Nick Pope
8f6d431b08
[3.1.x] Fixed CVE-2021-23336 -- Fixed web cache poisoning via django.utils.http.limited_parse_qsl().
2021-02-18 10:15:30 +01:00
Mariusz Felisiak
02e6592835
[3.1.x] Fixed CVE-2021-3281 -- Fixed potential directory-traversal via archive.extract().
...
Thanks Florian Apolloner, Shai Berger, and Simon Charette for reviews.
Thanks Wang Baohua for the report.
Backport of 05413afa8c
from master.
2021-02-01 09:13:58 +01:00
Carlton Gibson
012822c7f9
[3.1.x] Fixed #32202 -- Fixed autoreloader argument generation for Windows with Python 3.7-.
...
Backport of ead37dfb58
from master
2020-11-19 12:12:47 +01:00
Tom Forbes
b830cc02ed
[3.1.x] Used temporary directory in RestartWithReloaderTests.test_manage_py().
...
Using the current directory can cause a PermissionError.
Backport of 730711e828
from master
2020-07-20 09:41:28 +02:00
Ad Timmering
c944df827f
[3.1.x] Fixed #30807 -- Fixed TestArchive.test_extract_file_permissions() when umask is 0o000.
...
Fixed test that checks permissions on files extracted from archives
with no permissions set, to not assume a default umask of 0o002.
Test regression in c95d063e77
.
Backport of ec5aa2161d
from master
2020-06-29 07:52:23 +02:00
Tom Forbes
ac7f7eab0f
[3.1.x] Fixed #31716 -- Fixed detection of console scripts in autoreloader on Windows.
...
Backport of 8a902b7ee6
from master
2020-06-18 13:04:44 +02:00
Mariusz Felisiak
0668164b4a
Fixed E128, E741 flake8 warnings.
2020-05-12 08:52:23 +02:00
Adam Johnson
d17b380653
Refs #30573 -- Rephrased "Of Course" and "Obvious(ly)" in documentation and comments.
2020-05-04 12:10:47 +02:00
Rasmus Wriedt Larsen
f6d0bd208a
Corrected opts argument of colorize in TermColorTests.test_colorize_empty_text().
2020-05-04 11:34:08 +02:00
Hasan Ramezani
f121621073
Fixed #31521 -- Skipped test_parsing_rfc850 test on 32-bit systems.
2020-04-30 06:51:47 +02:00
Jon Dufresne
505fec6bad
Capitalized Unicode in docs, strings, and comments.
2020-04-20 12:10:33 +02:00
Claude Paroz
e663f695fb
Fixed #31359 -- Deprecated get_random_string() calls without an explicit length.
2020-03-11 13:16:44 +01:00
Hasan Ramezani
bc1c034076
Fixed #28280 -- Prevented numberformat.format() from formatting large/tiny floats in scientific notation.
2020-02-26 16:02:53 +01:00
Claude Paroz
4d973f5939
Refs #26601 -- Deprecated passing None as get_response arg to middleware classes.
...
This is the new contract since middleware refactoring in Django 1.10.
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-02-18 20:03:44 +01:00
Hasan Ramezani
fc4f45ebdc
Used assertRaisesMessage() in various tests.
2020-02-07 12:46:23 +01:00
Claude Paroz
50cf183d21
Refs #27468 -- Added algorithm parameter to django.utils.crypto.salted_hmac().
2020-01-27 12:42:21 +01:00
Claude Paroz
b5a62bd17d
Refs #27468 -- Added explicit tests for django.utils.crypto.salted_hmac()
2020-01-15 12:53:21 +01:00
Sjbrgsn
b2bd08bb7a
Fixed #30892 -- Fixed slugify() and admin's URLify.js for "İ".
...
Thanks Luis Nell for the implementation idea and very detailed report.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-12-30 20:47:22 +01:00
Mads Jensen
62727e65fb
Increased test coverage of django.utils.inspect.
2019-12-27 10:08:24 +01:00
Jon Dufresne
e703b93a65
Fixed #31080 -- Removed redundant type="text/javascript" attribute from <script> tags.
2019-12-11 09:49:54 +01:00
Farhaan Bukhsh
1f817daa20
Fixed #30803 -- Allowed comma separators for milliseconds in django.utils.dateparse functions.
...
Co-Authored-By: Ben Wilber <benwilber@gmail.com>
2019-11-27 09:43:12 +01:00
Farhaan Bukhsh
42b23d1e79
Refs #30803 -- Allowed comma separators for decimal fractions in parse_duration().
2019-11-27 09:43:12 +01:00
Baptiste Mispelon
8929afb8ec
Fixed #9762 -- Made DateFormat.r() locale-independent.
...
Thanks to Antonio Melé for the original report all those years ago
and to all the contributors who helped along the way.
2019-11-22 12:41:53 +01:00
Baptiste Mispelon
76ec032712
Refs #26281 -- Added a helpful error message for an invalid "r" specifier to dateformat.format().
2019-11-22 12:32:30 +01:00
Baptiste Mispelon
18e10740a4
Refs #30990 -- Added test for 'z' date format with a leap year.
2019-11-18 11:30:18 +01:00
Jon Dufresne
edeec1247e
Passed strict=True to Path.resolve() to enforce that the path must exist.
2019-11-05 14:22:20 +01:00
Hasan Ramezani
6315a272c5
Refs #28428 -- Made filepath_to_uri() support pathlib.Path.
2019-10-30 13:13:15 +01:00
Nick Pope
7552de7866
Used more specific unittest assertions in tests.
...
* assertIsNone()/assertIsNotNone() instead of comparing to None.
* assertLess() for < comparisons.
* assertIs() for 'is' expressions.
* assertIsInstance() for isinstance() expressions.
* rounding of assertAlmostEqual() for round() expressions.
* assertIs(..., True/False) instead of comparing to True/False.
* assertIs()/assertIsNot() for ==/!= comparisons.
* assertNotEqual() for == comparisons.
* assertTrue()/assertFalse() instead of comparing to True/False.
2019-10-29 12:37:30 +01:00
Hasan Ramezani
52cb419072
Fixed #30918 -- Made timesince()/timeuntil() respect custom time strings for future and the same datetimes.
2019-10-28 12:28:18 +01:00
André Ericson
3120490912
Fixed #30876 -- Moved classproperty() decorator to the django.utils.functional.
2019-10-21 09:57:39 +02:00
Ad Timmering
7b5f8acb9e
Fixed #28690 -- Fixed handling of two-digit years in parse_http_date().
...
Due to RFC7231 ayear that appears to be more than 50 years in the
future are interpreted as representing the past.
2019-09-30 14:42:56 +02:00
Ad Timmering
7cbd25a06e
Refs #28690 -- Added more tests for parse_http_date().
2019-09-30 14:42:51 +02:00
Pablo García
2fd610eb30
Fixed #30810 -- Fixed WatchmanReloaderTests.test_setting_timeout_from_environment_variable test.
...
client_timeout is an instance attribute.
2019-09-27 08:09:05 +02:00
Mariusz Felisiak
cb2be9d5d5
Refs #29546 -- Removed django.utils.timezone.FixedOffset per deprecation timeline.
2019-09-10 12:01:00 +02:00
Carlton Gibson
4f61810751
Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme().
2019-09-02 15:32:23 +02:00
Jon Dufresne
5dac63bb84
Refs #27804 -- Used subTest() in utils_tests/test_encoding.py.
2019-08-26 11:58:06 +02:00
Claude Paroz
9386586f31
Replaced subprocess commands by run() wherever possible.
2019-08-23 10:53:36 +02:00
Claude Paroz
88c0b907e7
Refs #30461 -- Added django.utils._os.to_path().
2019-08-13 17:17:39 +02:00
swatantra
73ac9e3f04
Fixed #30677 -- Improved error message for urlencode() and Client when None is passed as data.
2019-08-11 20:15:23 +02:00
Florian Apolloner
76ed1c49f8
Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri().
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Florian Apolloner
4b78420d25
Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities.
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Florian Apolloner
7f65974f82
Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML.
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Nick Pope
f618e033ac
Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands.
2019-07-31 10:02:13 +02:00
Nick Pope
c95d063e77
Refs #30160 -- Simplified and improved tests for django.utils.archive.
...
The file executable should have 0o775 permission not only u=x.
The file no_permissions should have 0o644 u=r.
2019-07-31 09:46:24 +02:00
Nick Pope
421c4cd2ee
Removed redundant ArchiveTest.test_extract_method() test.
...
The extract() function has the same code as used in the test method
for Archive.extract().
2019-07-30 11:33:53 +02:00
Nick Pope
0509148c24
Refs #30160 -- Made destination path a required argument of extract().
2019-07-30 11:27:56 +02:00
Tom Forbes
fc75694257
Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be resolved.
2019-07-24 14:08:37 +02:00
Mariusz Felisiak
fed5e19369
Removed unused BaseReloader.watch_file().
...
Unused since its introduction in c8720e7696
.
2019-07-24 13:32:02 +02:00
Tom Forbes
2ff517ccb6
Fixed #30506 -- Fixed crash of autoreloader when path contains null characters.
2019-07-23 10:03:23 +02:00
Min ho Kim
9f11939dd1
Fixed typos in comments and a test name.
2019-07-19 18:24:06 +02:00