Commit Graph

51 Commits

Author SHA1 Message Date
Tom Hacohen 1ecc0a395b Fixed #30070, CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page.
Co-Authored-By: Tim Graham <timograham@gmail.com>
2019-01-03 21:21:55 -05:00
Tim Graham 043bd70942 Updated test URL patterns to use path() and re_path(). 2018-12-31 10:47:32 -05:00
Simon Charette 0f212db29d Made reused RequestFactory instances class attributes. 2018-11-27 09:49:02 -05:00
Hasan Ramezani 11a9017179 Fixed #29966 -- Added tests for BaseHandler's "The view didn't return an HttpResponse object" error. 2018-11-23 19:19:02 -05:00
Daniel Hepper 4e016d1372 Removed obsolete BaseHandler attributes.
Unused since d334f46b7a.
2018-05-27 11:21:27 -04:00
Tim Graham cfff2af02b Fixed #27857 -- Dropped support for Python 3.4. 2017-09-25 17:11:03 -04:00
Tim Graham 6e4c6281db Reverted "Fixed #27818 -- Replaced try/except/pass with contextlib.suppress()."
This reverts commit 550cb3a365
because try/except performs better.
2017-09-07 08:16:21 -04:00
Mads Jensen 550cb3a365 Fixed #27818 -- Replaced try/except/pass with contextlib.suppress(). 2017-06-28 14:07:55 -04:00
Tim Graham 6b4f018b2b Replaced type-specific assertions with assertEqual().
Python docs say, "it's usually not necessary to invoke these methods directly."
2017-03-17 07:51:48 -04:00
amalia 2f10216f84 Fixed #27820 -- Fixed RequestDataTooBig/TooManyFieldsSent crash. 2017-02-13 16:19:03 -05:00
Jon Dufresne 3f62d20a9b Fixed running TransactionsPerRequestTests in isolation.
Caused by `contrib/auth/backends.py` changes in
cb7bbf97a7.
2017-02-04 14:19:52 -05:00
Claude Paroz dc8834cad4 Refs #23919 -- Removed unneeded force_str calls 2017-01-20 08:44:31 +01:00
Simon Charette cecc079168 Refs #23919 -- Stopped inheriting from object to define new style classes. 2017-01-19 08:39:46 +01:00
Claude Paroz 7b2f2e74ad Refs #23919 -- Removed six.<various>_types usage
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
Claude Paroz c716fe8782 Refs #23919 -- Removed six.PY2/PY3 usage
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz d7b9aaa366 Refs #23919 -- Removed encoding preambles and future imports 2017-01-18 09:55:19 +01:00
za 321e94fa41 Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings. 2016-11-10 21:30:21 -05:00
Claude Paroz 48c34f3336 Fixed #26971 -- Prevented crash with non-UTF-8 incoming PATH_INFO
Thanks Tim Graham and Loïc Bistuer for the reviews.
2016-08-23 22:40:07 +02:00
Claude Paroz 742ea51413 Refs #24829 -- Made TemplateResponse.content available sooner in exception context
Thanks Tim Graham for the initial patch.
2016-06-24 10:22:30 +02:00
Florian Apolloner 9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
David Evans 2fcafd169b Fixed #26546 -- Allowed HTTPStatus enum values for HttpResponse.status. 2016-04-29 10:55:01 -04:00
David Evans 99bb7fcc18 Fixed #26452 -- Loaded middleware on server start rather than on first request. 2016-04-04 10:12:41 -04:00
Alex Morozov 13dba4dba3 Fixed #25780 -- Removed redundant status code assertions from tests 2015-11-21 18:12:33 +01:00
Claude Paroz 10ace52a41 Fixed #17133 -- Properly handled successive slashes in incoming requests
Thanks gjanee@ucop.edu for the report and Tim Graham for the review.
2015-10-23 22:18:18 +02:00
ana-balica 2f615b10e6 Fixed #24829 -- Allowed use of TemplateResponse in view error handlers. 2015-06-17 17:11:50 -04:00
Simon Charette be67400b47 Refs #24652 -- Used SimpleTestCase where appropriate. 2015-05-20 13:46:13 -04:00
Bas Peschier 336512fae7 Fixed #23173 -- Fixed incorrect stripping of SCRIPT_URL 2015-03-08 15:48:27 +01:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Claude Paroz b38637d581 Fixed #23887 -- Returned Bad Request for multipart parsing fails
Thanks Antti Häyrynen and Tim Graham for the report, and Aymeric
Augustin for the review.
2014-11-22 14:23:37 +01:00
Anubhav Joshi 10b17a22be Fixed #19508 -- Implemented uri_to_iri as per RFC.
Thanks Loic Bistuer for helping in shaping the patch and Claude Paroz
for the review.
2014-10-16 02:31:17 +07:00
Claude Paroz 7131efa154 Adapted invalid cookie test to all Python versions
Refs #23638. Older Python versions are less strict when parsing
invalid cookie content. The test just has to ensure Django doesn't
crash.
2014-10-14 09:30:26 +02:00
Claude Paroz 59d487e7fc Fixed #23638 -- Prevented crash while parsing invalid cookie content
Thanks Philip Gatt for the report and Tim Graham for the review.
2014-10-13 17:37:58 +02:00
Joshua "jag" Ginsberg eb2af16c59 Fixed #21483 -- Added WSGI environ to kwargs sent to request_started signal. 2014-08-29 10:12:03 -04:00
Tim Graham 6f59d29158 Fixed flake8 warnings. 2014-08-20 14:37:33 -04:00
Claude Paroz fa02120d36 Fixed #22996 -- Prevented crash with unencoded query string
Thanks Jorge Carleitao for the report and Aymeric Augustin, Tim Graham
for the reviews.
2014-08-19 22:29:31 +02:00
Claude Paroz e520a73eee Harmonized some PEP 0263 coding preambles 2014-05-15 19:58:41 +02:00
Anubhav Joshi cd914e31c9 Fixed #21977 -- Deprecated SimpleTestCase.urls 2014-04-06 17:33:43 -04:00
Tim Graham d73d0e071c Fixed #22218 -- Deprecated django.conf.urls.patterns.
Thanks Carl Meyer for the suggestion and Alex Gaynor and Carl for reviews.
2014-04-03 07:28:10 -04:00
Aymeric Augustin e32095616c Imported override_settings from its new location. 2013-12-23 21:37:56 +01:00
Aymeric Augustin 6e895f9e06 Removed superfluous models.py files.
Added comments in the three empty models.py files that are still needed.

Adjusted the test runner to add applications corresponding to test
labels to INSTALLED_APPS even when they don't have a models module.
2013-12-17 11:16:48 +01:00
Jason Myers 7a61c68c50 PEP8 cleanup
Signed-off-by: Jason Myers <jason@jasonamyers.com>
2013-11-02 23:50:49 -05:00
Aymeric Augustin 65b6eff322 Fixed #20530 -- Properly decoded non-ASCII query strings on Python 3.
Thanks mitsuhiko for the report.

This commit just adds a test since the problem was fixed in 8aaca651.
2013-09-07 11:47:38 -05:00
Aymeric Augustin f5add4712f Fixed tests introduced in previous commit on Python 2. Refs #20557. 2013-09-07 10:43:44 -05:00
Aymeric Augustin 8aaca651cf Fixed #20557 -- Properly decoded non-ASCII cookies on Python 3.
Thanks mitsuhiko for the report.

Non-ASCII values are supported. Non-ASCII keys still aren't, because the
current parser mangles them. That's another bug.
2013-09-07 10:25:43 -05:00
Aymeric Augustin c6e6d4eeb7 Defined available_apps in relevant tests.
Fixed #20483.
2013-06-10 11:30:01 +02:00
Preston Holmes d228c1192e Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation.
SuspiciousOperations have been differentiated into subclasses, and
are now logged to a 'django.security.*' logger. SuspiciousOperations
that reach django.core.handlers.base.BaseHandler will now return a 400
instead of a 500.

Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft
for review.
2013-05-25 16:27:34 -07:00
Aymeric Augustin 6633eeb886 Changed API to disable ATOMIC_REQUESTS per view.
A decorator is easier to apply to CBVs. Backwards compatibility isn't an
issue here, except for people running on a recent clone of master.

Fixed a few minor problems in the transactions docs while I was there.
2013-05-19 19:53:16 +02:00
Aymeric Augustin ac37ed21b3 Deprecated TransactionMiddleware and TRANSACTIONS_MANAGED.
Replaced them with per-database options, for proper multi-db support.

Also toned down the recommendation to tie transactions to HTTP requests.
Thanks Jeremy for sharing his experience.
2013-03-11 15:04:05 +01:00
Aymeric Augustin 2ee21d9f0d Implemented persistent database connections.
Thanks Anssi Kääriäinen and Karen Tracey for their inputs.
2013-02-28 15:28:13 +01:00
Florian Apolloner 33836cf88d Renamed some tests and removed references to modeltests/regressiontests. 2013-02-26 14:36:57 +01:00