Tim Graham
fedda6d9bd
Refs #23919 -- Removed Python 2 version check in django.http.cookie.
2017-01-19 20:06:03 -05:00
Simon Charette
cecc079168
Refs #23919 -- Stopped inheriting from object to define new style classes.
2017-01-19 08:39:46 +01:00
Claude Paroz
2b281cc35e
Refs #23919 -- Removed most of remaining six usage
...
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
Claude Paroz
7b2f2e74ad
Refs #23919 -- Removed six.<various>_types usage
...
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
Claude Paroz
c716fe8782
Refs #23919 -- Removed six.PY2/PY3 usage
...
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
roboslone
544b2ef29f
Fixed #27640 -- Fixed HttpResponse's __repr__() without a 'Content-Type' header.
2016-12-27 14:42:58 -05:00
Jerome Leclanche
a849ec1880
Fixed #27606 -- Fixed HttpResponseRedirect.__repr__() crash when DisallowedRedirect is raised.
2016-12-19 10:01:03 -05:00
Vinay Karanam
4a246a02bd
Refs #17235 -- Made MultiPartParser leave request.POST immutable.
2016-12-07 08:28:46 -05:00
Anton Samarchyan
05d2c5a66d
Fixed #27181 -- Allowed contrib.sites to match domains with trailing ".".
2016-11-29 18:17:10 -05:00
PREMANAND
371adc472a
Fixed #27156 -- Made changing HttpRequest.encoding clear GET.
2016-11-17 12:46:42 -05:00
Ramin Farajpour Cami
967be82443
Fixed E305 flake8 warnings.
2016-11-14 12:30:46 -05:00
Tim Graham
7fe2d8d940
Fixed CVE-2016-9014 -- Validated Host header when DEBUG=True.
...
This is a security fix.
2016-11-01 09:30:57 -04:00
Claude Paroz
2ced2f785d
Replaced smart_* by force_* calls whenever possible
...
The smart_* version should only be used when a lazy string should keep
its lazy status.
2016-09-03 13:46:41 +02:00
Ryan Allen
190d2ff4a7
Fixed #27153 -- Added validation for HttpResponse status.
2016-08-30 21:59:43 -04:00
Tim Graham
ff0a5aff4f
Fixed #27046 -- Supported IPv6-formatted IPv4 addresses in host validation.
...
Thanks LaMont Jones for the report and patch.
2016-08-11 13:54:39 -04:00
Tim Graham
5c63b3e5a7
Fixed #27005 -- Fixed crash if request.META[''CONTENT_LENGTH']=''.
2016-08-03 13:12:40 -04:00
Ville Skyttä
96f97691ad
Fixed broken links in docs and comments.
2016-06-15 21:20:23 -04:00
wim glenn
5ebebd1159
Fixed #26707 -- Added QueryDict.fromkeys()
2016-06-06 08:54:25 -04:00
Jon Dufresne
a8f957797d
Fixed comment typo in multiparser.py
2016-06-05 16:36:59 -04:00
Asif Saifuddin Auvi
dc88516e5b
Made style improvements to multipartparser.py
2016-06-04 11:06:25 -04:00
Andre Cruz
929684d6ee
Fixed #21231 -- Enforced a max size for GET/POST values read into memory.
...
Thanks Tom Christie for review.
2016-05-12 10:17:52 -04:00
Tim Graham
086510fde0
Removed HTTP prefixed CONTENT_TYPE/LENGTH headers in MultiPartParser.
...
The docs say that these headers always appear without the HTTP_ prefix.
This may have been an oversight when they were added in
d725cc9734
, the only commit that uses
these names.
2016-05-06 10:30:03 -04:00
Tim Graham
ead21a1949
Refs #22897 -- Removed unneeded empty string QueryDict argument.
2016-05-03 12:04:08 -04:00
Tim Graham
bb0b4b705b
Fixed #26052 -- Moved conditional_content_removal() processing to the test client.
2016-04-25 07:56:07 -04:00
Tim Graham
df8d8d4292
Fixed E128 flake8 warnings in django/.
2016-04-08 09:51:06 -04:00
Collin Anderson
93a135d111
Fixed #26158 -- Rewrote http.parse_cookie() to better match browsers.
2016-03-15 12:24:06 -04:00
Tim Graham
59df07738c
Simplified _cookie_allows_colon_in_names condition.
2016-03-14 18:58:49 -04:00
Tim Graham
2f81f466a8
Removed a workaround for a cookie encoding bug [1] in Python < 2.7.2.
...
[1] http://bugs.python.org/issue9824
2016-03-14 18:58:49 -04:00
John-Mark Bell
4b129ac81f
Fixed #26325 -- Made MultiPartParser ignore filenames that normalize to an empty string.
2016-03-07 13:19:39 -05:00
Curtis Maloney
6f1318734f
Fixed #26014 -- Added WSGIRequest content_type and content_params attributes.
...
Parsed the CONTENT_TYPE header once and recorded it on the request.
2016-02-10 18:19:23 -05:00
userimack
60586dd737
Fixed #26125 -- Fixed E731 flake warnings.
2016-01-25 14:23:43 -05:00
Johannes Hoppe
5233b70070
Fixed #25725 -- Made HttpReponse immediately close objects.
2015-12-14 12:46:48 -05:00
Raphael Merx
0a19f8d4fc
Fixed #25644 -- Fixed reset cookie expiry date bug.
...
Setting a cookie with the same name as a previously deleted cookie
would set its expiry date to 'Thu, 01-Jan-1970 00:00:00 GMT'.
2015-11-18 07:47:40 -05:00
Jon Dufresne
05248a1009
Fixed #25576 -- Added IOBase methods required by TextIOWrapper to HttpResponse.
2015-10-21 10:42:29 -04:00
Matt Robenolt
b0c56b895f
Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN.
...
Thanks Seth Gottlieb for help with the documentation and
Carl Meyer and Joshua Kehn for reviews.
2015-09-16 12:21:50 -04:00
Vlastimil Zíma
cf29b6b561
Fixed #25099 -- Fixed crash in AdminEmailHandler on DisallowedHost.
2015-09-04 09:24:21 -04:00
Maxime Lorant
5153a3bfdc
Fixed #25331 -- Removed trailing blank lines in docstrings.
2015-08-31 17:37:21 -04:00
Sambhav Satija
d0bd533043
Fixed #25254 -- Added JsonResponse json_dumps_params parameter.
2015-08-12 10:39:07 -04:00
Matt Robenolt
4dcfbd7923
Fixed #25211 -- Added HttpRequest.get_port() and USE_X_FORWARDED_PORT setting.
2015-08-04 09:50:57 -04:00
Keryn Knight
c96f11257b
Refs #24121 -- Added meaningful repr() to HttpResponse and subclasses.
2015-07-15 09:01:25 -04:00
Vlastimil Zíma
8f8c54f70b
Fixed #25099 -- Cleaned up HttpRequest representations in error reporting.
2015-07-13 19:22:39 -04:00
Tim Graham
7da3923ba0
Sorted imports in __init__.py files.
2015-06-27 11:53:33 -04:00
Tim Graham
3f2de80318
Refs #23763 -- Fixed Python 3.5 PendingDeprecationWarning in LazyStream.
...
Fixed "PendingDeprecationWarning: generator 'LazyStream.read.<locals>.parts'
raised StopIteration" per PEP 0479.
2015-06-17 06:55:16 -04:00
Piotr Jakimiak
4157c502a5
Removed unnecessary arguments in .get method calls
2015-05-13 20:51:18 +02:00
Bas Peschier
9128762f16
Fixed #19910 -- Added slash to i18n redirect if APPEND_SLASH is set.
...
This introduces a force_append_slash argument for request.get_full_path()
which is used by RedirectFallbackMiddleware and CommonMiddleware when
handling redirects for settings.APPEND_SLASH.
2015-03-26 09:26:55 -04:00
Claude Paroz
a0c2eb46dd
Fixed #23960 -- Removed http.fix_location_header
...
Thanks Carl Meyer for the report and Tim Graham for the review.
2015-03-18 18:22:50 +01:00
Jon Dufresne
d861f95c44
Fixed #24139 -- Changed HttpResponse.reason_phrase to evaluate based on status_code.
2015-03-12 20:18:06 -04:00
Rik
ccff08c194
Fixed #24463 -- Removed mod_python functionality from HttpRequest._get_scheme()
2015-03-11 14:35:25 -04:00
Claude Paroz
efb1f99f94
Fixed #20889 -- Prevented BadHeaderError when Python inserts newline
...
Workaround for http://bugs.python.org/issue20747 .
In some corner cases, Python 2 inserts a newline in a header value
despite `maxlinelen` passed in Header constructor.
Thanks Tim Graham for the review.
2015-02-19 20:18:31 +01:00
Tim Graham
0ed7d15563
Sorted imports with isort; refs #23860 .
2015-02-06 08:16:28 -05:00
Matthew Somerville
250aa7c39b
Fixed #24240 -- Allowed GZipping a Unicode StreamingHttpResponse
...
make_bytes() assumed that if the Content-Encoding header is set, then
everything had already been dealt with bytes-wise, but in a streaming
situation this was not necessarily the case.
make_bytes() is only called when necessary when working with a
StreamingHttpResponse iterable, but by that point the middleware has
added the Content-Encoding header and thus make_bytes() tried to call
bytes(value) (and dies). If it had been a normal HttpResponse,
make_bytes() would have been called when the content was set, well
before the middleware set the Content-Encoding header.
This commit removes the special casing when Content-Encoding is set,
allowing unicode strings to be encoded during the iteration before they
are e.g. gzipped. This behaviour was added a long time ago for #4969 and
it doesn't appear to be necessary any more, as everything is correctly
made into bytes at the appropriate places.
Two new tests, to show that supplying non-ASCII characters to a
StreamingHttpResponse works fine normally, and when passed through the
GZip middleware (the latter dies without the change to make_bytes()).
Removes the test with a nonsense Content-Encoding and Unicode input - if
this were to happen, it can still be encoded as bytes fine.
2015-02-03 18:18:12 +01:00
Jon Dufresne
24b2bc635e
Fixed #24137 -- Switched to HTTP reason phrases from Python stdlib.
2015-01-28 06:59:40 -05:00
Raul Cumplido
ac650d02cb
Fixed #24209 -- Prevented crash when parsing malformed RFC 2231 headers
...
Thanks Tom Christie for the report and review.
2015-01-27 20:12:22 +01:00
Collin Anderson
a9aec1154e
Closed files in FileResponse; refs #24072
2015-01-05 14:54:55 -05:00
Collin Anderson
3d2cae0896
Fixed #24072 -- Added FileResponse for streaming binary files.
2015-01-05 10:51:52 -05:00
Sergey Parkhomenko
059c9ab24c
Fixed #23977 -- Added setdefault() method to HttpResponse
2014-12-11 13:56:56 -05:00
Jon Dufresne
4468c08d70
Fixed #23968 -- Replaced list comprehension with generators and dict comprehension
2014-12-08 07:58:23 -05:00
Matt Robenolt
80facd7a0f
Removed unused variable django.http.request.absolute_http_url_re
2014-11-24 07:01:55 -05:00
Berker Peksag
788fa9fffa
Fixed #12098 -- Simplified HttpRequest.__repr__().
2014-11-20 08:45:11 -05:00
Tim Graham
42b5e4feea
Fixed #23730 -- Moved support for SimpleCookie HIGHEST_PROTOCOL pickling to http.cookie.
...
This fix is necessary for Python 3.5 compatibility (refs #23763 ).
Thanks Berker Peksag for review.
2014-11-12 19:04:45 +01:00
Michael Kelly
ebc8e79cf3
Fixed #18523 -- Added stream-like API to HttpResponse.
...
Added getvalue() to HttpResponse to return the content of the response,
along with a few other methods to partially match io.IOBase.
Thanks Claude Paroz for the suggestion and Nick Sanford for review.
2014-11-03 12:29:19 -05:00
Unai Zalakain
c548c8d0d1
Fixed #18456 -- Added path escaping to HttpRequest.get_full_path().
2014-11-03 07:59:19 -05:00
Jason Hobbs
e1424b2370
Fixed #23397 -- Stripped whitespace from base64 during chunking
...
This insures the actual base64 content has a length a multiple of 4.
Also added a test case for the failure.
2014-09-13 19:06:21 +02:00
Tim Graham
1101467ce0
Limited lines to 119 characters in django/
...
refs #23395 .
2014-09-05 09:22:16 -04:00
Unai Zalakain
5f2542f12a
Fixed #10190 -- Made HttpResponse charset customizable.
...
Thanks to Simon Charette, Aymeric Augustin, and Tim Graham
for reviews and contributions.
2014-08-19 17:34:38 -04:00
Claude Paroz
fa02120d36
Fixed #22996 -- Prevented crash with unencoded query string
...
Thanks Jorge Carleitao for the report and Aymeric Augustin, Tim Graham
for the reviews.
2014-08-19 22:29:31 +02:00
Collin Anderson
230393e5e8
Fixed #23295 -- Removed unnecessary fix_location_header request.get_host() check.
2014-08-15 14:59:36 -04:00
Claude Paroz
b42e5ca058
Fixed #22971 -- Properly parsed RFC 2388 encoded headers
...
Thanks homm for the report, Cea Stapleton for patch improvements
and Ian Cordasco, Christian Schmitt and Tim Graham for the review.
2014-08-14 11:45:43 +02:00
qingfeng
0d23450e81
Fixed #19802 -- Fixed HttpResponse.set_cookie() with unicode data on Python 2.
...
Thanks django at patrickbregman.eu for the report.
2014-08-03 12:50:25 -04:00
Daniel Hahler
fff7b507ef
Added a space before explanation of "Invalid HTTP_HOST header: ..."
2014-07-05 20:18:52 -04:00
Duncan Parkes
fd4ccd045c
Fixed #22799 -- Made GET and POST on HttpRequest QueryDicts, and FILES a MultiValueDict.
...
Previously, GET, POST, and FILES on an HttpRequest were created in
the __init__ method as dictionaries. This was not something you would
usually notice causing trouble in production as you'd only see a
WSGIRequest, but in testing using the test client, calling .getlist
on GET, POST, or FILES for a request with no get/post data resulted in
an AttributeError.
Changed GET and POST on an HttpRequest object to be mutable
QueryDicts (mutable because the Django tests, and probably many
third party tests, were expecting it).
2014-06-24 22:03:22 -04:00
Duncan Parkes
d68987ae25
Fixed #22897 -- Made QueryDict query_string argument optional.
...
Now QueryDict() is equivalent to QueryDict('') or QueryDict(None).
2014-06-24 22:02:03 -04:00
Duncan Parkes
7f4e2ef1e9
Improved documentation for QueryDict.
2014-06-24 21:40:21 -04:00
Yazhong Liu
97adfc2bf8
Added HTTP 308 status and its description.
2014-06-20 13:35:59 -04:00
Florian Apolloner
e2efc8965e
Fixed #22680 -- I/O operation on closed file.
...
This patch is two-fold; first it ensure that Django does close everything in
request.FILES at the end of the request and secondly the storage system should
no longer close any files during save, it's up to the caller to handle that --
or let Django close the files at the end of the request.
2014-06-11 08:57:30 +02:00
Unai Zalakain
11284a63d4
Fixed #18314 -- Corrected request.build_absolute_uri() handling of paths starting with //
...
``HttpRequest.build_absolute_uri()`` now correctly handles paths starting with ``//``.
``WSGIRequest`` now doesn't remove all the leading slashes either,
because ``http://test/server `` and http://test//server `` aren't the same thing
(RFC2396).
Thanks to SmileyChris for the initial patch.
2014-06-07 08:59:02 -04:00
mbacho
8a9d54aa69
Fixed typo in multipartparser.py
2014-05-16 05:34:40 -04:00
Aymeric Augustin
3800f63721
Dropped fix_IE_for_vary/attach.
...
This is a security fix. Disclosure following shortly.
2014-05-14 10:19:48 +02:00
Alex Gaynor
2bcb8bfc8d
Fix many many typos in comments throughout the codebase
2014-04-26 10:18:45 -07:00
Tim Graham
981b864fbd
Replaced urllib/urlparse imports with from django.utils.six.moves.
2014-03-31 07:54:22 -04:00
Rodolfo Carvalho
0d91225892
Fixed many typos in comments and docstrings.
...
Thanks Piotr Kasprzyk for help with the patch.
2014-03-03 07:38:09 -05:00
Lukasz Balcerzak
0242134d32
Fixed #17942 -- Added a JsonResponse class to more easily create JSON encoded responses.
...
Thanks leahculver for the suggestion and Erik Romijn,
Simon Charette, and Marc Tamlyn for the reviews.
2014-02-14 18:25:19 -05:00
Martin Matusiak
63ff03c4ec
Fixed typo in docstring.
2014-01-16 22:34:35 +01:00
Loic Bistuer
6685713869
Fixed E127 pep8 warnings.
2013-12-14 11:59:15 -05:00
Christopher Medrela
7477a4ffde
Fixed E125 pep8 warnings
2013-11-28 08:50:11 -05:00
Aymeric Augustin
a480f8320a
Simplified iteration in HTTP response objects.
...
Fixed #20187 -- Allowed repeated iteration of HttpResponse.
All this became possible when support for old-style streaming responses was
finally removed.
2013-11-23 17:03:43 +01:00
Baptiste Mispelon
ceecc962ad
Fixed #21447 -- Restored code erroneously removed in 20472aa827
.
...
Also added some tests for HttpRequest.__repr__.
Note that the added tests don't actually catch the accidental code
removal (see ticket) but they do cover a codepath that wasn't tested
before.
Thanks to Tom Christie for the report and the original patch.
2013-11-16 01:09:35 +01:00
Alex Gaynor
10a09b8e60
Fixed the use of the -ise suffix, where -ize is prefered
2013-11-15 05:23:14 -08:00
Alex Gaynor
c347f78cc1
Fixed all E226 violations
2013-11-03 10:08:55 -08:00
Milton Mazzarri
cbc7cbbc5b
Fixed flake8 E251 violations
2013-11-03 03:22:11 -06:00
Alex Gaynor
fe995e6cbd
Fixed the remaining E302 violations int eh django package
2013-11-02 17:37:15 -07:00
coagulant
3bc0d46a84
Fixed all E261 warnings
2013-11-02 18:20:39 -04:00
Alex Gaynor
7548aa8ffd
More attacking E302 violators
2013-11-02 13:12:09 -07:00
Tim Graham
36ded01527
Fixed #21302 -- Fixed unused imports and import *.
2013-11-02 15:24:56 -04:00
Alex Gaynor
f2d8027c9a
Fixed up some more flake8 violations (this particular violation still has many occurrences in the tests/ dir so it can't be removed from setup.cfg yet)
2013-10-26 10:50:40 -07:00
Claude Paroz
c052699be3
Fixed #20338 -- Stripped ending dot during host validation
...
Thanks manfre for the report and Timo Graham for the review.
2013-10-24 21:24:04 +02:00
Alasdair Nicol
b289fcf1bf
Fixed #21288 -- Fixed E126 pep8 warnings
2013-10-21 08:31:30 -04:00
Alasdair Nicol
a800036981
Fixed #21287 -- Fixed E123 pep8 warnings
2013-10-18 10:07:39 +01:00
Claude Paroz
a14f087233
Fixed #21282 -- Made HttpResponse.serialize_headers accept latin-1
...
Thanks Raphaël Barrois for the report and the initial patch and
Aymeric Augustin for the review.
2013-10-17 18:14:35 +02:00