thanks manfre for the report and Timo Graham for the review.
2013-10-24 21:24:04 +02:00
Alasdair Nicol
b289fcf1bf
Fixed #21288 -- Fixed E126 pep8 warnings
2013-10-21 08:31:30 -04:00
Alasdair Nicol
a800036981
Fixed #21287 -- Fixed E123 pep8 warnings
2013-10-18 10:07:39 +01:00
Claude Paroz
a14f087233
Fixed #21282 -- Made HttpResponse.serialize_headers accept latin-1
...
Thanks Raphaël Barrois for the report and the initial patch and
Aymeric Augustin for the review.
2013-10-17 18:14:35 +02:00
Unai Zalakain
c7634cd7fe
Fixed #7603 -- Added a 'scheme' property to the HttpRequest object
...
`HttpRequest.scheme` is `https` if `settings.SECURE_PROXY_SSL_HEADER` is
appropriately set and falls back to `HttpRequest._get_scheme()` (a hook
for subclasses to implement) otherwise.
`WSGIRequest._get_scheme()` makes use of the `wsgi.url_scheme` WSGI
environ variable to determine the request scheme.
`HttpRequest.is_secure()` simply checks if `HttpRequest.scheme` is
`https`.
This provides a way to check the current scheme in templates, for example.
It also allows us to deal with other schemes.
Thanks nslater for the suggestion.
2013-10-15 09:04:12 -04:00
Tim Graham
58d555caf5
Fixed #16822 -- Added RawPostDataException
...
Thanks jaylett for the patch.
2013-10-08 08:05:39 -04:00
Baptiste Mispelon
20472aa827
Fixed #21189 : Cleaned up usage of bare except clauses.
...
Thanks to berkerpeksag for the report and to claudep
for the review.
2013-10-05 11:50:03 +02:00
e0ne
f2a4452882
Fixed #18403 -- Initialized bad_cookies in SimpleCookie
...
Thanks Stefano Crosta for the report.
2013-09-10 08:26:54 -04:00
Daniel Boeve
6dca603abb
Fixed #20889 -- Prevented email.Header from inserting newlines
...
Passed large maxlinelen to email.Header to prevent newlines from being
inserted into value returned by _convert_to_charset
Thanks mjl at laubach.at for the report.
2013-09-09 08:47:41 -04:00
Aymeric Augustin
365c3e8b73
Replaced "not PY3" by "PY2", new in six 1.4.0.
2013-09-02 12:11:02 +02:00
Claude Paroz
f4e9804567
Fixed #20961 -- Fixed HttpResponse default empty content
...
Thanks epandurski at gmail.com for the report.
2013-08-24 18:10:12 +02:00
Will Hardy
1c3c21b38d
Fixed #19987 -- Disabled host validation when DEBUG=True.
...
The documentation promises that host validation is disabled when
DEBUG=True, that all hostnames are accepted. Domains not compliant with
RFC 1034/1035 were however being validated, this validation has now been
removed when DEBUG=True.
Additionally, when DEBUG=False a more detailed SuspiciousOperation
exception message is provided when host validation fails because the
hostname is not RFC 1034/1035 compliant.
2013-07-31 10:38:59 -04:00
Baptiste Mispelon
3c45fb8589
Fixed #10491 -- Allowed passing lazy objects to HttpResponseRedirect.
...
Thanks liangent for the report.
2013-07-30 13:39:44 -04:00
Claude Paroz
5c1143910e
Removed most of absolute_import imports
...
Should be unneeded with Python 2.7 and up.
Added some unicode_literals along the way.
2013-07-29 20:28:13 +02:00
Benjamin Kagia
b0953dc913
Fixed #13721 -- Added UploadedFile.content_type_extra.
...
Thanks Waldemar Kornewald and mvschaik for work on the patch.
2013-07-11 09:11:59 -04:00
Aymeric Augustin
8b9b8d3bda
Removed compatibility code for streaming responses.
...
This code provided a deprecation path for old-style streaming responses.
Refs #6527 , #7581 .
2013-06-29 18:49:36 +02:00
Ramiro Morales
8eadbc5a03
Removed 'mimetype' arguments from a few places, as per deprecation TL.
...
This includes HttpResponse and co. __init__() methods,
django.shortcuts.render_to_response() and the index(), sitemap() sitemap
app views.
2013-06-28 21:48:16 -03:00
Loic Bistuer
48ce167d89
Fixed missing initializations in WSGIRequest. Refs #20619
2013-06-26 14:36:25 +07:00
CHI Cheng
659d090025
Fixed #20598 -- Add new HTTP status codes defined in rfc6585
...
428, 429, 431 and 511
2013-06-14 23:22:52 +10:00
Claude Paroz
de66b56790
Fixed #18481 -- Wrapped request.FILES read error in UnreadablePostError
...
Thanks KyleMac for the report, André Cruz for the initial patch and
Hiroki Kiyohara for the tests.
2013-06-01 10:26:46 +02:00
Preston Holmes
d228c1192e
Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation.
...
SuspiciousOperations have been differentiated into subclasses, and
are now logged to a 'django.security.*' logger. SuspiciousOperations
that reach django.core.handlers.base.BaseHandler will now return a 400
instead of a 500.
Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft
for review.
2013-05-25 16:27:34 -07:00
Łukasz Langa
0594fed9ff
Fixed #20472 : response.content should be bytes on both Python 2 and 3
2013-05-21 01:28:16 +02:00
Aymeric Augustin
cb86f707a0
Fixed #12747 -- Made reason phrases customizable.
2013-05-19 13:14:54 +02:00
Eric Urban
c278e56baf
Corrected documentation on the constructor arguments of MultiPartParser
2013-05-17 19:49:33 -04:00
Aymeric Augustin
9c487b5974
Replaced an antiquated pattern.
...
Thanks Lennart Regebro for pointing it out.
2013-05-17 18:08:58 +02:00
Baptiste Mispelon
c250f9c99b
Fixed #20038 -- Better error message for host validation.
2013-04-03 14:27:20 -06:00
konarkmodi
bc4111ba68
Fixed #18003 -- Preserved tracebacks when re-raising errors.
...
Thanks jrothenbuhler for draft patch, Konark Modi for updates.
2013-03-19 15:42:39 -07:00
Aymeric Augustin
ce76fbfc5a
Fixed #20019 -- Ensured HttpRequest.resolver_match always exists.
...
Obviously it isn't set until the URL is resolved.
2013-03-10 23:28:19 +01:00
Carl Meyer
d51fb74360
Added a new required ALLOWED_HOSTS setting for HTTP host header validation.
...
This is a security fix; disclosure and advisory coming shortly.
2013-02-19 11:23:29 -07:00
Hiroki Kiyohara
e94f405d94
Fixed #18558 -- Added url property to HttpResponseRedirect*
...
Thanks coolRR for the report.
2013-02-13 10:29:32 +01:00
Matt Robenolt
222a956ecc
Kill mx.TextTools with fire
2013-01-15 10:15:40 -08:00
Claude Paroz
f08e739bc2
Fixed #19585 -- Fixed loading cookie value as a dict
...
This regression was introduced by the 'unicode_literals' patch.
2013-01-11 21:09:33 +01:00
Aymeric Augustin
acc5396e6d
Fixed #19519 -- Fired request_finished in the WSGI iterable's close().
2012-12-31 12:47:34 +01:00
Aymeric Augustin
ef017a5f00
Advanced pending deprecation warnings.
...
Also added stacklevel argument, fixed #18127 .
2012-12-29 21:59:07 +01:00
Aymeric Augustin
4a6490a4a0
Removed HttpRequest.raw_post_data.
2012-12-29 21:59:07 +01:00
Florian Apolloner
27560924ec
Fixed a security issue in get_host.
...
Full disclosure and new release forthcoming.
2012-12-10 22:11:40 +01:00
Claude Paroz
2a67374b51
Fixed #19036 -- Fixed base64 uploads decoding
...
Thanks anthony at adsorbtion.org for the report, and johannesl for
bringing the patch up-to-date.
2012-11-17 17:25:21 +01:00
Aymeric Augustin
fc10418fba
Fixed #18963 -- Used a subclass-friendly pattern
...
for Python 2 object model compatibility methods.
2012-11-03 22:07:35 +01:00
Aymeric Augustin
095eca8dd8
Fixed #19101 -- Decoding of non-ASCII POST data on Python 3.
...
Thanks Claude Paroz.
2012-11-03 13:03:15 +01:00
Aymeric Augustin
da56e1bac6
Fixed #18796 -- Refactored conversion to bytes in HttpResponse
...
Thanks mrmachine for the review.
2012-10-25 08:49:51 +02:00
Aymeric Augustin
82b3e6ffcb
Fixed #13222 -- Made HttpResponse iterable once
...
response.content can be accessed many times as desired, and always
returns the same result.
iter(response) works only once and consumes the iterator.
2012-10-24 17:19:56 +02:00
Aymeric Augustin
495a8b8107
Fixed #6527 -- Provided repeatable content access
...
in HttpResponses instantiated with iterators.
2012-10-24 17:08:37 +02:00
Aymeric Augustin
ea57112d53
Reverted 6a64822bf4
.
...
This commit caused every test that does two or more assertContains to
fail, because of #6527 . It also made HttpResponse non-pickleable.
Refs #13222 .
2012-10-23 00:11:17 +02:00