Tim Graham
48d57788ee
Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline.
2017-09-22 12:51:18 -04:00
Tim Graham
96107e2844
Refs #26956 -- Removed the host parameter of django.utils.http.is_safe_url().
...
Per deprecation timeline.
2017-09-22 12:51:18 -04:00
Tim Graham
87d2240e6c
Refs #27067 -- Removed django.utils.translation.string_concat() per deprecation timeline.
2017-09-22 12:51:17 -04:00
Mariusz Felisiak
0ec0e5029c
Removed unnecessary parens in various code.
2017-09-13 21:20:29 -04:00
Tim Graham
0c4ac12a7b
Fixed #28546 -- Fixed translation's to_locale() with langauge subtags.
...
Thanks Brent Hand for the initial patch.
2017-09-08 13:46:00 -04:00
Tim Graham
22a5b8891c
Removed to_lower parameter for translation's to_locale().
...
Unused since 2bab9d6d9e
.
2017-09-08 13:12:43 -04:00
Tim Graham
6e4c6281db
Reverted "Fixed #27818 -- Replaced try/except/pass with contextlib.suppress()."
...
This reverts commit 550cb3a365
because try/except performs better.
2017-09-07 08:16:21 -04:00
Sergey Fedoseev
fac74b84a3
Used OrderedDict.fromkeys() to initialize OrderedDict with None values.
2017-08-23 11:40:17 -04:00
Sergey Fedoseev
59a4b12a23
Refs #23919 -- Removed LazyObject.__getstate__() needed only on Python 2.
2017-07-12 13:14:49 +05:00
Matthew Schinckel
493f7e9e1e
Fixed #28076 -- Added support for PostgreSQL's interval format to parse_duration().
2017-07-03 19:53:19 -04:00
Mads Jensen
550cb3a365
Fixed #27818 -- Replaced try/except/pass with contextlib.suppress().
2017-06-28 14:07:55 -04:00
Tim Graham
bdf20c383f
Fixed #28323 -- Removed unneeded normalize() in timezone.localtime() and make_naive().
2017-06-20 07:12:41 -04:00
Georg Sauthoff
d0f59054d0
Fixed #28324 -- Made feedgenerators write feeds with deterministically ordered attributes.
2017-06-20 05:38:41 -04:00
Claude Paroz
ceca221b31
Fixed #28304 -- Kept SafeData type for pgettext-translated strings
2017-06-15 21:00:50 +02:00
chillaranand
08bda82c23
Fixed #27830 -- Used distutils.version.LooseVersion for version parsing.
2017-06-13 10:53:39 -04:00
Thomas Khyn
f6bd00131e
Fixed #28241 -- Allowed module_has_submodule()'s module_name arg to be a dotted path.
2017-06-08 14:34:20 -04:00
Jon Dufresne
2c69824e5a
Refs #23968 -- Removed unnecessary lists, generators, and tuple calls.
2017-06-01 19:08:59 -04:00
Jon Dufresne
21046e7773
Fixed #28249 -- Removed unnecessary dict.keys() calls.
...
iter(dict) is equivalent to iter(dict.keys()).
2017-05-27 19:08:46 -04:00
Simon Charette
f0d47ab3b6
Corrected cached_property.__get__() docstring.
2017-05-15 09:25:14 -04:00
Adam Alton
f9bae845ea
Added a docstring to cached_property.__get__().
2017-05-15 09:05:42 -04:00
UmanShahzad
856072dd4a
Fixed #28142 -- Fixed is_safe_url() crash on invalid IPv6 URLs.
2017-05-10 09:02:20 -04:00
Alexander Allakhverdiyev
620e9dd31a
Replaced django.utils.inspect.getargspec() with inspect.getfullargspec().
2017-04-27 20:42:49 -04:00
Claude Paroz
a8343fe7bf
Refs #27795 -- Replaced force_text() with str() in feed generators
2017-04-27 09:31:08 +02:00
Claude Paroz
301de774c2
Refs #27795 -- Replaced many force_text() with str()
...
Thanks Tim Graham for the review.
2017-04-27 09:10:02 +02:00
petedmarsh
14671affc3
Fixed #28064 -- Removed double-quoting of key names in MultiValueDictKeyError.
2017-04-11 12:44:52 -04:00
Jon Dufresne
b906c3db63
Removed duplicate lines in slugify().
2017-04-10 08:12:37 -04:00
Daniel F Moisset
5d3b322dce
Made MultiValueDict.__deepcopy__()'s memo kwarg an arg.
...
It's always provided.
2017-04-07 09:13:57 -04:00
Raphael Michel
bde814142a
Fixed #22654 -- Broken decimal validation
2017-04-07 12:45:08 +02:00
Tim Graham
5ea48a70af
Fixed #27912 , CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs.
...
This is a security fix.
2017-04-04 10:42:06 -04:00
Claude Paroz
8346680e1c
Refs #27795 -- Removed unneeded force_text calls
...
Thanks Tim Graham for the review.
2017-03-04 18:18:21 +01:00
Tim Graham
6ae1b04fb5
Fixed #27900 -- Made escapejs escape backticks for use in ES6 template literals.
2017-03-04 09:04:16 -05:00
Pavlo Kapyshin
b6fbf3e8e5
Fixed #27879 -- Fixed crash if enclosures aren't provided to Atom1Feed.add_item().
...
Regression in 75cf9b5ac0
2017-02-24 09:46:31 -05:00
Ian Foote
508b5debfb
Refs #11964 -- Made Q objects deconstructible.
2017-02-23 20:47:48 -05:00
Anton Samarchyan
9718fa2e8a
Refs #27656 -- Updated django.utils docstring verbs according to PEP 257.
2017-02-11 16:11:08 -05:00
Chronial
03281d8fe7
Fixed #26005 -- Fixed some percent decoding cases in uri_to_iri().
2017-02-09 09:22:00 -05:00
Tim Graham
500532c95d
Refs #23919 -- Removed default 'utf-8' argument for str.encode()/decode().
2017-02-09 09:03:47 -05:00
Claude Paroz
3a148f958d
Refs #27795 -- Removed force_text from the template layer
...
Thanks Tim Graham for the review.
2017-02-07 17:14:02 +01:00
Claude Paroz
c651331b34
Converted usage of ugettext* functions to their gettext* aliases
...
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
Claude Paroz
2757209c9d
Refs #27795 -- Removed force_text from templatize function
2017-02-06 17:35:03 +01:00
Tim Graham
2d899ce16b
Refs #23919 -- Removed a Python 2 code path in force_text().
...
Reverted the obsolete fix and tests for refs #12302 .
2017-02-03 19:38:33 -05:00
Tim Graham
26619ad7b0
Removed an untested and broken branch in force_bytes() (refs #6353 ).
...
The new test crashed in the removed branch. It's unclear if the branch has
value since c6a2bd9b96
didn't include tests.
2017-02-03 19:36:53 -05:00
Tim Graham
4ee877a7b0
Used super() in DjangoUnicodeDecodeError.
2017-02-03 19:16:14 -05:00
Claude Paroz
a21ec12409
Fixed #27803 -- Kept safe status of lazy safe strings in conditional_escape
2017-02-02 21:01:39 +01:00
Vytis Banaitis
8838d4dd49
Refs #23919 -- Replaced kwargs.pop() with keyword-only arguments.
2017-02-01 11:41:56 -05:00
Vytis Banaitis
84126f2789
Refs #23919 -- Removed unneeded code in force_text().
...
Unneeded since 7b2f2e74ad
.
2017-01-31 18:31:17 -05:00
Claude Paroz
ccfd1295f9
Refs #27795 -- Prevented SafeText from losing safe status on str()
...
This will allow to replace force_text() by str() in several places (as one of
the features of force_text is to keep the safe status).
2017-01-30 21:10:32 +01:00
Claude Paroz
52138b1fd0
Refs #23919 -- Removed usage of obsolete SafeBytes class
...
The class will be removed as part of #27753 .
Thanks Tim Graham for the review.
2017-01-30 15:04:45 +01:00
Claude Paroz
277a4dd4b4
Fixed #27793 -- Used stdlib's ipaddress module to validate IP addresses
...
Thanks Tim Graham for the review.
2017-01-30 14:22:18 +01:00
Claude Paroz
e34f4e6f87
Made ugettext* functions aliases of gettext*
...
Thanks Tim Graham for the review.
2017-01-28 12:01:30 +01:00
Chillar Anand
6478e07a62
Refs #23919 -- Replaced tempfile.mkdtemp() with TemporaryDirectory() context manager.
2017-01-26 13:54:16 -05:00
Claude Paroz
fee42fd99e
Refs #23919 -- Replaced usage of django.utils.http utilities with Python equivalents
...
Thanks Tim Graham for the review.
2017-01-26 19:49:03 +01:00
Vytis Banaitis
d1bab24e01
Refs #23919 , #27778 -- Removed obsolete mentions of unicode.
2017-01-26 08:19:27 -05:00
chillaranand
d6eaf7c018
Refs #23919 -- Replaced super(ClassName, self) with super().
2017-01-25 12:23:46 -05:00
Mads Jensen
ebf34c3cdc
Removed unused variables that are overwritten.
2017-01-25 09:14:05 -05:00
Claude Paroz
d2e7d15b4c
Assumed iri_to_uri always returns a string
...
Thanks Tim Graham for the review.
2017-01-23 19:59:33 +01:00
Claude Paroz
6e55e1d88a
Refs #23919 -- Replaced six.reraise by raise
2017-01-22 20:08:04 +01:00
Tim Graham
d170c63351
Refs #23919 -- Removed misc references to Python 2.
2017-01-21 20:02:00 -05:00
Mariusz Felisiak
c22212220a
Refs #23919 -- Removed re.U and re.UNICODE (default on Python 3).
2017-01-21 14:28:16 -05:00
Tim Graham
9e6e32bf5d
Refs #23919 -- Removed django.utils.decorators.available_attrs() usage.
...
It's only needed to workaround a bug on Python 2.
2017-01-21 13:20:17 -05:00
Claude Paroz
042b7350a0
Refs #23919 -- Removed unneeded str() calls
2017-01-20 14:13:55 +01:00
Tim Graham
4e729feaa6
Refs #23919 -- Removed django.utils._os.upath()/npath()/abspathu() usage.
...
These functions do nothing on Python 3.
2017-01-20 08:01:02 -05:00
Claude Paroz
dc8834cad4
Refs #23919 -- Removed unneeded force_str calls
2017-01-20 08:44:31 +01:00
Tim Graham
d29fd3f9a6
Fixed django/utils/http.py comment typo.
2017-01-19 13:21:54 -05:00
Tim Graham
d4bb37593e
Refs #23919 -- Removed obsolete compare_digest() and pbkdf2() implementations.
2017-01-19 11:55:23 -05:00
Chillar Anand
41e0033caf
Refs #23919 -- Removed usage of django.utils.decorators.ContextDecorator.
2017-01-19 11:28:30 -05:00
Simon Charette
4c5ed3e683
Refs #23919 -- Removed __nonzero__() methods (for Python 2).
...
Thanks Tim for the review.
2017-01-19 11:26:26 -05:00
Simon Charette
cecc079168
Refs #23919 -- Stopped inheriting from object to define new style classes.
2017-01-19 08:39:46 +01:00
Aymeric Augustin
eb422e476f
Refs #23919 -- Removed obsolete __ne__() methods.
...
__ne__() defaults to the opposite of __eq__() on Python 3
when it doesn't return NotImplemented.
2017-01-18 21:44:00 -05:00
Aymeric Augustin
3cc5f01d9b
Refs #23919 -- Stopped using django.utils.lru_cache().
2017-01-18 21:42:40 -05:00
Claude Paroz
2b281cc35e
Refs #23919 -- Removed most of remaining six usage
...
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
Claude Paroz
7b2f2e74ad
Refs #23919 -- Removed six.<various>_types usage
...
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
Claude Paroz
c716fe8782
Refs #23919 -- Removed six.PY2/PY3 usage
...
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
Tim Graham
f847308200
Advanced deprecation warnings for Django 2.0.
2017-01-17 20:52:05 -05:00
Tim Graham
60ca37d2e5
Refs #24046 -- Removed mark_for_escaping() per deprecation timeline.
2017-01-17 20:52:04 -05:00
Tim Graham
eba093e8b0
Refs #25847 -- Removed support for User.is_(anonymous|authenticated) as methods.
...
Per deprecation timeline.
2017-01-17 20:52:03 -05:00
Tim Graham
9d304b26cf
Refs #20223 -- Removed deprecated django.utils.functional.allow_lazy().
2017-01-17 20:52:02 -05:00
Tim Graham
75cf9b5ac0
Refs #13110 -- Removed SyndicationFeed.add_item()'s enclosure argument.
...
Per deprecation timeline.
2017-01-17 20:52:01 -05:00
Tim Graham
c6de8cca20
Refs #24728 - Removed Atom1Feed/RssFeed mime_type attribute.
...
Per deprecation timeline.
2017-01-17 20:52:00 -05:00
Jinank Jain
f4c0eec713
Fixed #27699 -- Added negative timedelta support to parse_duration()
2017-01-14 11:17:54 +01:00
vinay karanam
6128c1736d
Refs #27637 -- Fixed timesince, timeuntil on New Year's Eve in a leap year.
2017-01-02 08:40:44 -05:00
Anton Samarchyan
5cf4894836
Fixed #27628 -- Fixed unarchiving a file without permission data.
2016-12-28 19:14:58 -05:00
Aleksi Häkli
f6671c5d78
Fixed #27647 -- Fixed Windows segmentation fault in runserver autoreload.
2016-12-28 08:04:09 -05:00
Tim Graham
51cde873d9
Fixed #27648 -- Deprecated (iLmsu) regex groups in url() patterns.
2016-12-27 15:59:13 -05:00
Mariusz Felisiak
3e5c5e6754
Fixed #27637 -- Fixed timesince, timeuntil in leap year edge case.
2016-12-27 09:29:11 -05:00
Jaap Roes
3188b49ee2
Fixed #25753 -- Made get_format() cache the formats from Django settings
2016-12-21 17:40:08 +01:00
Michael Lelyakin
fb1349ce8c
Used ternary if/else in utils.lorem_ipsum.words().
2016-12-14 17:36:34 -05:00
Mariusz Felisiak
8e3a72f4fb
Fixed #27583 -- Fixed MultiValueDict.getlist() crash when values for key is None.
...
Restored the behavior before 727d7ce6cb
.
2016-12-09 15:31:52 -05:00
Anton Samarchyan
d0112cf930
Fixed #26494 -- Made Archive.extract() preserve file permissions.
2016-12-06 08:28:36 -05:00
Keda87
48826aa541
Fixed #27546 -- Removed hardcoded class names in __repr__() methods.
2016-12-01 08:11:09 -05:00
Adam Chainz
71609a5b90
Fixed #27555 -- Removed django.utils.functional.lazy_property.
2016-11-29 19:01:12 -05:00
Tim Graham
2e5fbe889f
Cleaned up some __getstate__() docstrings.
2016-11-23 09:45:21 -05:00
Ramin Farajpour Cami
0a63ef3f61
Fixed #27463 -- Fixed E741 flake8 warnings.
2016-11-14 17:40:28 -05:00
Ramin Farajpour Cami
967be82443
Fixed E305 flake8 warnings.
2016-11-14 12:30:46 -05:00
Tim Graham
6072de727f
Decorated a few functions.
2016-11-14 12:20:44 -05:00
Joachim Jablon
fd78fb82d6
Fixed #27138 -- Restored pre-Python 3.6 behavior of localtime() and make_naive() on Python 3.6.
...
Reverted test changes in a7a7ecd2b0
and
e43ea36b76
(refs #27025 ).
2016-11-07 19:07:18 -05:00
Carl Meyer
7107b6ff0f
Fixed #27454 -- Skipped gettext calls for apps without a locale dir.
2016-11-07 09:59:13 +01:00
Krzysztof Urbaniak
a01d887a3a
Fixed #27063 -- Prevented i18n_patterns() from using too much of the URL as the language.
2016-10-31 14:32:01 -04:00
Tim Graham
414ad25b09
Fixed #27327 -- Simplified time zone handling by requiring pytz.
2016-10-27 08:53:20 -04:00
Claude Paroz
d75c2ccaa0
Removed note about obsolete Python version
2016-10-20 16:39:14 +02:00
Kevin Christopher Henry
9108696a75
Refs #19705 -- Changed gzip modification times to 0.
...
This makes gzip output deterministic, which allows
ConditionalGetMiddleware to reliably compare ETags on gzipped
content (views using the gzip_page() decorator in particular).
2016-10-14 07:41:42 -04:00
Kevin Christopher Henry
bd7237d7ec
Fixed #19705 -- Set proper headers on conditional Not Modified responses.
2016-10-12 14:43:25 -04:00
Nick Pope
a346a88d46
Added missing roles/options to parse_color_setting()'s docstring.
2016-10-11 10:39:32 -04:00
Denis Cornehl
a840710e1e
Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware.
2016-10-10 14:55:59 -04:00
Reto Aebersold
3ab55c1a8a
Fixed #27309 -- Added CallableBool.__hash__().
2016-10-04 07:44:19 -04:00
Claude Paroz
fa2f55cfd5
Refs #26940 -- Re-allowed makemessages without settings
...
Thanks Tim Graham for the review.
2016-10-01 14:57:16 +02:00
Rinat Khabibiev
9e07a9b5fe
Fixed #27226 -- Removed patch_response_headers()'s setting of the Last-Modified header.
2016-09-28 09:09:09 -04:00
Sergey Fursov
6709ea4ae9
Fixed #27271 -- Fixed a crash in runserver logging.
...
Allowed ServerFormatter to handle simple string messages or messages with
formatting arguments. The formatter will set the server_time variable on
the log record if it's required by the format string but wasn't passed in
extra parameters.
2016-09-27 09:46:07 -04:00
Jon Dufresne
4ff389dcdc
Removed unused regexes from django.utils.html.
...
Last uses removed in commit 8b81dee60c
.
2016-09-23 11:24:50 -07:00
Tim Graham
8119b679eb
Refs #27025 -- Fixed "invalid escape sequence" warnings in Python 3.6.
...
http://bugs.python.org/issue27364
2016-09-17 15:44:06 -04:00
Kevin Christopher Henry
22e303887b
Refs #27083 -- Updated conditional header comparison to match RFC 7232.
2016-09-16 15:45:53 -04:00
Jani Tiainen
727d7ce6cb
Fixed #27198 -- Made MultiValueDict.getlist() return a new list to prevent mutation.
2016-09-16 15:16:18 -04:00
Kevin Christopher Henry
4ef0e019b7
Fixed #27083 -- Added support for weak ETags.
2016-09-10 08:14:52 -04:00
Jon Dufresne
f227b8d15d
Refs #26956 -- Allowed is_safe_url() to validate against multiple hosts
2016-09-07 19:56:25 -07:00
Jon Dufresne
ff1e7b4eb4
Fixed #25181 -- Added localdate() function to get date in a different time zone.
...
Thanks Konrad Świat for the original patch.
2016-08-31 17:19:33 -07:00
Olexander Yermakov
b7fb608142
Fixed #27154 -- Allowed comparing CallableBool with bitwise or.
...
Thanks Tim for the review.
2016-08-31 08:27:37 -04:00
Mattias Loverot
2315114090
Fixed #27067 -- Deprecated string_concat() in favor of format_lazy().
2016-08-25 16:12:40 -04:00
Mattias Loverot
9aaeec337e
Fixed #26866 -- Added format_lazy function
...
Added format_lazy function to django.utils.text module.
Useful when dealing with relative complex lazy string concatenations
(e.g. in urls.py when translating urls in regular expressions).
2016-08-24 18:18:17 +02:00
Przemysław Suliga
5e5a17028f
Fixed #26902 -- Allowed is_safe_url() to require an https URL.
...
Thanks Andrew Nester, Berker Peksag, and Tim Graham for reviews.
2016-08-19 18:51:33 -04:00
Claude Paroz
5fb22b4d4c
Fixed #27034 -- Made makemessages independent of USE_I18N
...
Thanks Tim Graham for the review.
2016-08-11 21:16:19 +02:00
Ville Skyttä
a2fb2b3a1f
Fixed #27020 -- Used a context manager to close files.
2016-08-04 19:45:14 -04:00
Tim Graham
54afa960d1
Fixed #26988 -- Improved/clarified User.is_authenticated/anonymous compatibility.
...
Thanks marktranchant for the report and review.
2016-08-02 11:01:08 -04:00
Will Hardy
8ef78b8165
Fixed #26656 -- Added duration (timedelta) support to DjangoJSONEncoder.
2016-07-14 13:34:15 -04:00
jasisz
b5a1c3a6f5
Fixed #25920 -- Added support for non-uniform NUMBER_GROUPING.
2016-06-22 17:28:49 -04:00
Carl Meyer
7d1b69dbe7
Refs #26601 -- Improved backwards-compatibility of DEP 5 middleware exception handling.
2016-06-17 10:00:39 -07:00
Vytis Banaitis
57eb17b8c7
Fixed #26746 -- Fixed handling of zero priority in Accept-Language header parsing.
2016-06-13 07:58:25 -04:00
Vytis Banaitis
f1b38842af
Fixed #26744 -- Fixed a typo in regex for Accept-Language header parsing.
2016-06-11 21:32:56 -04:00
Thejaswi Puthraya
c8d2120b06
Fixed #26705 -- Fixed plural versions of languages not supported by Django.
2016-06-08 16:17:17 -04:00
Scott Vitale
be729b6120
Fixed #10107 -- Allowed using mark_safe() as a decorator.
...
Thanks ArcTanSusan for the initial patch.
2016-06-07 12:24:03 -04:00
Chesco Igual
ffd18732f3
Fixed #24781 -- Fixed repr() for lazy objects.
2016-06-04 19:13:00 -04:00
Ketan Bhatt
f31fbbae1a
Fixed #26653 -- Made SyndicationFeed.latest_post_date() return time in UTC.
2016-05-30 18:36:15 -04:00
Tim Graham
6f520bf7d8
Added RemovedInDjango21Warning
2016-05-28 21:12:39 -04:00
Florian Apolloner
9baf692a58
Fixed #26601 -- Improved middleware per DEP 0005.
...
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Andre Cruz
929684d6ee
Fixed #21231 -- Enforced a max size for GET/POST values read into memory.
...
Thanks Tom Christie for review.
2016-05-12 10:17:52 -04:00
Tim Graham
2f0e0eee45
Fixed #24046 -- Deprecated the "escape" half of utils.safestring.
2016-05-10 12:46:47 -04:00
Claude Paroz
c3e1086949
Stopped truncating AdminEmailHandler message subjects
...
Refs #26572 , #17281 . The RFC doesn't limit total length, just the line length
which is already taken care of by Python itself.
Thanks Tim Graham for the review.
2016-05-10 18:17:43 +02:00
Vasiliy Faronov
31e0314979
Fixed #26580 -- Updated references to obsolete RFC 2822.
...
Didn't rename django.utils.feedgenerator.rfc2822_date()
as some external code may rely on it.
2016-05-10 11:24:51 -04:00
Vasiliy Faronov
ac77c55bc5
Fixed #26567 -- Updated references to obsolete RFC2616.
...
Didn't touch comments where it wasn't obvious that the code adhered to
the newer standard.
2016-05-03 11:14:40 -04:00
Marko Benko
45c7acdc50
Fixed #26281 -- Added a helpful error message for an invalid format specifier to dateformat.format().
2016-04-20 20:13:52 -04:00
Jeremy Lainé
c1aec0feda
Fixed #25847 -- Made User.is_(anonymous|authenticated) properties.
2016-04-09 14:54:18 -04:00
Tim Graham
df8d8d4292
Fixed E128 flake8 warnings in django/.
2016-04-08 09:51:06 -04:00
Tim Graham
3913a56558
Removed unused django.utils.http.PROTOCOL_TO_PORT.
...
Unused since b0c56b895f
.
2016-04-06 12:29:20 -04:00
Tim Graham
2cd2d18851
Fixed W503 flake8 warnings.
2016-04-04 17:14:26 -04:00
Tim Graham
2c125bded1
Refs #18239 -- Removed an obsolete workaround for bugs in HTMLParser.
2016-03-26 12:48:29 -04:00
Amine Yaiche
32c8e43ef1
Fixed #26378 -- Allowed a left byte of zero in mixed IPv4/IPv6 validation.
2016-03-23 08:18:29 -04:00
Claude Paroz
11c60b5298
Reused the DjangoTranslation class for the javascript_catalog view
...
Thanks Tim Graham and Cristiano Coelho for the reviews.
Refs #26328 , #26319 .
2016-03-08 21:39:59 +01:00
Claude Paroz
552f03869e
Added safety to URL decoding in is_safe_url() on Python 2
...
The errors='replace' parameter to force_text altered the URL before checking
it, which wasn't considered sane. Refs 24fc935218
and ada7a4aef
.
2016-03-04 23:33:35 +01:00
Claude Paroz
ada7a4aefb
Fixed #26308 -- Prevented crash with binary URLs in is_safe_url()
...
This fixes a regression introduced by c5544d2892
.
Thanks John Eskew for the reporti and Tim Graham for the review.
2016-03-04 21:14:14 +01:00
Mark Striemer
c5544d2892
Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.
...
This is a security fix.
2016-03-01 11:25:28 -05:00
Nick Malakhov
ee69789f45
Fixed #26269 -- Prohibited spaces in is_valid_ipv6_address().
2016-02-25 18:52:50 -05:00