innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
django1/django/template
History
Tim Graham 988b61c550 [1.5.x] Prevented arbitrary file inclusion with {% ssi %} tag and relative paths. 
Thanks Rainer Koirikivi for the report and draft patch.

This is a security fix; disclosure to follow shortly.

Backport of 7fe5b656c9 from master
 		2013-09-10 21:05:03 -04:00
..
loaders [py3] Always fed hashlib with bytes. 2013-02-27 10:03:33 +01:00
__init__.py Fixed #12248 -- Refactored django.template to get code out of __init__.py, to help with avoiding circular import dependencies. Thanks to Tom Tobin for the patch. 2010-11-27 05:47:30 +00:00
base.py [1.5.x] Fixed #19829 -- Fixed index lookups for NumPy arrays in templates. 2013-02-15 00:18:49 -08:00
context.py Fixed #18013 -- Use the new 'as' syntax for exceptions. 2012-04-29 20:57:15 +02:00
debug.py [py3] Ported django.utils.encoding. 2012-08-07 12:00:22 +02:00
defaultfilters.py [1.5.x] Fixed #19370 -- Made date filter properly handle midnight value 2012-11-27 21:25:21 +01:00
defaulttags.py [1.5.x] Prevented arbitrary file inclusion with {% ssi %} tag and relative paths. 2013-09-10 21:05:03 -04:00
loader.py [py3] Replaced basestring by six.string_types. 2012-07-22 09:29:54 +02:00
loader_tags.py [py3] Fixed access to dict keys/values/items. 2012-08-07 12:00:22 +02:00
response.py [1.5.x] Fixed #19262 -- Support cookie pickling in SimpleTemplateResponse 2012-11-09 21:11:36 +01:00
smartif.py IfParser.next() method renamed to avoid confusion with iterator protocol. 2012-06-14 23:12:15 +01:00