16411b8400
Fixed #26013 -- Moved django.core.urlresolvers to django.urls.
...
Thanks to Tim Graham for the review.
2015-12-31 14:21:29 -05:00
8092745593
Fixed #25779 -- Removed redundant try block in WSGIHandler
2015-11-20 16:12:17 +02:00
0a2d3b7387
Fixed #25682 -- Removed bare except clauses.
2015-11-17 14:39:15 -05:00
ea2f48ce8b
Refs #17133 -- Optimized script_url handling in get_script_name
...
10ace52a
2015-10-27 14:29:18 +01:00
10ace52a41
Fixed #17133 -- Properly handled successive slashes in incoming requests
...
Thanks gjanee@ucop.edu for the report and Tim Graham for the review.
2015-10-23 22:18:18 +02:00
37ea3cb03e
Fixed "URLconf" spelling in code comments.
2015-10-22 14:46:42 -04:00
f5d5867a4a
Fixed #24877 -- Added middleware handling of response.render() errors.
2015-07-03 12:06:40 -04:00
aaacaeb096
Renamed RemovedInDjangoXYWarnings for new roadmap.
...
Forwardport of ae1d663b79
2015-06-24 16:08:20 -04:00
738c0de300
Fixed #14200 -- Added a fallback if HttpRequest.urlconf is None.
...
Made BaseHandler fall back to settings.ROOT_URLCONF if
HttpRequest.urlconf is set to None, rather than raising
ImproperlyConfigured.
2015-06-20 18:52:33 -04:00
2f615b10e6
Fixed #24829 -- Allowed use of TemplateResponse in view error handlers.
2015-06-17 17:11:50 -04:00
70779d9c1c
Fixed #24733 -- Passed the triggering exception to 40x error handlers
...
Thanks Tim Graham for the review.
2015-05-11 22:02:14 +02:00
69125ce904
Extended variable name in handlers/base.py
...
Refs #24733 .
2015-05-05 10:58:27 +02:00
a0c2eb46dd
Fixed #23960 -- Removed http.fix_location_header
...
Thanks Carl Meyer for the report and Tim Graham for the review.
2015-03-18 18:22:50 +01:00
336512fae7
Fixed #23173 -- Fixed incorrect stripping of SCRIPT_URL
2015-03-08 15:48:27 +01:00
0ed7d15563
Sorted imports with isort; refs #23860 .
2015-02-06 08:16:28 -05:00
24b2bc635e
Fixed #24137 -- Switched to HTTP reason phrases from Python stdlib.
2015-01-28 06:59:40 -05:00
75f107b884
Removed request.REQUEST per deprecation timeline; refs #18659 .
2015-01-17 08:05:18 -05:00
3d2cae0896
Fixed #24072 -- Added FileResponse for streaming binary files.
2015-01-05 10:51:52 -05:00
093e6c68b9
Fixed #14664 -- Logged a warning if MiddlewareNotUsed is raised in DEBUG mode.
2014-11-27 07:55:07 -05:00
b38637d581
Fixed #23887 -- Returned Bad Request for multipart parsing fails
...
Thanks Antti Häyrynen and Tim Graham for the report, and Aymeric
Augustin for the review.
2014-11-22 14:23:37 +01:00
10b17a22be
Fixed #19508 -- Implemented uri_to_iri as per RFC.
...
Thanks Loic Bistuer for helping in shaping the patch and Claude Paroz
for the review.
2014-10-16 02:31:17 +07:00
59d487e7fc
Fixed #23638 -- Prevented crash while parsing invalid cookie content
...
Thanks Philip Gatt for the report and Tim Graham for the review.
2014-10-13 17:37:58 +02:00
1101467ce0
Limited lines to 119 characters in django/
...
refs #23395 .
2014-09-05 09:22:16 -04:00
eb2af16c59
Fixed #21483 -- Added WSGI environ to kwargs sent to request_started signal.
2014-08-29 10:12:03 -04:00
dbbcfca476
Fixed #21668 -- Return detailed error page when SuspiciousOperation is raised and DEBUG=True
...
Thanks GDorn and gox21 for report.
Thanks Tim Graham for idea and review.
2014-06-24 08:55:36 -04:00
7f76251fb7
Refactored common code in handlers/base.py and urlresolvers.py
2014-06-23 15:27:25 -04:00
e2efc8965e
Fixed #22680 -- I/O operation on closed file.
...
This patch is two-fold; first it ensure that Django does close everything in
request.FILES at the end of the request and secondly the storage system should
no longer close any files during save, it's up to the caller to handle that --
or let Django close the files at the end of the request.
2014-06-11 08:57:30 +02:00
47a9347b98
Fixed #6992 -- Improved error when middleware omits HttpResponse.
...
Thanks guettli for the report.
2014-06-07 19:48:45 +02:00
11284a63d4
Fixed #18314 -- Corrected request.build_absolute_uri() handling of paths starting with //
...
``HttpRequest.build_absolute_uri()`` now correctly handles paths starting with ``//``.
``WSGIRequest`` now doesn't remove all the leading slashes either,
because ``http://test/server `` and http://test//server `` aren't the same thing
(RFC2396).
Thanks to SmileyChris for the initial patch.
2014-06-07 08:59:02 -04:00
3800f63721
Dropped fix_IE_for_vary/attach.
...
This is a security fix. Disclosure following shortly.
2014-05-14 10:19:48 +02:00
210d0489c5
Fixed #21188 -- Introduced subclasses for to-be-removed-in-django-XX warnings
...
Thanks Anssi Kääriäinen for the idea and Simon Charette for the
review.
2014-03-08 09:57:40 +01:00
0d91225892
Fixed many typos in comments and docstrings.
...
Thanks Piotr Kasprzyk for help with the patch.
2014-03-03 07:38:09 -05:00
1150053b99
Fixed #21912 -- Improved error message if a view returns None.
...
Thanks brycenesbitt for the report.
2014-02-15 11:18:16 -05:00
f43e895b15
Replace _parse_content_type with cgi.parse_header
2014-02-09 10:01:16 +11:00
5d263dee30
Fixed #21674 -- Deprecated the import_by_path() function in favor of import_string().
...
Thanks Aymeric Augustin for the suggestion and review.
2014-02-08 11:12:19 -05:00
d7a4b156d9
Use cached_property for request.GET and request.COOKIES
2013-12-24 21:57:57 +11:00
e6dd70b4db
Fixed #21383 -- Added request details in SuspiciousOperation messages
2013-11-09 12:11:58 +01:00
3bc0d46a84
Fixed all E261 warnings
2013-11-02 18:20:39 -04:00
36ded01527
Fixed #21302 -- Fixed unused imports and import *.
2013-11-02 15:24:56 -04:00
b289fcf1bf
Fixed #21288 -- Fixed E126 pep8 warnings
2013-10-21 08:31:30 -04:00
bab9123daa
Fixed #21268 -- Fixed E303 pep8 warnings
2013-10-18 01:46:24 +01:00
2fb5a51fa3
Fixed #18659 -- Deprecated request.REQUEST and MergeDict
...
Thanks Aymeric Augustin for the suggestion.
2013-10-17 09:42:28 -04:00
c7634cd7fe
Fixed #7603 -- Added a 'scheme' property to the HttpRequest object
...
`HttpRequest.scheme` is `https` if `settings.SECURE_PROXY_SSL_HEADER` is
appropriately set and falls back to `HttpRequest._get_scheme()` (a hook
for subclasses to implement) otherwise.
`WSGIRequest._get_scheme()` makes use of the `wsgi.url_scheme` WSGI
environ variable to determine the request scheme.
`HttpRequest.is_secure()` simply checks if `HttpRequest.scheme` is
`https`.
This provides a way to check the current scheme in templates, for example.
It also allows us to deal with other schemes.
Thanks nslater for the suggestion.
2013-10-15 09:04:12 -04:00
8aaca651cf
Fixed #20557 -- Properly decoded non-ASCII cookies on Python 3.
...
Thanks mitsuhiko for the report.
Non-ASCII values are supported. Non-ASCII keys still aren't, because the
current parser mangles them. That's another bug.
2013-09-07 10:25:43 -05:00
ae7f9afaf6
Minor cleanup in the WSGI handler.
2013-09-07 10:25:16 -05:00
4e88d106dc
Refactored the unmangling of the WSGI environ.
2013-09-07 10:03:50 -05:00
636860fbfb
Moved two WSGI-specific functions to the WSGI handler.
...
They were defined in base when the mod_python handler used them. See bfcecbff
2013-09-07 10:03:49 -05:00
3e0eb2d788
Fixed a number of lint warnings, particularly around unused variables.
2013-08-04 09:17:10 -07:00
48ce167d89
Fixed missing initializations in WSGIRequest. Refs #20619
2013-06-26 14:36:25 +07:00
d228c1192e
Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation.
...
SuspiciousOperations have been differentiated into subclasses, and
are now logged to a 'django.security.*' logger. SuspiciousOperations
that reach django.core.handlers.base.BaseHandler will now return a 400
instead of a 500.
Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft
for review.
2013-05-25 16:27:34 -07:00
Marten Kenbeek
Attila Tovt
Claude Paroz
Tim Graham
Sylvain Fankhauser
ana-balica
Bas Peschier
Jon Dufresne
Collin Anderson
Berker Peksag
Anubhav Joshi
Joshua "jag" Ginsberg
Florian Apolloner
Aymeric Augustin
Unai Zalakain
Rodolfo Carvalho
Aaron France
Curtis
coagulant
Alasdair Nicol
Alasdair Nicol
Bouke Haarsma
Alex Gaynor
Loic Bistuer
Preston Holmes