innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
30,614 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

8 Commits

Author SHA1 Message Date
django-bot 9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Mariusz Felisiak b55699968f
Fixed #32718 -- Relaxed file name validation in FileField. 
- Validate filename returned by FileField.upload_to() not a filename
  passed to the FileField.generate_filename() (upload_to() may
  completely ignored passed filename).
- Allow relative paths (without dot segments) in the generated filename.

Thanks to Jakub Kleň for the report and review.
Thanks to all folks for checking this patch on existing projects.
Thanks Florian Apolloner and Markus Holtermann for the discussion and
implementation idea.

Regression in 0b79eb3691.
 2021-05-13 08:53:44 +02:00
Florian Apolloner 0b79eb3691 Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads. 2021-05-04 08:44:42 +02:00
Josh Schneier 9b538badb1 Refs #23919 -- Removed File's Python 2 proxied methods. 2017-04-26 14:44:07 -04:00
Simon Charette cecc079168 Refs #23919 -- Stopped inheriting from object to define new style classes. 2017-01-19 08:39:46 +01:00
Simon Charette 4f474607de
Fixed #26646 -- Added IOBase methods required by TextIOWrapper to File. 
Thanks Tim for the review.
 2016-05-27 21:05:58 -04:00
Carson Gee e93e0c03b2 Fixed #24963 -- Added File.seekable() on Python 3. 2015-06-12 10:17:21 -04:00
Jacob Kaplan-Moss 68a890e79f Fixed #7712, #9404, #10249, #10300: a light refactor and cleanup of file storage and the `File` object. Thanks to Armin Ronacher and Alex Gaynor. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10717 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-05-08 15:08:09 +00:00