PREMANAND
371adc472a
Fixed #27156 -- Made changing HttpRequest.encoding clear GET.
2016-11-17 12:46:42 -05:00
Ramin Farajpour Cami
967be82443
Fixed E305 flake8 warnings.
2016-11-14 12:30:46 -05:00
Tim Graham
7fe2d8d940
Fixed CVE-2016-9014 -- Validated Host header when DEBUG=True.
...
This is a security fix.
2016-11-01 09:30:57 -04:00
Claude Paroz
2ced2f785d
Replaced smart_* by force_* calls whenever possible
...
The smart_* version should only be used when a lazy string should keep
its lazy status.
2016-09-03 13:46:41 +02:00
Ryan Allen
190d2ff4a7
Fixed #27153 -- Added validation for HttpResponse status.
2016-08-30 21:59:43 -04:00
Tim Graham
ff0a5aff4f
Fixed #27046 -- Supported IPv6-formatted IPv4 addresses in host validation.
...
Thanks LaMont Jones for the report and patch.
2016-08-11 13:54:39 -04:00
Tim Graham
5c63b3e5a7
Fixed #27005 -- Fixed crash if request.META[''CONTENT_LENGTH']=''.
2016-08-03 13:12:40 -04:00
Ville Skyttä
96f97691ad
Fixed broken links in docs and comments.
2016-06-15 21:20:23 -04:00
wim glenn
5ebebd1159
Fixed #26707 -- Added QueryDict.fromkeys()
2016-06-06 08:54:25 -04:00
Jon Dufresne
a8f957797d
Fixed comment typo in multiparser.py
2016-06-05 16:36:59 -04:00
Asif Saifuddin Auvi
dc88516e5b
Made style improvements to multipartparser.py
2016-06-04 11:06:25 -04:00
Andre Cruz
929684d6ee
Fixed #21231 -- Enforced a max size for GET/POST values read into memory.
...
Thanks Tom Christie for review.
2016-05-12 10:17:52 -04:00
Tim Graham
086510fde0
Removed HTTP prefixed CONTENT_TYPE/LENGTH headers in MultiPartParser.
...
The docs say that these headers always appear without the HTTP_ prefix.
This may have been an oversight when they were added in
d725cc9734
, the only commit that uses
these names.
2016-05-06 10:30:03 -04:00
Tim Graham
ead21a1949
Refs #22897 -- Removed unneeded empty string QueryDict argument.
2016-05-03 12:04:08 -04:00
Tim Graham
bb0b4b705b
Fixed #26052 -- Moved conditional_content_removal() processing to the test client.
2016-04-25 07:56:07 -04:00
Tim Graham
df8d8d4292
Fixed E128 flake8 warnings in django/.
2016-04-08 09:51:06 -04:00
Collin Anderson
93a135d111
Fixed #26158 -- Rewrote http.parse_cookie() to better match browsers.
2016-03-15 12:24:06 -04:00
Tim Graham
59df07738c
Simplified _cookie_allows_colon_in_names condition.
2016-03-14 18:58:49 -04:00
Tim Graham
2f81f466a8
Removed a workaround for a cookie encoding bug [1] in Python < 2.7.2.
...
[1] http://bugs.python.org/issue9824
2016-03-14 18:58:49 -04:00
John-Mark Bell
4b129ac81f
Fixed #26325 -- Made MultiPartParser ignore filenames that normalize to an empty string.
2016-03-07 13:19:39 -05:00
Curtis Maloney
6f1318734f
Fixed #26014 -- Added WSGIRequest content_type and content_params attributes.
...
Parsed the CONTENT_TYPE header once and recorded it on the request.
2016-02-10 18:19:23 -05:00
userimack
60586dd737
Fixed #26125 -- Fixed E731 flake warnings.
2016-01-25 14:23:43 -05:00
Johannes Hoppe
5233b70070
Fixed #25725 -- Made HttpReponse immediately close objects.
2015-12-14 12:46:48 -05:00
Raphael Merx
0a19f8d4fc
Fixed #25644 -- Fixed reset cookie expiry date bug.
...
Setting a cookie with the same name as a previously deleted cookie
would set its expiry date to 'Thu, 01-Jan-1970 00:00:00 GMT'.
2015-11-18 07:47:40 -05:00
Jon Dufresne
05248a1009
Fixed #25576 -- Added IOBase methods required by TextIOWrapper to HttpResponse.
2015-10-21 10:42:29 -04:00
Matt Robenolt
b0c56b895f
Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN.
...
Thanks Seth Gottlieb for help with the documentation and
Carl Meyer and Joshua Kehn for reviews.
2015-09-16 12:21:50 -04:00
Vlastimil Zíma
cf29b6b561
Fixed #25099 -- Fixed crash in AdminEmailHandler on DisallowedHost.
2015-09-04 09:24:21 -04:00
Maxime Lorant
5153a3bfdc
Fixed #25331 -- Removed trailing blank lines in docstrings.
2015-08-31 17:37:21 -04:00
Sambhav Satija
d0bd533043
Fixed #25254 -- Added JsonResponse json_dumps_params parameter.
2015-08-12 10:39:07 -04:00
Matt Robenolt
4dcfbd7923
Fixed #25211 -- Added HttpRequest.get_port() and USE_X_FORWARDED_PORT setting.
2015-08-04 09:50:57 -04:00
Keryn Knight
c96f11257b
Refs #24121 -- Added meaningful repr() to HttpResponse and subclasses.
2015-07-15 09:01:25 -04:00
Vlastimil Zíma
8f8c54f70b
Fixed #25099 -- Cleaned up HttpRequest representations in error reporting.
2015-07-13 19:22:39 -04:00
Tim Graham
7da3923ba0
Sorted imports in __init__.py files.
2015-06-27 11:53:33 -04:00
Tim Graham
3f2de80318
Refs #23763 -- Fixed Python 3.5 PendingDeprecationWarning in LazyStream.
...
Fixed "PendingDeprecationWarning: generator 'LazyStream.read.<locals>.parts'
raised StopIteration" per PEP 0479.
2015-06-17 06:55:16 -04:00
Piotr Jakimiak
4157c502a5
Removed unnecessary arguments in .get method calls
2015-05-13 20:51:18 +02:00
Bas Peschier
9128762f16
Fixed #19910 -- Added slash to i18n redirect if APPEND_SLASH is set.
...
This introduces a force_append_slash argument for request.get_full_path()
which is used by RedirectFallbackMiddleware and CommonMiddleware when
handling redirects for settings.APPEND_SLASH.
2015-03-26 09:26:55 -04:00
Claude Paroz
a0c2eb46dd
Fixed #23960 -- Removed http.fix_location_header
...
Thanks Carl Meyer for the report and Tim Graham for the review.
2015-03-18 18:22:50 +01:00
Jon Dufresne
d861f95c44
Fixed #24139 -- Changed HttpResponse.reason_phrase to evaluate based on status_code.
2015-03-12 20:18:06 -04:00
Rik
ccff08c194
Fixed #24463 -- Removed mod_python functionality from HttpRequest._get_scheme()
2015-03-11 14:35:25 -04:00
Claude Paroz
efb1f99f94
Fixed #20889 -- Prevented BadHeaderError when Python inserts newline
...
Workaround for http://bugs.python.org/issue20747 .
In some corner cases, Python 2 inserts a newline in a header value
despite `maxlinelen` passed in Header constructor.
Thanks Tim Graham for the review.
2015-02-19 20:18:31 +01:00
Tim Graham
0ed7d15563
Sorted imports with isort; refs #23860 .
2015-02-06 08:16:28 -05:00
Matthew Somerville
250aa7c39b
Fixed #24240 -- Allowed GZipping a Unicode StreamingHttpResponse
...
make_bytes() assumed that if the Content-Encoding header is set, then
everything had already been dealt with bytes-wise, but in a streaming
situation this was not necessarily the case.
make_bytes() is only called when necessary when working with a
StreamingHttpResponse iterable, but by that point the middleware has
added the Content-Encoding header and thus make_bytes() tried to call
bytes(value) (and dies). If it had been a normal HttpResponse,
make_bytes() would have been called when the content was set, well
before the middleware set the Content-Encoding header.
This commit removes the special casing when Content-Encoding is set,
allowing unicode strings to be encoded during the iteration before they
are e.g. gzipped. This behaviour was added a long time ago for #4969 and
it doesn't appear to be necessary any more, as everything is correctly
made into bytes at the appropriate places.
Two new tests, to show that supplying non-ASCII characters to a
StreamingHttpResponse works fine normally, and when passed through the
GZip middleware (the latter dies without the change to make_bytes()).
Removes the test with a nonsense Content-Encoding and Unicode input - if
this were to happen, it can still be encoded as bytes fine.
2015-02-03 18:18:12 +01:00
Jon Dufresne
24b2bc635e
Fixed #24137 -- Switched to HTTP reason phrases from Python stdlib.
2015-01-28 06:59:40 -05:00
Raul Cumplido
ac650d02cb
Fixed #24209 -- Prevented crash when parsing malformed RFC 2231 headers
...
Thanks Tom Christie for the report and review.
2015-01-27 20:12:22 +01:00
Collin Anderson
a9aec1154e
Closed files in FileResponse; refs #24072
2015-01-05 14:54:55 -05:00
Collin Anderson
3d2cae0896
Fixed #24072 -- Added FileResponse for streaming binary files.
2015-01-05 10:51:52 -05:00
Sergey Parkhomenko
059c9ab24c
Fixed #23977 -- Added setdefault() method to HttpResponse
2014-12-11 13:56:56 -05:00
Jon Dufresne
4468c08d70
Fixed #23968 -- Replaced list comprehension with generators and dict comprehension
2014-12-08 07:58:23 -05:00
Matt Robenolt
80facd7a0f
Removed unused variable django.http.request.absolute_http_url_re
2014-11-24 07:01:55 -05:00
Berker Peksag
788fa9fffa
Fixed #12098 -- Simplified HttpRequest.__repr__().
2014-11-20 08:45:11 -05:00