Commit Graph

47 Commits

Author SHA1 Message Date
Andre Cruz 929684d6ee Fixed #21231 -- Enforced a max size for GET/POST values read into memory.
Thanks Tom Christie for review.
2016-05-12 10:17:52 -04:00
Tim Graham 086510fde0 Removed HTTP prefixed CONTENT_TYPE/LENGTH headers in MultiPartParser.
The docs say that these headers always appear without the HTTP_ prefix.
This may have been an oversight when they were added in
d725cc9734, the only commit that uses
these names.
2016-05-06 10:30:03 -04:00
Tim Graham ead21a1949 Refs #22897 -- Removed unneeded empty string QueryDict argument. 2016-05-03 12:04:08 -04:00
John-Mark Bell 4b129ac81f Fixed #26325 -- Made MultiPartParser ignore filenames that normalize to an empty string. 2016-03-07 13:19:39 -05:00
Tim Graham 3f2de80318 Refs #23763 -- Fixed Python 3.5 PendingDeprecationWarning in LazyStream.
Fixed "PendingDeprecationWarning: generator 'LazyStream.read.<locals>.parts'
raised StopIteration" per PEP 0479.
2015-06-17 06:55:16 -04:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Raul Cumplido ac650d02cb Fixed #24209 -- Prevented crash when parsing malformed RFC 2231 headers
Thanks Tom Christie for the report and review.
2015-01-27 20:12:22 +01:00
Jason Hobbs e1424b2370 Fixed #23397 -- Stripped whitespace from base64 during chunking
This insures the actual base64 content has a length a multiple of 4.
Also added a test case for the failure.
2014-09-13 19:06:21 +02:00
Claude Paroz b42e5ca058 Fixed #22971 -- Properly parsed RFC 2388 encoded headers
Thanks homm for the report, Cea Stapleton for patch improvements
and Ian Cordasco, Christian Schmitt and Tim Graham for the review.
2014-08-14 11:45:43 +02:00
Florian Apolloner e2efc8965e Fixed #22680 -- I/O operation on closed file.
This patch is two-fold; first it ensure that Django does close everything in
request.FILES at the end of the request and secondly the storage system should
no longer close any files during save, it's up to the caller to handle that --
or let Django close the files at the end of the request.
2014-06-11 08:57:30 +02:00
mbacho 8a9d54aa69 Fixed typo in multipartparser.py 2014-05-16 05:34:40 -04:00
Rodolfo Carvalho 0d91225892 Fixed many typos in comments and docstrings.
Thanks Piotr Kasprzyk for help with the patch.
2014-03-03 07:38:09 -05:00
Loic Bistuer 6685713869 Fixed E127 pep8 warnings. 2013-12-14 11:59:15 -05:00
Alex Gaynor c347f78cc1 Fixed all E226 violations 2013-11-03 10:08:55 -08:00
Milton Mazzarri cbc7cbbc5b Fixed flake8 E251 violations 2013-11-03 03:22:11 -06:00
Alex Gaynor fe995e6cbd Fixed the remaining E302 violations int eh django package 2013-11-02 17:37:15 -07:00
coagulant 3bc0d46a84 Fixed all E261 warnings 2013-11-02 18:20:39 -04:00
Alex Gaynor 7548aa8ffd More attacking E302 violators 2013-11-02 13:12:09 -07:00
Baptiste Mispelon 20472aa827 Fixed #21189: Cleaned up usage of bare except clauses.
Thanks to berkerpeksag for the report and to claudep
for the review.
2013-10-05 11:50:03 +02:00
Benjamin Kagia b0953dc913 Fixed #13721 -- Added UploadedFile.content_type_extra.
Thanks Waldemar Kornewald and mvschaik for work on the patch.
2013-07-11 09:11:59 -04:00
Preston Holmes d228c1192e Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation.
SuspiciousOperations have been differentiated into subclasses, and
are now logged to a 'django.security.*' logger. SuspiciousOperations
that reach django.core.handlers.base.BaseHandler will now return a 400
instead of a 500.

Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft
for review.
2013-05-25 16:27:34 -07:00
Eric Urban c278e56baf Corrected documentation on the constructor arguments of MultiPartParser 2013-05-17 19:49:33 -04:00
Aymeric Augustin 9c487b5974 Replaced an antiquated pattern.
Thanks Lennart Regebro for pointing it out.
2013-05-17 18:08:58 +02:00
konarkmodi bc4111ba68 Fixed #18003 -- Preserved tracebacks when re-raising errors.
Thanks jrothenbuhler for draft patch, Konark Modi for updates.
2013-03-19 15:42:39 -07:00
Matt Robenolt 222a956ecc Kill mx.TextTools with fire 2013-01-15 10:15:40 -08:00
Claude Paroz 2a67374b51 Fixed #19036 -- Fixed base64 uploads decoding
Thanks anthony at adsorbtion.org for the report, and johannesl for
bringing the patch up-to-date.
2012-11-17 17:25:21 +01:00
Aymeric Augustin fc10418fba Fixed #18963 -- Used a subclass-friendly pattern
for Python 2 object model compatibility methods.
2012-11-03 22:07:35 +01:00
Aymeric Augustin 095eca8dd8 Fixed #19101 -- Decoding of non-ASCII POST data on Python 3.
Thanks Claude Paroz.
2012-11-03 13:03:15 +01:00
Alex Gaynor 335a9f9cf1 Removed many uses of bare "except:", which were either going to a) silence real issues, or b) were impossible to hit. 2012-09-07 15:08:07 -04:00
Claude Paroz 0120985095 [py3] Fixed file_uploads tests 2012-08-14 23:35:12 +02:00
Claude Paroz f10a1b0641 [py3] Fixed Python 3 compatibility of http handling
* Using str() when Python 2 expects bytes and Python 3 Unicode
* Fixed reraise-ing syntax
* Fixed slicing of byte strings
2012-08-11 14:47:44 +02:00
Aymeric Augustin 5c09c59bc7 [py3] Renamed `next` to `__next__` in iterators.
See PEP 3114. `next` is retained as an alias for Python 2.
2012-08-09 14:36:05 +02:00
Aymeric Augustin c5ef65bcf3 [py3] Ported django.utils.encoding.
* Renamed smart_unicode to smart_text (but kept the old name under
  Python 2 for backwards compatibility).
* Renamed smart_str to smart_bytes.
* Re-introduced smart_str as an alias for smart_text under Python 3
  and smart_bytes under Python 2 (which is backwards compatible).
  Thus smart_str always returns a str objects.
* Used the new smart_str in a few places where both Python 2 and 3
  want a str.
2012-08-07 12:00:22 +02:00
Aymeric Augustin bdca5ea345 [py3] Replaced unicode/str by six.text_type/bytes. 2012-07-22 09:29:54 +02:00
Claude Paroz 4a103086d5 Fixed #18269 -- Applied unicode_literals for Python 3 compatibility.
Thanks Vinay Sajip for the support of his django3 branch and
Jannis Leidel for the review.
2012-06-07 18:08:47 +02:00
Claude Paroz 38408f8007 Marked bytestrings with b prefix. Refs #18269
This is a preparation for unicode literals general usage in
Django (Python 3 compatibility).
2012-05-19 17:43:34 +02:00
Claude Paroz 169b1a404c Replaced foo.next() by next(foo).
This new syntax for next() has been introduced in Python 2.6 and is
compatible with Python 3.
2012-05-10 20:15:49 +02:00
Claude Paroz 3904b74a3f Fixed #18013 -- Use the new 'as' syntax for exceptions.
Thanks Clueless for the initial patch.
Note that unittest has been purposely left out (external package only used by Python 2.6).
2012-04-29 20:57:15 +02:00
Jannis Leidel a6cd78662e Fixed #15785 -- Stopped HttpRequest.read() from reading beyond the end of a wsgi.input stream and removed some redundant code in the multipartparser. Thanks, tomchristie, grahamd and isagalaev.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16479 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-28 10:17:56 +00:00
Russell Keith-Magee 9e952be26f Fixed #16201 -- Ensure that requests with Content-Length=0 don't break the multipart parser. Thanks to albsen for the report and patch
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16353 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-10 08:39:38 +00:00
Jannis Leidel eb24b54634 Fixed #15496 -- Corrected handling of base64 file upload encoding. Thanks, gene and Claude Paroz.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16176 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-07 16:59:16 +00:00
Jacob Kaplan-Moss c40f715257 Fixed #10687: fixed request parsing when upload_handlers is empty. Thanks, Armin Ronacher.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10723 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-08 17:22:34 +00:00
Gary Wilson Jr 1f8c4ce609 Fixed #8643 -- Corrected docstrings of `MultiPartParser`, thanks KayEss.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10213 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-30 20:59:33 +00:00
Adrian Holovaty 0894ddb2bb Fixed #7848 -- Removed a bunch of code that wasn't contributing to society. Thanks, julien
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8047 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-22 03:26:25 +00:00
Jacob Kaplan-Moss c121ff4046 Fixed #7635: do a better job checking for infinite loops in multi-part MIME parsing. Thanks, Mike Axiak.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7905 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-12 20:43:15 +00:00
Jacob Kaplan-Moss 9dabd1f8ff Fixed #7651: uploading multiple files with the same name now work. Also, in order to test the problem the test client now handles uploading multiple files at once. Patch from Mike Axiak.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7858 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-07 22:06:32 +00:00
Jacob Kaplan-Moss d725cc9734 Fixed #2070: refactored Django's file upload capabilities.
A description of the new features can be found in the new [http://www.djangoproject.com/documentation/upload_handing/ upload handling documentation]; the executive summary is that Django will now happily handle uploads of large files without issues.

This changes the representation of uploaded files from dictionaries to bona fide objects; see BackwardsIncompatibleChanges for details.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7814 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-01 15:10:51 +00:00