Commit Graph

9 Commits

Author SHA1 Message Date
Russell Keith-Magee d053624aa8 Fixed #15067 -- Modified the range checks on base36_to_int so you are guaranteed to always get an int, avoiding possible OverflowErrors. Thanks to Garthex for the report, jboutros for the patch, and kfrazier for the feedback.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15288 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-24 08:02:40 +00:00
Alex Gaynor 6819be1ea1 Fix a security issue in the auth system. Disclosure and new release forthcoming.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15032 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-23 03:45:08 +00:00
Luke Plant 6fb4f6e299 Fixed #13765 - 'safe' parameter for urlencode filter
Thanks to KyleMac for the suggestion and SmileyChris for the patch

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13849 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-13 23:01:34 +00:00
Malcolm Tredinnick b203db6ec8 Fixed #5791 -- Added early-bailout support for views (ETags and Last-modified).
This provides support for views that can have their ETag and/or Last-modified
values computed much more quickly than the view itself. Supports all HTTP
verbs (not just GET).

Documentation and tests need a little more fleshing out (I'm not happy with the
documentation at the moment, since it's a bit backwards), but the functionality
is correct.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10114 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-22 07:58:29 +00:00
Luke Plant fcd837cd0f Fixed #7723 - implemented a secure password reset form that uses a token and prompts user for new password.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8162 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-31 20:47:53 +00:00
Gary Wilson Jr 8c442f21dc Fixed #5816 -- Fixed a regression from [6333] that generates incorrect cookie "expires" dates when using a locale other than English. Introduced `http_date` and `cookie_date` utility functions. Thanks for the report Michael Lemaire. Thanks for the patch Karen Tracey and `SmileyChris`.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6634 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-31 03:59:40 +00:00
Malcolm Tredinnick bece031772 Fixed #5734 -- Fixed an omission where we weren't passing the "safe" argument
upstream in django.utils.http.urlquote(). Thanks, Thomas Güttler.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6554 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-10-20 08:38:59 +00:00
Russell Keith-Magee f2303b6f7a Fixed #4402 -- Modified test client to allow multi-valued inputs on GET requests. Thanks for the suggestion, eddymul@gmail.com.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5741 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-21 05:17:20 +00:00
Malcolm Tredinnick 953badbea5 Merged Unicode branch into trunk (r4952:5608). This should be fully
backwards compatible for all practical purposes.

Fixed #2391, #2489, #2996, #3322, #3344, #3370, #3406, #3432, #3454, #3492, #3582, #3690, #3878, #3891, #3937, #4039, #4141, #4227, #4286, #4291, #4300, #4452, #4702


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5609 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-04 12:11:04 +00:00