p31829507
/
django
mirror of https://github.com/django/django.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
32,088 Commits 28 Branches 411 Tags 641 MiB
Commit Graph

81 Commits

Author SHA1 Message Date
Mariusz Felisiak 9b9c805ced
Removed unneeded escapes in regexes. 
Special characters lose their special meaning inside sets of characters.

"-" lose its special meaning if it's placed as the first or last
character.

Follow up to 7c6b66383d.
 2023-08-02 19:53:16 +02:00
Mariusz Felisiak ad0410ec4f Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator. 
Thanks Seokchan Yoon for reports.
 2023-07-03 08:16:55 +02:00
Jacob Rief 1fe0b167af Fixed #34473 -- Fixed step validation for form fields with non-zero minimum value. 2023-06-16 08:38:28 +02:00
Kamil Turek ae509f8f08 Fixed #34014 -- Fixed DecimalValidator validating 0 in positive exponent scientific notation. 
Thanks Shiplu Mokaddim for the report.
 2022-09-17 10:02:55 +02:00
Kapil Bansal 3a82b5f655 Fixed #32559 -- Added 'step_size’ to numeric form fields. 
Co-authored-by: Jacob Rief <jacob.rief@uibk.ac.at>
 2022-05-12 14:16:52 +02:00
django-bot 9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Mariusz Felisiak c5cd878382
Refs #33476 -- Refactored problematic code before reformatting by Black. 
In these cases Black produces unexpected results, e.g.

def make_random_password(
    self,
    length=10,
    allowed_chars='abcdefghjkmnpqrstuvwxyz' 'ABCDEFGHJKLMNPQRSTUVWXYZ' '23456789',
):

or

cursor.execute("""
SELECT ...
""",
    [table name],
)
 2022-02-03 11:20:46 +01:00
Mariusz Felisiak d25710a625 Refs #31670 -- Removed whitelist argument and domain_whitelist attribute in EmailValidator per deprecation timeline. 2021-09-20 21:23:01 +02:00
Mariusz Felisiak 61d92c650f Refs #22123 -- Added more URLValidator test for invalid IPv6 literals. 2021-08-06 12:58:55 +02:00
chrishna1 033636286a Fixed #32959 -- Moved tests URLs to validators.tests. 2021-07-28 11:39:36 +02:00
Wu Haotian 65b880b726 Fixed #32930 -- Fixed URLValidator when port numbers < 10. 2021-07-22 11:58:28 +02:00
Wu Haotian b96cc7f85e Added more test cases with port numbers for URLValidator. 2021-07-22 11:58:28 +02:00
Mariusz Felisiak e1d787f1b3 Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses. 
validate_ipv4_address() was affected only on Python < 3.9.5, see [1].
URLValidator() uses a regular expressions and it was affected on all
Python versions.

[1] https://bugs.python.org/issue36384
 2021-06-02 10:58:39 +02:00
Mariusz Felisiak e1e81aa1c4
Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+. 
In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines
and tabs from URLs [1, 2]. Unfortunately it created an issue in
the URLValidator. URLValidator uses urllib.urlsplit() and
urllib.urlunsplit() for creating a URL variant with Punycode which no
longer contains newlines and tabs in Python 3.9.5+. As a consequence,
the regular expression matched the URL (without unsafe characters) and
the source value (with unsafe characters) was considered valid.

[1] https://bugs.python.org/issue43882 and
[2] 76cd81d603
 2021-05-06 08:45:23 +02:00
Akshat1Nar b41d38ae26 Fixed #32298 -- Fixed URLValidator hostname length validation. 
URLValidator now validates the maximum length of a hostname without
the userinfo and port.
 2021-01-04 09:25:40 +01:00
Claudio Catterina faa6d41cda
Fixed typo in DecimalValidator tests. 
This replaces redundant test for -Infinity with +Infinity.
 2020-07-16 11:21:39 +02:00
David Smith 27c09043da Refs #31670 -- Renamed whitelist argument and attribute of EmailValidator. 2020-06-18 21:43:20 +02:00
Yash Saini ccb1cfb64e Fixed #31548 -- Fixed URLValidator crash on non-strings. 2020-05-08 20:53:05 +02:00
Yash Saini bda6ade7b7 Added URLValidator test for missing scheme. 2020-05-08 20:50:25 +02:00
Dennis Schwertel 4070d6ceb0 Fixed #31267 -- Added tests cases with empty username or password for URLValidator. 
Follow up to cdcf4164be.
 2020-02-13 08:32:20 +01:00
ElizabethU 54ea290e5b Fixed #30651 -- Made __eq__() methods return NotImplemented for not implemented comparisons. 
Changed __eq__ to return NotImplemented instead of False if compared to
an object of the same type, as is recommended by the Python data model
reference. Now these models can be compared to ANY (or other objects
with __eq__ overwritten) without returning False automatically.
 2019-10-01 17:58:19 +02:00
buzzi 24cae0bedc Fixed #29860 -- Allowed BaseValidator to accept a callable limit_value. 2018-10-22 10:26:54 -04:00
Tom Forbes 8c70ba92dd Refactored validators tests to use subtests. 2018-08-18 15:04:48 -04:00
Tim Bell cdcf4164be Fixed #29528 -- Made URLValidator reject invalid characters in the username and password. 2018-07-23 10:30:01 -04:00
Fabio Bonelli f636f0bb86 Fixed #29007 -- Fixed DecimalValidator crash on NaN, SNan, Inf, and Infinity values. 2018-01-10 21:43:32 -05:00
Josh Schneier e8c4596329 Fixed #28562 -- Fixed DecimalValidator handling of positive exponent scientific notation. 2017-09-27 09:42:04 -04:00
Josh Schneier 0dbcd0e87f Added tests for DecimalValidator. 2017-09-11 14:18:02 -04:00
Alejandro Zamora 90d7b912b9 Fixed #28201 -- Added ProhibitNullCharactersValidator and used it on CharField form field. 2017-08-12 20:14:14 -04:00
Mads Jensen a51c4de194 Used assertRaisesMessage() to test Django's error messages. 2017-07-29 19:07:23 -04:00
Arne de Laat 681d2599ee Fixed #28165 -- Ignored case in FileExtensionValidator's allowed_extensions. 2017-06-07 16:53:36 -04:00
Arne de Laat b137add6cf Added FileExtensionValidator tests for uppercase and missing file extensions. 2017-06-07 16:53:10 -04:00
Claude Paroz 289fc1bfa5 Refs #23919 -- Removed str_prefix usage 2017-01-20 15:43:28 +01:00
Tim Graham 4e729feaa6 Refs #23919 -- Removed django.utils._os.upath()/npath()/abspathu() usage. 
These functions do nothing on Python 3.
 2017-01-20 08:01:02 -05:00
Aymeric Augustin a556396339 Refs #23919 -- Replaced io.open() with open(). 
io.open() is an alias for open() on Python 3.
 2017-01-18 21:45:12 -05:00
Claude Paroz d7b9aaa366 Refs #23919 -- Removed encoding preambles and future imports 2017-01-18 09:55:19 +01:00
Ramin Farajpour Cami 967be82443 Fixed E305 flake8 warnings. 2016-11-14 12:30:46 -05:00
za 321e94fa41 Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings. 2016-11-10 21:30:21 -05:00
wim glenn 21dd792349 Fixed #26578 -- Prohibited non-ASCII digits in validate_ipv4_address. 2016-10-28 11:38:49 -04:00
Baptiste Mispelon a9215b7c36 Refs #21548 -- Skipped tests that rely on pillow when it's not installed 2016-07-02 15:46:16 +02:00
Berker Peksag 12b4280444 Fixed #21548 -- Added FileExtensionValidator and validate_image_file_extension. 2016-06-30 09:08:50 -04:00
Christopher Grebs a9e188ccd6 Fixed #26119 -- Fixed URLValidator crash on URLs with brackets. 2016-06-28 15:43:43 -04:00
Tim Graham c9ae09addf Replaced use of TestCase.fail() with assertRaises(). 
Also removed try/except/fail antipattern that hides exceptions.
 2016-06-28 11:21:26 -04:00
Tim Graham b1afebf882 Fixed #26204 -- Reallowed dashes in top-level domains for URLValidator. 
Thanks Shai Berger for the review.
 2016-02-18 19:06:49 -05:00
Akshesh d58aaa24e3 Fixed #26107 -- Added option to int_list_validator() to allow negative integers. 2016-02-18 18:58:18 -05:00
Raphael Michel 82976e5c3f Fixed #25637 -- Added URLValidator hostname length validation. 
URLValidator now validates the maximum length of a hostname and the
maximum length of all labels inside the hostname.
 2015-12-08 15:46:45 -05:00
Dheerendra Rathor 06627ef2ca Fixed #25635 -- Made URLValidator allow '+' in scheme. 2015-10-31 17:50:05 -04:00
Dheerendra Rathor 96fe90f535 Fixed #25620 -- Made URLValidator prohibit URLs with consecutive dots in the domain section. 2015-10-29 10:59:22 -04:00
Iulia Chiriac 75ed590032 Fixed #24636 -- Added model field validation for decimal places and max digits. 2015-09-18 14:30:20 -04:00
Maxime Lorant c92cd22d02 Refs #25345 -- Updated links to code.google.com. 2015-09-04 08:14:21 -04:00
Edward Henderson f8cc464452 Fixed #16501 -- Added an allow_unicode parameter to SlugField. 
Thanks Flavio Curella and Berker Peksag for the initial patch.
 2015-07-17 13:48:58 -04:00