Florian Apolloner
0b79eb3691
Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.
2021-05-04 08:44:42 +02:00
Mariusz Felisiak
d4d800ca1a
Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files.
...
Thanks Claude Paroz for the initial patch.
Thanks Dennis Brinkrolf for the report.
2021-04-06 08:15:17 +02:00
aryan
11c4a4412b
Fixed #30422 -- Made TemporaryFileUploadHandler handle interrupted uploads.
...
This patch allows upload handlers to handle interrupted uploads.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-09-30 10:30:43 +02:00
aryan
21b127bfbc
Refs #30422 -- Added test for removing temporary files in MultiPartParser when StopUpload is raised.
2020-09-30 10:29:08 +02:00
Michael Brown
36db4dd937
Fixed #28132 -- Made MultiPartParser ignore filenames with trailing slash.
2020-06-11 08:46:59 +02:00
007
e65fea9292
Fixed #31293 -- Allowed MultiPartParser to handle double-quoted encoded headers.
2020-02-28 14:43:16 +01:00
Nick Pope
7552de7866
Used more specific unittest assertions in tests.
...
* assertIsNone()/assertIsNotNone() instead of comparing to None.
* assertLess() for < comparisons.
* assertIs() for 'is' expressions.
* assertIsInstance() for isinstance() expressions.
* rounding of assertAlmostEqual() for round() expressions.
* assertIs(..., True/False) instead of comparing to True/False.
* assertIs()/assertIsNot() for ==/!= comparisons.
* assertNotEqual() for == comparisons.
* assertTrue()/assertFalse() instead of comparing to True/False.
2019-10-29 12:37:30 +01:00
Jon Dufresne
95b7699ffc
Cleaned up exception message checking in some tests.
2019-03-15 19:27:57 -04:00
Jon Dufresne
290d8471bb
Fixed #30147 -- Simplified directory creation with os.makedirs(..., exist_ok=True).
2019-01-31 12:53:36 -05:00
Jon Dufresne
7785e03ba8
Fixed #30137 -- Replaced OSError aliases with the canonical OSError.
...
Used more specific errors (e.g. FileExistsError) as appropriate.
2019-01-28 11:15:06 -05:00
Mads Jensen
4167959105
Added tests for incorrect content type and size in MultiPartParser.
2018-06-12 14:42:20 -04:00
Tim Graham
fa75b2cb51
Refs #27795 -- Removed force_bytes/text() usage in tests.
2018-02-07 14:20:04 -05:00
Tim Graham
5e303836b6
Used JsonResponse and response.json in file_uploads tests.
2017-02-08 08:42:28 -05:00
Chillar Anand
6478e07a62
Refs #23919 -- Replaced tempfile.mkdtemp() with TemporaryDirectory() context manager.
2017-01-26 13:54:16 -05:00
Claude Paroz
fee42fd99e
Refs #23919 -- Replaced usage of django.utils.http utilities with Python equivalents
...
Thanks Tim Graham for the review.
2017-01-26 19:49:03 +01:00
chillaranand
d6eaf7c018
Refs #23919 -- Replaced super(ClassName, self) with super().
2017-01-25 12:23:46 -05:00
Tim Graham
632c4ffd9c
Refs #23919 -- Replaced errno checking with PEP 3151 exceptions.
2017-01-25 10:13:08 -05:00
Claude Paroz
2b281cc35e
Refs #23919 -- Removed most of remaining six usage
...
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
Claude Paroz
c716fe8782
Refs #23919 -- Removed six.PY2/PY3 usage
...
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
za
321e94fa41
Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings.
2016-11-10 21:30:21 -05:00
Tim Graham
c9ae09addf
Replaced use of TestCase.fail() with assertRaises().
...
Also removed try/except/fail antipattern that hides exceptions.
2016-06-28 11:21:26 -04:00
Florian Apolloner
9baf692a58
Fixed #26601 -- Improved middleware per DEP 0005.
...
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Tim Graham
92053acbb9
Fixed E128 flake8 warnings in tests/.
2016-04-08 10:12:33 -04:00
John-Mark Bell
4b129ac81f
Fixed #26325 -- Made MultiPartParser ignore filenames that normalize to an empty string.
2016-03-07 13:19:39 -05:00
Hasan
3d0dcd7f5a
Refs #26022 -- Used context manager version of assertRaises in tests.
2016-01-29 12:32:18 -05:00
Mingun Pak
4c912d184d
Fixed typos in test comments.
2016-01-23 12:45:25 -05:00
Dražen Odobašić
b1e33ceced
Fixed #23395 -- Limited line lengths to 119 characters.
2015-09-12 11:40:50 -04:00
Tim Graham
6e3fe089dd
Replaced six.BytesIO with io.BytesIO
2015-07-20 08:19:47 -04:00
Simon Charette
4ccfc4439a
Refs #24652 -- Fixed a test failure in file_uploads tests on Windows.
...
Thanks to Tim Graham for the report.
2015-05-25 19:09:01 -04:00
Simon Charette
be67400b47
Refs #24652 -- Used SimpleTestCase where appropriate.
2015-05-20 13:46:13 -04:00
Aymeric Augustin
a8fe12417f
Normalized usage of the tempfile module.
...
Specifically stopped using the dir argument.
2015-02-23 16:55:27 +01:00
Aymeric Augustin
934400759d
Guaranteed removal of temporary files during tests.
...
Dropped the DJANGO_TEST_TEMP_DIR environment variable.
Before this change, proper removal depended on the developer passing
dir=os.environ['DJANGO_TEST_TMP_DIR'] to tempfile functions.
2015-02-23 16:55:26 +01:00
Tim Graham
0ed7d15563
Sorted imports with isort; refs #23860 .
2015-02-06 08:16:28 -05:00
darkryder
9ec8aa5e5d
Fixed #24149 -- Normalized tuple settings to lists.
2015-02-03 14:59:45 -05:00
Raul Cumplido
ac650d02cb
Fixed #24209 -- Prevented crash when parsing malformed RFC 2231 headers
...
Thanks Tom Christie for the report and review.
2015-01-27 20:12:22 +01:00
Adam Taylor
039465a6a7
Fixed typos in code comments.
2015-01-20 12:18:03 -05:00
Tim Graham
f487a3275e
Avoided a deprecated alias on Python 3 in file_uploads test.
2015-01-07 19:12:37 -05:00
Thomas Tanner
018d110ef5
Fixed #23911 -- Added support for buffer file uploads in the test client
2014-12-04 07:42:03 -05:00
Berker Peksag
560b4207b1
Removed redundant numbered parameters from str.format().
...
Since Python 2.7 and 3.1, "{0} {1}" is equivalent to "{} {}".
2014-12-03 14:27:38 -05:00
Thomas Chaumeny
d89f56dc4d
Fixed #21281 -- Made override_settings act at class level when used as a TestCase decorator.
2014-11-03 14:14:39 -05:00
Berker Peksag
f7969b0920
Fixed #23620 -- Used more specific assertions in the Django test suite.
2014-11-03 11:56:37 -05:00
Jason Hobbs
e1424b2370
Fixed #23397 -- Stripped whitespace from base64 during chunking
...
This insures the actual base64 content has a length a multiple of 4.
Also added a test case for the failure.
2014-09-13 19:06:21 +02:00
Claude Paroz
b42e5ca058
Fixed #22971 -- Properly parsed RFC 2388 encoded headers
...
Thanks homm for the report, Cea Stapleton for patch improvements
and Ian Cordasco, Christian Schmitt and Tim Graham for the review.
2014-08-14 11:45:43 +02:00
Claude Paroz
809362518d
Created import-time test temp dirs in known location
...
Refs #17215 . In the same spirit as 5de31cb8cb
.
2014-06-23 14:54:25 +02:00
Florian Apolloner
e2efc8965e
Fixed #22680 -- I/O operation on closed file.
...
This patch is two-fold; first it ensure that Django does close everything in
request.FILES at the end of the request and secondly the storage system should
no longer close any files during save, it's up to the caller to handle that --
or let Django close the files at the end of the request.
2014-06-11 08:57:30 +02:00
Loic Bistuer
417ec4a68b
Fixed a ResourceWarning that wasn't properly fixed by the previous commit.
...
Also removed unused import in runtests.py.
2014-05-26 04:01:41 +07:00
Loic Bistuer
b7de5f5d3f
Fixed a few ResourceWarning in the test suite. Refs #22680 .
2014-05-26 03:23:17 +07:00
Alex Gaynor
2bcb8bfc8d
Fix many many typos in comments throughout the codebase
2014-04-26 10:18:45 -07:00
Anubhav Joshi
cd914e31c9
Fixed #21977 -- Deprecated SimpleTestCase.urls
2014-04-06 17:33:43 -04:00