Commit Graph

5 Commits

Author SHA1 Message Date
Andrew Nester 08ed3cc6d1 Fixed #26671 -- Made HashedFilesMixin ignore the 'chrome' scheme. 2016-07-12 08:20:39 -04:00
Aymeric Augustin 7f6fbc906a Prevented static file corruption when URL fragment contains '..'.
When running collectstatic with a hashing static file storage backend,
URLs referencing other files were normalized with posixpath.normpath.
This could corrupt URLs: for example 'a.css#b/../c' became just 'c'.

Normalization seems to be an artifact of the historical implementation.
It contained a home-grown implementation of posixpath.join which relied
on counting occurrences of .. and /, so multiple / had to be collapsed.

The new implementation introduced in the previous commit doesn't suffer
from this issue. So it seems safe to remove the normalization.

There was a test for this normalization behavior but I don't think it's
a good test. Django shouldn't modify CSS that way. If a developer has
rendundant /s, it's mostly an aesthetic issue and it isn't Django's job
to fix it. Conversely, if the user wants a series of /s, perhaps in the
URL fragment, Django shouldn't destroy it.

Refs #26249.
2016-02-23 19:35:16 +01:00
msaelices 7624fdb9f8 Fixed #25283 -- Fixed collectstatic crash if a URL contains a fragment with a path.
A @font-face declaration may contain a fragment that looks like a relative path,
e.g. @font-face { src: url('../fonts/font.svg#../path/like/fragment'); }
In this case, an incorrect path was passed to the storage backend, which raised
an error that caused collectstatic to crash.
2015-11-12 19:30:48 -05:00
Trey Hunner 6868643063 Added newlines to the ends of CSS, HTML, and JavaScript files missing them. 2014-08-12 19:22:09 -04:00
Florian Apolloner 89f40e3624 Merged regressiontests and modeltests into the test root. 2013-02-26 14:36:57 +01:00