Commit Graph

124 Commits

Author SHA1 Message Date
Illia Volochii 5a468b4c08 Fixed #32859 -- Simplified compress_string() by using gzip.compress(). 2021-06-21 13:19:11 +02:00
Florian Apolloner 0b79eb3691 Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads. 2021-05-04 08:44:42 +02:00
Nick Pope 6efc35b4fe
Optimized django.utils.text.capfirst().
Unconditionally coercing to str type twice is expensive.
2021-03-23 10:45:58 +01:00
Mariusz Felisiak 157ab32f34 Refs #27753 -- Removed django.utils.text.unescape_entities() per deprecation timeline. 2021-01-14 17:50:04 +01:00
David Smith 0382ecfe02 Fixed #28694 -- Made django.utils.text.slugify() strip dashes and underscores. 2020-05-29 06:47:51 +02:00
David Smith 3111b434e7 Corrected slugify()'s docstring. 2020-05-29 06:42:03 +02:00
Jon Dufresne d6aff369ad Refs #30116 -- Simplified regex match group access with Match.__getitem__().
The method has been available since Python 3.6. The shorter syntax is
also marginally faster.
2020-05-11 12:01:28 +02:00
Sjbrgsn b2bd08bb7a Fixed #30892 -- Fixed slugify() and admin's URLify.js for "İ".
Thanks Luis Nell for the implementation idea and very detailed report.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-12-30 20:47:22 +01:00
Hasan Ramezani e3d0b4d550 Fixed #30899 -- Lazily compiled import time regular expressions. 2019-10-29 09:22:26 +01:00
Jon Dufresne e8d0d2a5ef Removed unneeded ValueError catching in django.utils.text._replace_entity().
The html.entities.name2codepoint dict contains only valid Unicode
codepoints. Either the key exists and chr() will succeed or the key does
not exist.
2019-08-01 14:30:20 +02:00
Florian Apolloner 7f65974f82 Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML.
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Jon Dufresne b915b9f10f Refs #27753 -- Deprecated django.utils.text.unescape_entities().
The function was undocumented and only required for compatibility with
Python 2.

Code should use Python's html.unescape() that was added in Python 3.4.
2019-05-08 08:00:59 +02:00
Sergey Fedoseev 277017aea4 Simplified utils.text.StreamingBuffer. 2018-10-04 08:28:03 -04:00
Jon Dufresne 8c3e0eb1c1 Normalized spelling of "lowercase" and "lowercased". 2018-09-25 10:30:18 -04:00
Claude Paroz 201017df30 Fixed #29654 -- Made text truncation an ellipsis character instead of three dots.
Thanks Sudhanshu Mishra for the initial patch and Tim Graham for the review.
2018-08-21 17:46:45 +02:00
Claude Paroz b004bd62e8 Fixed #29412 -- Stopped marking slugify() result as HTML safe. 2018-07-20 10:44:30 -04:00
Tim Graham 97b7dd59bb Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.
Thanks James Davis for suggesting the fix.
2018-03-06 08:30:40 -05:00
Дилян Палаузов d2afa5eb23 Fixed #28860 -- Removed unnecessary len() calls. 2017-12-04 10:35:23 -05:00
Claude Paroz 301de774c2 Refs #27795 -- Replaced many force_text() with str()
Thanks Tim Graham for the review.
2017-04-27 09:10:02 +02:00
Jon Dufresne b906c3db63 Removed duplicate lines in slugify(). 2017-04-10 08:12:37 -04:00
Claude Paroz 8346680e1c Refs #27795 -- Removed unneeded force_text calls
Thanks Tim Graham for the review.
2017-03-04 18:18:21 +01:00
Anton Samarchyan 9718fa2e8a Refs #27656 -- Updated django.utils docstring verbs according to PEP 257. 2017-02-11 16:11:08 -05:00
Claude Paroz c651331b34 Converted usage of ugettext* functions to their gettext* aliases
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
Vytis Banaitis d1bab24e01 Refs #23919, #27778 -- Removed obsolete mentions of unicode. 2017-01-26 08:19:27 -05:00
chillaranand d6eaf7c018 Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-25 12:23:46 -05:00
Mariusz Felisiak c22212220a Refs #23919 -- Removed re.U and re.UNICODE (default on Python 3). 2017-01-21 14:28:16 -05:00
Simon Charette cecc079168 Refs #23919 -- Stopped inheriting from object to define new style classes. 2017-01-19 08:39:46 +01:00
Claude Paroz 2b281cc35e Refs #23919 -- Removed most of remaining six usage
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
Claude Paroz 7b2f2e74ad Refs #23919 -- Removed six.<various>_types usage
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
Claude Paroz c716fe8782 Refs #23919 -- Removed six.PY2/PY3 usage
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz d7b9aaa366 Refs #23919 -- Removed encoding preambles and future imports 2017-01-18 09:55:19 +01:00
Ramin Farajpour Cami 967be82443 Fixed E305 flake8 warnings. 2016-11-14 12:30:46 -05:00
Tim Graham 6072de727f Decorated a few functions. 2016-11-14 12:20:44 -05:00
Kevin Christopher Henry 9108696a75 Refs #19705 -- Changed gzip modification times to 0.
This makes gzip output deterministic, which allows
ConditionalGetMiddleware to reliably compare ETags on gzipped
content (views using the gzip_page() decorator in particular).
2016-10-14 07:41:42 -04:00
Tim Graham 8119b679eb Refs #27025 -- Fixed "invalid escape sequence" warnings in Python 3.6.
http://bugs.python.org/issue27364
2016-09-17 15:44:06 -04:00
Mattias Loverot 9aaeec337e Fixed #26866 -- Added format_lazy function
Added format_lazy function to django.utils.text module.
Useful when dealing with relative complex lazy string concatenations
(e.g. in urls.py when translating urls in regular expressions).
2016-08-24 18:18:17 +02:00
Ville Skyttä a2fb2b3a1f Fixed #27020 -- Used a context manager to close files. 2016-08-04 19:45:14 -04:00
Tim Graham df8d8d4292 Fixed E128 flake8 warnings in django/. 2016-04-08 09:51:06 -04:00
userimack 60586dd737 Fixed #26125 -- Fixed E731 flake warnings. 2016-01-25 14:23:43 -05:00
Iacopo Spalletti d693074d43 Fixed #20223 -- Added keep_lazy() as a replacement for allow_lazy().
Thanks to bmispelon and uruz for the initial patch.
2015-12-12 14:46:48 -05:00
Edward Henderson f8cc464452 Fixed #16501 -- Added an allow_unicode parameter to SlugField.
Thanks Flavio Curella and Berker Peksag for the initial patch.
2015-07-17 13:48:58 -04:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Matthew Somerville caa3562d5b Fixed #24242 -- Improved efficiency of utils.text.compress_sequence()
The function no longer flushes zfile after each write as doing so can
lead to the gzipped streamed content being larger than the original
content; each flush adds a 5/6 byte type 0 block. Removing this means
buf.read() may return nothing, so only yield if that has some data.
Testing shows without the flush() the buffer is being flushed every 17k
or so and compresses the same as if it had been done as a whole string.
2015-02-04 13:04:00 -05:00
Tim Graham df3f3bbe29 Removed utils.text.javascript_quote() per deprecation timeline; refs #21725. 2015-01-17 12:41:49 -05:00
David Hoffman 03467368db Fixed #23558 -- documented slugify limitations 2014-10-30 09:02:04 -04:00
Jon Dufresne 54e695331b Fixed #20221 -- Allowed some functions that use mark_safe() to result in SafeText.
Thanks Baptiste Mispelon for the report.
2014-10-20 17:08:29 -04:00
Markus Amalthea Magnuson acb20016c0 Fixed #6668 -- Optimized utils.text wrap function
This fixes a failing test after applying an optimization of the
utils.text.wrap function by user SmileyChris.
2014-05-17 20:42:58 +02:00
Claude Paroz 210d0489c5 Fixed #21188 -- Introduced subclasses for to-be-removed-in-django-XX warnings
Thanks Anssi Kääriäinen for the idea and Simon Charette for the
review.
2014-03-08 09:57:40 +01:00
Baptiste Mispelon 926e18d7d1 Deprecated django.utils.text.javascript_quote.
Refs #21725.
2014-02-22 13:50:12 +01:00
MattBlack85 1c1dffca75 Fixed #21725 -- Fixed JavaScript quoting encoding.
Thanks to nedbatchelder for the report.
2014-02-15 19:39:21 +01:00