p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
29,299 Commits 28 Branches 411 Tags 641 MiB
Commit Graph

4 Commits

Author SHA1 Message Date
Carlton Gibson a937d7f214 [3.2.x] Refs CVE-2021-31542 -- Skipped mock AWS storage test on Windows. 
The validate_file_name() sanitation introduced in
0b79eb3691 correctly rejects the example
file name as containing path elements on Windows. This breaks the test
introduced in 914c72be2a to allow path
components for storages that may allow them.

Test is skipped pending a discussed storage refactoring to support this
use-case.

Backport of a708f39ce6 from main
 2021-05-06 07:42:21 +02:00
Florian Apolloner c98f446c18 [3.2.x] Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads. 2021-05-04 08:43:52 +02:00
Tim Graham 0dfc5479a8 Refs #26058 -- Removed deprecated FileField.get_directory_name()/get_filename(). 2017-01-17 20:52:04 -05:00
Cristiano 914c72be2a Fixed #26058 -- Delegated os.path bits of FileField's filename generation to the Storage. 2016-04-30 17:22:40 -04:00