Commit Graph

260 Commits

Author SHA1 Message Date
Alex Gaynor b4066d7d21 Cleaned up the the http module. Moved all of the code from __init__.py to request.py, response.py and utils.py 2012-10-21 11:12:59 -07:00
Aymeric Augustin 4b27813198 Fixed #7581 -- Added streaming responses.
Thanks mrmachine and everyone else involved on this long-standing ticket.
2012-10-20 20:05:11 +02:00
Claude Paroz dfd4a71751 Fixed #5611 -- Restricted accepted content types in parsing POST data
Thanks paulegan for the report and Preston Holmes for the review.
2012-10-20 14:56:16 +02:00
Preston Holmes 9305c0e12d Fixed a security issue related to password resets
Full disclosure and new release are forthcoming
2012-10-17 14:36:41 -07:00
Aymeric Augustin 9b07b5edeb Fixed #18916 -- Allowed non-ASCII headers.
Thanks Malcolm Tredinnick for the review.
2012-09-07 19:08:57 -04:00
Alex Gaynor 335a9f9cf1 Removed many uses of bare "except:", which were either going to a) silence real issues, or b) were impossible to hit. 2012-09-07 15:08:07 -04:00
Claude Paroz ae88e73fa6 Replaced some smart_xxx by force_xxx equivalent
smart_str/smart_text should only be used when a potential lazy
string should be preserved in the result of the function call.
2012-08-30 15:46:16 +02:00
Claude Paroz ebc773ada3 Replaced many smart_bytes by force_bytes
In all those occurrences, we didn't care about preserving the
lazy status of the strings, but we really wanted to obtain a
real bytestring.
2012-08-29 11:20:32 +02:00
Claude Paroz 44c09de555 Fixed #18678 -- HttpResponse init arguments allowed for subclasses
Thanks hp1337@gmail.com for the report.
2012-08-23 10:59:22 +02:00
Claude Paroz 7cfe8e8fce Fixed #11340 -- Prevented HttpResponseNotModified to have content/content-type
The HTTP 1.1 spec tells that the 304 response MUST NOT contain a
message body.
Thanks aparajita for the report.
2012-08-22 20:55:24 +02:00
Claude Paroz e2b4eddc11 Used the decorator syntax for properties in django.http 2012-08-22 20:55:24 +02:00
Aymeric Augustin 5f2d9cdbb1 [py3] Fixed another regression from 2892cb0ec4. 2012-08-19 18:24:50 +02:00
Aymeric Augustin 2892cb0ec4 [py3] Fixed regression introduced in 536b030363.
Refs #18764.

Reverted 536b030363 and switched to a more explicit way of avoiding
calling bytes(<int>).

This definitely deserves a refactoring. Specifically, _get_content
should just return b''.join(self). Unfortunately that's impossible
with the current tests.
2012-08-19 17:56:46 +02:00
Aymeric Augustin 536b030363 [py3] Supported integers in HttpResponse
Fixed #18764.
2012-08-19 16:38:21 +02:00
Claude Paroz 4d393e1bd9 [py3] Fixed HTTP header serialization 2012-08-15 13:39:39 +02:00
Claude Paroz 0120985095 [py3] Fixed file_uploads tests 2012-08-14 23:35:12 +02:00
Claude Paroz c35501a128 [py3] Fixed HttpResponse when initialized with bytes 2012-08-14 16:15:50 +02:00
Aymeric Augustin e04230e2e4 [py3] Ported django.http according to PEP 3333.
Perfomed some style cleanup while I was in the area.
2012-08-14 10:32:16 +02:00
Claude Paroz 363dbd920e [py3] Fixed contrib.formtools tests 2012-08-13 21:26:12 +02:00
Claude Paroz a025b75f6c [py3] Fixed iterlists usage in QueryDict 2012-08-13 21:25:27 +02:00
Claude Paroz 09c589810d [py3] Used smart_str to prevent regressions in http handling 2012-08-11 15:29:29 +02:00
Claude Paroz f10a1b0641 [py3] Fixed Python 3 compatibility of http handling
* Using str() when Python 2 expects bytes and Python 3 Unicode
* Fixed reraise-ing syntax
* Fixed slicing of byte strings
2012-08-11 14:47:44 +02:00
Aymeric Augustin 5c09c59bc7 [py3] Renamed `next` to `__next__` in iterators.
See PEP 3114. `next` is retained as an alias for Python 2.
2012-08-09 14:36:05 +02:00
Claude Paroz db729266d6 [py3] Fixed 'iterable but non string' detection
In Python 3, the str type has an __iter__ attribute. Therefore, the
presence of an __iter__ attribute is not sufficient to distinguish
'standard' iterables (list, tuple) from strings.
2012-08-08 18:02:25 +02:00
Aymeric Augustin bf4da7a442 [py3] Made a small fix in django.http.
This is necessary for the 'utils' tests to pass.
2012-08-07 12:00:24 +02:00
Aymeric Augustin c5ef65bcf3 [py3] Ported django.utils.encoding.
* Renamed smart_unicode to smart_text (but kept the old name under
  Python 2 for backwards compatibility).
* Renamed smart_str to smart_bytes.
* Re-introduced smart_str as an alias for smart_text under Python 3
  and smart_bytes under Python 2 (which is backwards compatible).
  Thus smart_str always returns a str objects.
* Used the new smart_str in a few places where both Python 2 and 3
  want a str.
2012-08-07 12:00:22 +02:00
Claude Paroz 9908201d7f Replaced some byte strings by str() calls
This is a useful trick when Python 2 awaits byte strings and
Python 3 Unicode (regular) strings.
2012-08-03 15:18:13 +02:00
Florian Apolloner 4129201c3e Fixed a security issue in http redirects. Disclosure and new release forthcoming. 2012-07-30 22:01:50 +02:00
Aymeric Augustin ca07fda2ef [py3] Switched to Python 3-compatible imports.
xrange/range will be dealt with in a separate commit due to the huge
number of changes.
2012-07-22 09:29:56 +02:00
Aymeric Augustin 0d914d08a0 [py3] Updated urllib/urllib2/urlparse imports.
Lots of functions were moved. Use explicit imports in all cases
to keey it easy to identify where the functions come from.
2012-07-22 09:29:55 +02:00
Aymeric Augustin bdca5ea345 [py3] Replaced unicode/str by six.text_type/bytes. 2012-07-22 09:29:54 +02:00
Aymeric Augustin d796c94b03 [py3] Used six.reraise wherever necessary. 2012-07-22 09:29:52 +02:00
Claude Paroz 23f94f0741 Fixed #18561 -- Made HttpResponse.tell() support non-ascii chars 2012-07-17 22:00:54 +02:00
Alex Gaynor 8f002867b2 Cleaned up the QueryDict implementation.
- Use super().
- Don't poke at internals.
- Don't override methods for no reason.
2012-07-14 14:07:11 -07:00
Claude Paroz da200c5e35 Fixed #16519 -- Deprecated mimetype kwarg of HttpResponse __init__
This keyword was already deprecated in the code (supported for
backwards compatibility only), but never formally deprecated.
Thanks Paul McMillan for the report and yasar11732 for the initial
patch.
2012-06-30 21:27:47 +02:00
Claude Paroz 4a103086d5 Fixed #18269 -- Applied unicode_literals for Python 3 compatibility.
Thanks Vinay Sajip for the support of his django3 branch and
Jannis Leidel for the review.
2012-06-07 18:08:47 +02:00
Claude Paroz 38408f8007 Marked bytestrings with b prefix. Refs #18269
This is a preparation for unicode literals general usage in
Django (Python 3 compatibility).
2012-05-19 17:43:34 +02:00
Claude Paroz 169b1a404c Replaced foo.next() by next(foo).
This new syntax for next() has been introduced in Python 2.6 and is
compatible with Python 3.
2012-05-10 20:15:49 +02:00
Claude Paroz d7dfab59ea Replaced cStringIO.StringIO by io.BytesIO.
Also replaced StringIO.StringIO by BytesIO in some other appropriate
places. StringIO is not available in Python 3.
2012-05-05 21:41:44 +02:00
Aymeric Augustin e84f79f051 Fixed #18042 -- Advanced deprecation warnings.
Thanks Ramiro for the patch.
2012-05-03 15:27:01 +02:00
Claude Paroz 3904b74a3f Fixed #18013 -- Use the new 'as' syntax for exceptions.
Thanks Clueless for the initial patch.
Note that unittest has been purposely left out (external package only used by Python 2.6).
2012-04-29 20:57:15 +02:00
Aymeric Augustin bfbe4dfff7 Removed deprecated CompatCookie.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17843 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-31 12:54:40 +00:00
Claude Paroz a1ffb02107 Fixed #18029 -- Removed mod_python as of deprecation process. Thanks Aymeric Augustin for the review.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17835 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-31 10:34:11 +00:00
Claude Paroz 23d3459761 Fixed #17965 -- Definitely dropped support for Python 2.5. Thanks jonash for the initial patch and Aymeric Augustin for the review.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17834 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-31 08:24:29 +00:00
Aymeric Augustin c8e2f7591d Fixed #17931 -- Accepted aware datetimes to set cookies expiry dates. Thanks jaddison for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17766 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-18 20:58:22 +00:00
Aymeric Augustin 8d71734f15 Fixed #17923 -- Added missing import in the MySQL and Oracle backends. Thanks aldaran for the report. Also removed two duplicate imports.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17758 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-17 09:11:24 +00:00
Carl Meyer 0ce6636102 Fixed #17277 - Wrap IOErrors raised due to client disconnect in a specific IOError subclass so they can be distinguished from more serious errors. Thanks David Lowe.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17493 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-02-10 22:51:07 +00:00
Adrian Holovaty bfb4ed1425 Negligible spacing fixes to comments in django/http/__init__.py
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17221 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-17 02:40:35 +00:00
Adrian Holovaty 81bf5e3950 Fixed comma splice in DeprecationWarning for CompatCookie
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17220 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-17 02:37:26 +00:00
Adrian Holovaty 3f003a3c4b Fixed #17323 -- Renamed HttpRequest.raw_post_data to request.body. Thanks for the patch, dstufft
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17210 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-16 23:40:32 +00:00
Adrian Holovaty 61f0aff811 Fixed #14597 -- Added a SECURE_PROXY_SSL_HEADER setting for cases when you're behind a proxy that 'swallows' the fact that a request is HTTPS
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17209 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-16 22:06:06 +00:00
Luke Plant a935d436e9 Fixed #15863 - SimpleCookies are not correctly serialized with the file or database cache backends
Thanks to rakuco for the report and for the tests.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@17200 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-11 21:04:56 +00:00
Aymeric Augustin affca1369c Fixed #16632 -- Crash on responses without Content-Type with IE. Thanks juan for the report and kenth for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17196 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-11 08:58:14 +00:00
Alex Gaynor 396fcaaef9 Remove all relative imports. We have always been at war with relative imports.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17009 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-18 00:47:49 +00:00
Paul McMillan 2fa433ed55 Slight cleanup to r16829, thanks Alex Gaynor for the note.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16830 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-14 23:58:12 +00:00
Paul McMillan 50255e3305 Fixed #16494 by normalizing HttpResponse behavior with non-string input. HttpResponse now always converts content to string on output, regardless of input type.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16829 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-14 23:27:35 +00:00
Russell Keith-Magee 893cea211a Added protection against spoofing of X_FORWARDED_HOST headers. A security announcement will be made shortly.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16758 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-10 00:46:38 +00:00
Jannis Leidel fb590bfa9b Replaced `has_key()` calls with `in` to ease Python 3 port. Thanks, Martin von Löwis.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16740 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-09 19:33:40 +00:00
Jannis Leidel bce890ace4 Fixed #16584 -- Fixed a bunch of typos in code comments. Thanks, Bernhard Essl.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16598 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-12 14:14:15 +00:00
Luke Plant 6d029359e9 Fixed bug with our SimpleCookie regarding load/custom Morsel, and simplified implementation
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16526 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-08 12:07:54 +00:00
Luke Plant 89e0e8b6bc Fixed our SimpleCookie overriding and use to be compatible with a (potential) stdlib SimpleCookie that fixes http://bugs.python.org/issue2193
The previous code tested the stdlib in a way that would always fail. It then
used an overridden SimpleCookie.load method that wouldn't work for the
stdlib. And it did some completely unnecessary monkey patching.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16485 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-29 15:12:48 +00:00
Jannis Leidel a6cd78662e Fixed #15785 -- Stopped HttpRequest.read() from reading beyond the end of a wsgi.input stream and removed some redundant code in the multipartparser. Thanks, tomchristie, grahamd and isagalaev.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16479 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-28 10:17:56 +00:00
Ramiro Morales c159374a33 Fixed #15852 -- Modified cookie parsing so it can handle duplicate invalid cookie names. Thanks goes to Fredrik Stålnacke for the report and to vung for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16452 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-25 16:18:40 +00:00
Jannis Leidel dfa29161e2 Fixed #14020 -- Made the `HttpResponse` class slightly more behave like a dictionary, allowing the alternative argument to be unset. Serious thanks to schmichael and moopet.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16417 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-16 16:34:46 +00:00
Russell Keith-Magee 9e952be26f Fixed #16201 -- Ensure that requests with Content-Length=0 don't break the multipart parser. Thanks to albsen for the report and patch
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16353 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-10 08:39:38 +00:00
Luke Plant db2f9bfae1 Fixed #16178 - Cleanup request classes' `__repr__()`
Thanks to julien for the patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16350 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-09 23:15:42 +00:00
Ramiro Morales dff31de20a Fixed #16155 -- Removed Python 2.4 compatibility constructs from code and mentions from docs. Thanks Aymeric Augustin for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16349 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-09 20:01:28 +00:00
Jannis Leidel f60d428463 Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-21 14:41:14 +00:00
Jannis Leidel eb24b54634 Fixed #15496 -- Corrected handling of base64 file upload encoding. Thanks, gene and Claude Paroz.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16176 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-07 16:59:16 +00:00
Russell Keith-Magee 1d4390b26b Advanced deprecation on CompatCookie.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15984 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-02 08:40:38 +00:00
Luke Plant 8bb46d8b7c Fixed #15679 - regression in HttpRequest.POST and raw_post_data access.
Thanks to vkryachko for the report.

This also fixes a slight inconsistency with raw_post_data after parsing of a
multipart request, and adds a test for that.  (Previously accessing
raw_post_data would have returned the empty string rather than raising an
Exception).

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15938 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-28 16:11:40 +00:00
Adrian Holovaty 13864703bc Removed a bunch more Python 2.4 workarounds now that we don't support that version. Refs #15702 -- thanks to jonash for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15927 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-28 02:11:19 +00:00
Adrian Holovaty 8121aa60fd Fixed #15642 -- Removed redundant imports in http/__init__.py. Thanks, jammon
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15916 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-26 03:13:22 +00:00
Alex Gaynor 6ffe1d1e1f Removed some dead code, and old/bad constructs from the HttpResponse classes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15781 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-09 04:09:47 +00:00
Jannis Leidel f6c991667f Fixed #4992 -- Respect the GET request query string when creating cache keys. Thanks PeterKz and guettli for the initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15705 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-02 12:47:36 +00:00
Ramiro Morales f6aa469b1d Fixed #13007 -- Made cookie parsing resilent to the presence of cookies with invalid characters in their names. Thanks Warlax for the report, Ubercore for his work on a fix and Jannis and Luke for review and guidance.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15523 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-13 02:24:05 +00:00
Russell Keith-Magee 1f5309a99e Fixed #15046 -- Added "CHROMEFRAME" as a user agent alias for various MSIE fixes. Thanks to chrj for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15340 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-27 03:13:39 +00:00
Luke Plant 42c31f6bf0 Rationalised CompatCookie/SimpleCookie into single SimpleCookie class with all fixes.
Since upstream Python has fixed the encoding bug (see
http://bugs.python.org/issue9824), we don't want a separate class for this
bug fix, or several layers for the different fixes.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15298 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-24 20:35:46 +00:00
Chris Beaven dceaa82dec Fixed #14809 -- broken login related tests after r14733.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14764 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-01 22:25:17 +00:00
Russell Keith-Magee 78be884ea7 Fixed #3304 -- Added support for HTTPOnly cookies. Thanks to arvin for the suggestion, and rodolfo for the draft patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14707 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-26 13:30:50 +00:00
Russell Keith-Magee 3e62e253d2 Fixed #14594 -- Corrected r14435, which got the logic completely bass ackwards. Thanks to Mark Sundstrom for keeping me honest :-)
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14436 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-02 08:30:01 +00:00
Russell Keith-Magee 32f650cfcc Fixed #14594 -- Corrected a problem introduced by r14394 whereby reading POST data when running a WSGI server under CherryPy would hang. Thanks to Mark Sundstrom for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14435 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-02 07:38:06 +00:00
Russell Keith-Magee 269e921756 Fixed #9886 -- Added a file-like interface to HttpRequest. Thanks to Ivan Sagalaev for the suggestion and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14394 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-29 16:39:25 +00:00
Luke Plant 6be00774a4 Consistent imports for parse_qsl function, avoiding the `PendingDeprecationWarning` under Python 2.6 and later
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14297 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-20 13:07:06 +00:00
Malcolm Tredinnick 2d4da641a6 Allow setting HttpResponse cookie expiry times with datetime objects.
Patch from SmileyChris. Fixed #7770.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13809 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-12 20:52:49 +00:00
Malcolm Tredinnick b2d2cb4a31 Improved unicode-type, ASCII-convertible header handling in
HttpResponse.

Fixed #8765. Thanks to SmileyChris and semenov for working on this one.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13740 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-11 01:41:53 +00:00
Jacob Kaplan-Moss 3180f93236 Fixed #13572: copies of QueryDicts now have their encoding set correctly.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13314 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-28 16:39:52 +00:00
Karen Tracey 125c748cf6 Fixed #11522: Restored ability of http redirect responses to correctly handle redirect locations with non-ASCII chars.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12659 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-02 19:37:48 +00:00
Luke Plant 088f717077 Fixed #12470 - django.contrib.messages CookieStorage failing silently in safari when comma is used in message
This issue was fixed by changing the underlying cookie storage mechanism.

This will fix other bugs with cookies for Internet Explorer and Safari, but
could also cause backwards incompatibilities with existing javascript that
may parse cookie values that contain commas or semi-colons, and, very
rarely, with existing cookie values.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12282 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-23 23:13:00 +00:00
Jacob Kaplan-Moss 574eafe4c0 Fixed #11753 - Q objects with callables no longer explode on Python 2.4. Thanks, Jeremy Dunck.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11901 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-17 22:06:41 +00:00
Brian Rosner 2659429df4 Fixed edge case that breaks the test suite on versions of Python > 2.6.4
Before http://svn.python.org/view?view=rev&revision=74647 it was possible to
pass a SimpleCookie to load, but this no longer works due to a different bug
in Python the said revision fixed.

My guess is a SimpleCookie was never intended to be passed through load which
is perfectly reasonable.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11820 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-12 15:30:25 +00:00
Jacob Kaplan-Moss c40f715257 Fixed #10687: fixed request parsing when upload_handlers is empty. Thanks, Armin Ronacher.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10723 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-08 17:22:34 +00:00
Jacob Kaplan-Moss 38a6c48878 Fixed a silly function flow bug in [10711].
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10712 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-08 11:31:36 +00:00
Jacob Kaplan-Moss 155ab07a5d Fixed #10188: prevent newlines in HTTP headers. Thanks, bthomas.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10711 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-08 11:15:23 +00:00
Malcolm Tredinnick 87e6939372 Fixed #10267 -- Correctly handle IRIs in HttpResponse.build_absolute_uri().
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10539 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-12 03:50:47 +00:00
Jacob Kaplan-Moss 9ae873fcd8 Fixed #10184: QueryDicts with multiple values can now be safely pickled. Thanks, Alex Gaynor.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10240 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-31 05:14:13 +00:00
Gary Wilson Jr 1f8c4ce609 Fixed #8643 -- Corrected docstrings of `MultiPartParser`, thanks KayEss.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10213 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-30 20:59:33 +00:00
Jacob Kaplan-Moss 6a8dcafb57 Fixed #8278: fixed `QueryDict.update(QueryDict)`. Thanks, julien.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8705 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-29 16:49:19 +00:00
Jacob Kaplan-Moss fc6649092a Fixed an inconsistancy in redirects with `META['SERVER_PORT']` being either a string or an int.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8666 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-28 16:18:32 +00:00
Malcolm Tredinnick 646f2f6101 Fixed #7494 -- Fixed build_absolute_url() for some types of (uncommon) URLs.
Patch from tom@almostobsolete.net and RobotAdam.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8490 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-23 17:28:12 +00:00
Malcolm Tredinnick f2477b6450 Fixed #7233 -- Ensured that QueryDict classes are always unpicklable. This
problem only arose on some systems, since it depends upon the order in which
the attributes are pickled. Makes reliable testing kind of tricky.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8460 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-21 13:55:21 +00:00
Gary Wilson Jr daa6b38f35 Fixed #8092, #3828 -- Removed dictionary access for request objects so that GET and POST data doesn't "overwrite" request attributes when used in templates (since dictionary lookup is performed before attribute lookup). This is backwards-incompatible if you were using the request object for dictionary access to the combined GET and POST data, but you should use `request.REQUEST` for that instead.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8202 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-03 19:55:26 +00:00
Adrian Holovaty 0894ddb2bb Fixed #7848 -- Removed a bunch of code that wasn't contributing to society. Thanks, julien
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8047 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-22 03:26:25 +00:00
Malcolm Tredinnick bfcecbffd3 Changed/fixed the way Django handles SCRIPT_NAME and PATH_INFO (or
equivalents). Basically, URL resolving will only use the PATH_INFO and the
SCRIPT_NAME will be prepended by reverse() automatically. Allows for more
portable development and installation. Also exposes SCRIPT_NAME in the
HttpRequest instance.

There are a number of cases where things don't work completely transparently,
so mod_python and fastcgi users should read the relevant docs.

Fixed #285, #1516, #3414.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8015 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-21 07:57:10 +00:00
Malcolm Tredinnick 189c704ae6 Revert [7991] - [7993]. I was committing from the wrong branch. Sorry 'bout
that, folks. :-(


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7995 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-19 19:37:55 +00:00
Malcolm Tredinnick b653cdcfb2 First part of setting request.path correctly.
Still needs:
    - testing
    - docs changes
    - some way of fixing reverse().


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7991 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-19 19:32:01 +00:00
Jacob Kaplan-Moss c121ff4046 Fixed #7635: do a better job checking for infinite loops in multi-part MIME parsing. Thanks, Mike Axiak.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7905 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-12 20:43:15 +00:00
Jacob Kaplan-Moss 9dabd1f8ff Fixed #7651: uploading multiple files with the same name now work. Also, in order to test the problem the test client now handles uploading multiple files at once. Patch from Mike Axiak.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7858 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-07 22:06:32 +00:00
Malcolm Tredinnick 8975bba742 Fixed #4148 -- Changed the way attachments are served to IE to avoid some
caching and header-related bugs there. Only comes into play when Internet
Explorer is the user-agent.

Patch from Michael Axiak, with testing from Axis_of_Entropy and Karen Tracey.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7856 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-07 01:45:19 +00:00
Jacob Kaplan-Moss d725cc9734 Fixed #2070: refactored Django's file upload capabilities.
A description of the new features can be found in the new [http://www.djangoproject.com/documentation/upload_handing/ upload handling documentation]; the executive summary is that Django will now happily handle uploads of large files without issues.

This changes the representation of uploaded files from dictionaries to bona fide objects; see BackwardsIncompatibleChanges for details.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7814 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-01 15:10:51 +00:00
Malcolm Tredinnick c0537a961f Fixed #6616 -- Added an is_ajax() method to HttpRequest that uses the de facto
standard header for detecting an XmlHttpRequest call. Thanks, Daniel Lindsley.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7334 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-20 07:16:16 +00:00
Malcolm Tredinnick 30bdabb2b0 Fixed #6764 -- Added some error checking around cookie decoding. Thanks,
Michael Axiak.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7257 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-17 13:49:04 +00:00
Gary Wilson Jr 5b762ca8e7 A few styling fixes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7205 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-08 03:46:33 +00:00
Gary Wilson Jr 4d6f0f2650 Fixed #6657 -- Don't set secure attribute on cookie if `secure=False` is passed, thanks Gulopine.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7204 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-08 03:31:42 +00:00
Malcolm Tredinnick 9780247a4c Removed an unnecessary default argument in one __deepcopy__() method and fixed
up the one place that was mistakenly relying on that.

Refs #6308.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7167 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-02-27 07:58:00 +00:00
Malcolm Tredinnick 03f1eb23e5 Fixed #5956 -- Added a better error description for non-ASCII HTTP headers. Patch from jvloothuis.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6927 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-12-17 08:05:51 +00:00
Malcolm Tredinnick 01ca122774 Fixed #6063 -- Caught one place in HttpResponse that was not returning a str
type (violation of WSGI spec). Thanks, janusz.harkot@gmail.com.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6895 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-12-05 09:28:56 +00:00
Adrian Holovaty 887c8ad565 Small docstring edit in django/http/utils.py from [6662]
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6793 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-12-01 17:33:14 +00:00
Malcolm Tredinnick 3ee3d6b5f3 Fixed #5898 -- Changed a few response processing paths to make things harder to get wrong and easier to get right. Previous behaviour wasn't buggy, but it was harder to use than necessary.
We now have automatic HEAD processing always (previously required ConditionalGetMiddleware), middleware benefits from the Location header rewrite, so they can use relative URLs as well, and responses with response codes 1xx, 204 or 304 will always have their content removed, in accordance with the HTTP spec (so it's much harder to indavertently deliver invalid responses).

Based on a patch and diagnosis from regexbot@gmail.com.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6662 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-11 03:55:44 +00:00
Malcolm Tredinnick e60c26d5bb Fixed #5562 -- Changed settings of Expires heading when expiring a cookie to
work with non-compliant browsers (also removes a non-compliance feature of our
own). Thanks, caifen1985@gmail.com and SmileyChris.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6549 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-20 07:01:12 +00:00
Malcolm Tredinnick 570e8936d9 Fixed #4969 -- Changed content retrieval in HttpResponse to be more robust in
the presence of an existing content encoding. Fixes some sporadic failures with
the GzipMiddleware, for example. Thanks, Johann Queuniet.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6548 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-20 06:50:16 +00:00
Malcolm Tredinnick 706659d2bb Changed the way we handle HTTP headers internally so that they appear
case-insensitive, but the original case is preserved for output. This increases the chances of working with non-compliant clients without changing the external interface. Fixed #2970.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6546 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-20 05:58:48 +00:00
Malcolm Tredinnick b6ec8d3a9e Changed HttpResponse.get() to lower case the header value before looking it up. This makes it consistent will other header accesses. Fixed #5754, #5772.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6537 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-20 03:32:21 +00:00
Malcolm Tredinnick 4d8b51f60c Fixed #4986 -- Fixed a logic bug from [6166].
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6449 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-03 22:21:43 +00:00
Malcolm Tredinnick 4b610f42d3 Added a get_host() method to HttpRequest. There is still an http.get_host() version in place, so this is fully backwards compatible.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6296 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-15 17:46:03 +00:00
Jacob Kaplan-Moss ca9388cdaf Added more dict-like methods to HttpResponse as part of the response.headers -> response._headers move, and fixed a few direct uses of response.headers in Django itself. Thanks to PhiR for tracking down and slaying these bugs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6235 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-14 22:33:56 +00:00
Jacob Kaplan-Moss dd799591fc Backwards-incompatible change: renamed HttpResponse.headers to HttpResponse._headers to deliberately break anyone accessing headers directly instead of through the case-insensitive proxies on HttpResponse itself. See BackwardsIncompatibleChanges for more details.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6225 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-14 21:53:13 +00:00
Jacob Kaplan-Moss 4100eab823 Fixed the breakage in [6164] in a different, better way: HttpResponse now implements __contains__ along with __get/set/delitem__, as it should. This is a bit more robust, and should prevent similar breakage from user code.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6221 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-14 21:41:48 +00:00
Jacob Kaplan-Moss 3da4c0ab92 Fixed #2970: made HttpResponse headers case-insensitive. Thanks to SmileyChris for the original patch and PhiR for the final one.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6212 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-14 20:34:29 +00:00
Jacob Kaplan-Moss ad077ccbc0 Fixed #5445: added some compatibility code for the lack of __iter__ in Jython 2.2. Thanks, Leo Soto.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6211 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-14 19:55:24 +00:00
Malcolm Tredinnick 1b745be5a1 Fixed a typo from [6164].
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6167 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-14 05:39:59 +00:00
Malcolm Tredinnick 300e19effc Fixed #4986 -- Improved get_host() host detection. Thanks, SmileyChris.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6166 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-14 05:39:42 +00:00
Malcolm Tredinnick e70d7e6064 Fixed #987 -- Convert relative URI portions into absolute URIs in HTTP Location headers. Based on a patch from SmileyChris.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6164 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-14 05:28:00 +00:00
Russell Keith-Magee 50497e3867 Refs #5138 -- Refactored implementation of __contains__ in HttpRequest introduced in [6097] after a suggestion from Malcolm. Applied a similar refactor for MergeDict and Context which had comparable behavior.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6098 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-11 14:04:40 +00:00
Russell Keith-Magee db01d1d0a8 Fixed #5318 -- Added __contains__ method to HttpRequest, mirroring existing has_key method. Thanks for the patch, robbie@prelab.net.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6097 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-09-11 13:36:09 +00:00
Malcolm Tredinnick 3757f30c99 Fixed #4947 -- Avoid displaying uploaded file contents in the debug web page. Based on a patch from eibaan@gmail.com.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5874 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-08-12 12:02:08 +00:00
Malcolm Tredinnick 78dfdd5648 Clarified the reasoning in a comment.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5873 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-08-12 12:01:31 +00:00
Malcolm Tredinnick 0afbca9c60 Fixed #3526 -- Added content_type as an alias for mimetype to the HttpResponse constructor. It's a slightly more accurate name. Based on a patch from Simon Willison. Fully backwards compatible.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5844 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-08-11 09:37:42 +00:00
Malcolm Tredinnick 8d9982c5a5 Fixed #4815 -- Fixed decoding of request parameters when the input encoding is
not UTF-8. Thanks, Jordan Dimov.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5644 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-11 06:55:12 +00:00
Malcolm Tredinnick 953badbea5 Merged Unicode branch into trunk (r4952:5608). This should be fully
backwards compatible for all practical purposes.

Fixed #2391, #2489, #2996, #3322, #3344, #3370, #3406, #3432, #3454, #3492, #3582, #3690, #3878, #3891, #3937, #4039, #4141, #4227, #4286, #4291, #4300, #4452, #4702


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5609 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-04 12:11:04 +00:00
Malcolm Tredinnick 7dc8b1a1a8 Added a parameter to HttpResponse's constructor to enable explicit status code
setting. This will save us from being asked to add a subclass for every
possible HTTP status code.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5554 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-27 13:02:38 +00:00
Malcolm Tredinnick 880e3cfaa6 Backed out the changes in [5482] for a bit whilst some more investigation into
side-effects is done. Refs #4565.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5511 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-22 07:15:04 +00:00
Malcolm Tredinnick bccb8897e6 Fixed #4565 -- Changed template rendering to use iterators, rather than
creating large strings, as much as possible. This is all backwards compatible.
Thanks, Brian Harring.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5482 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-17 07:11:37 +00:00
Malcolm Tredinnick 9ed4217a57 Fixed #4337 -- Added pop() method to QueryDict. Thanks, Gary Wilson.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5289 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-05-19 18:34:00 +00:00
Malcolm Tredinnick f9982c5c08 Fixed #4270 -- Don't permit deleting of items from an immutable QueryDict.
Thanks, Gary Wilson.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5187 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-05-11 08:22:06 +00:00
Malcolm Tredinnick 439cb4047f Fixed #4040 -- Changed uses of has_key() to "in". Slight performance
improvement and forward-compatible with future Python releases. Patch from Gary
Wilson.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5091 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-04-26 13:30:48 +00:00
Malcolm Tredinnick 6a643b03d7 Fixed #3875 -- Added HttpResponseBadRequest. Thanks, Scott Barr.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4866 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-03-30 06:48:19 +00:00
Malcolm Tredinnick 3c6609ac0c Refactored the HttpResponse sub-classes so that adding a subclass that only
changes the HTTP status code requires less code (no need to duplicate the
__init__ method).


git-svn-id: http://code.djangoproject.com/svn/django/trunk@4865 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-03-30 06:46:36 +00:00
Jacob Kaplan-Moss cb1ff2af35 Fixed another Python 2.3 bug (this one on django.http.parse_file_upload). I think there's one left.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4615 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-02-26 18:52:15 +00:00
Malcolm Tredinnick 6c4757729b Revert [4485] in order to fix accidental mod_python breakage. Refs #2920.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4486 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-02-11 23:50:35 +00:00