Mariusz Felisiak
305757aec1
Applied Black's 2024 stable style.
...
https://github.com/psf/black/releases/tag/24.1.0
2024-01-26 12:45:07 +01:00
Standa Opichal
1c6e8ec4ed
Fixed #34968 -- Made multipart parsing of headers raise an error on too long headers.
...
This also allow customizing the maximum size of headers via
MAX_TOTAL_HEADER_SIZE.
2023-11-24 12:06:54 +01:00
Jarosław Wygoda
32940d390a
Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings.
2023-01-12 09:58:36 +01:00
Francesco Panico
72efd840a8
Fixed #34110 -- Added in-memory file storage.
...
Thanks Paolo Melchiorre, Carlton Gibson, and Mariusz Felisiak for
reviews.
2023-01-10 10:56:59 +01:00
Francesco Panico
c179ad9fe7
Refs #34100 -- Made file upload tests use Storage.exists() where appropriate.
2022-12-30 13:28:47 +01:00
Nick Pope
9bd174b9a7
Updated documentation and comments for RFC updates.
...
- Updated references to RFC 1123 to RFC 5322
- Only partial as RFC 5322 sort of sub-references RFC 1123.
- Updated references to RFC 2388 to RFC 7578
- Except RFC 2388 Section 5.3 which has no equivalent.
- Updated references to RFC 2396 to RFC 3986
- Updated references to RFC 2616 to RFC 9110
- Updated references to RFC 3066 to RFC 5646
- Updated references to RFC 7230 to RFC 9112
- Updated references to RFC 7231 to RFC 9110
- Updated references to RFC 7232 to RFC 9110
- Updated references to RFC 7234 to RFC 9111
- Tidied up style of text when referring to RFC documents
2022-11-10 13:52:17 +01:00
Mehrdad
d4d5427571
Refs #33697 -- Used django.utils.http.parse_header_parameters() for parsing boundary streams.
...
This also removes unused parse_header() and _parse_header_params()
helpers in django.http.multipartparser.
2022-06-28 09:42:47 +02:00
Mehrdad
93cedc82f2
Refs #33697 -- Fixed multipart parsing of headers with double quotes and semicolons.
...
See 1ef0c0349e
2022-06-01 10:11:07 +02:00
Mariusz Felisiak
7119f40c98
Refs #33476 -- Refactored code to strictly match 88 characters line length.
2022-02-07 20:37:05 +01:00
django-bot
9c19aff7c7
Refs #33476 -- Reformatted code with Black.
2022-02-07 20:37:05 +01:00
Mariusz Felisiak
c5cd878382
Refs #33476 -- Refactored problematic code before reformatting by Black.
...
In these cases Black produces unexpected results, e.g.
def make_random_password(
self,
length=10,
allowed_chars='abcdefghjkmnpqrstuvwxyz' 'ABCDEFGHJKLMNPQRSTUVWXYZ' '23456789',
):
or
cursor.execute("""
SELECT ...
""",
[table name],
)
2022-02-03 11:20:46 +01:00
Mariusz Felisiak
fc18f36c4a
Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads.
...
Thanks Alan Ryan for the report and initial patch.
2022-02-01 07:41:40 +01:00
Hrushikesh Vaidya
3fadf141e6
Fixed #33062 -- Made MultiPartParser remove non-printable chars from file names.
2022-01-20 07:19:52 +01:00
Mariusz Felisiak
1ff0ea6e9b
Fixed isolation of test_filename_traversal_upload().
...
shutil.rmtree(MEDIA_ROOT) is already called as a class cleanup.
2021-07-05 12:05:13 +02:00
Mariusz Felisiak
213850b4b9
Refs #32355 -- Used addClassCleanup() in tests.
...
Inspired by Adam Johnson talk on DjangoCon Europe 2021.
2021-06-04 12:53:11 +02:00
Florian Apolloner
0b79eb3691
Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.
2021-05-04 08:44:42 +02:00
Mariusz Felisiak
d4d800ca1a
Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files.
...
Thanks Claude Paroz for the initial patch.
Thanks Dennis Brinkrolf for the report.
2021-04-06 08:15:17 +02:00
aryan
11c4a4412b
Fixed #30422 -- Made TemporaryFileUploadHandler handle interrupted uploads.
...
This patch allows upload handlers to handle interrupted uploads.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-09-30 10:30:43 +02:00
aryan
21b127bfbc
Refs #30422 -- Added test for removing temporary files in MultiPartParser when StopUpload is raised.
2020-09-30 10:29:08 +02:00
Michael Brown
36db4dd937
Fixed #28132 -- Made MultiPartParser ignore filenames with trailing slash.
2020-06-11 08:46:59 +02:00
Jon Dufresne
505fec6bad
Capitalized Unicode in docs, strings, and comments.
2020-04-20 12:10:33 +02:00
007
e65fea9292
Fixed #31293 -- Allowed MultiPartParser to handle double-quoted encoded headers.
2020-02-28 14:43:16 +01:00
Nick Pope
7552de7866
Used more specific unittest assertions in tests.
...
* assertIsNone()/assertIsNotNone() instead of comparing to None.
* assertLess() for < comparisons.
* assertIs() for 'is' expressions.
* assertIsInstance() for isinstance() expressions.
* rounding of assertAlmostEqual() for round() expressions.
* assertIs(..., True/False) instead of comparing to True/False.
* assertIs()/assertIsNot() for ==/!= comparisons.
* assertNotEqual() for == comparisons.
* assertTrue()/assertFalse() instead of comparing to True/False.
2019-10-29 12:37:30 +01:00
Jon Dufresne
95b7699ffc
Cleaned up exception message checking in some tests.
2019-03-15 19:27:57 -04:00
Jon Dufresne
a98bcfb0dd
Refs #15362 -- Removed obsolete workaround in file_uploads test view.
2019-02-09 18:44:28 -05:00
Jon Dufresne
c492fdfd24
Removed default empty content argument from HttpResponse calls.
2019-02-09 16:27:32 -05:00
Jon Dufresne
290d8471bb
Fixed #30147 -- Simplified directory creation with os.makedirs(..., exist_ok=True).
2019-01-31 12:53:36 -05:00
Jon Dufresne
7785e03ba8
Fixed #30137 -- Replaced OSError aliases with the canonical OSError.
...
Used more specific errors (e.g. FileExistsError) as appropriate.
2019-01-28 11:15:06 -05:00
Tim Graham
043bd70942
Updated test URL patterns to use path() and re_path().
2018-12-31 10:47:32 -05:00
Mads Jensen
4167959105
Added tests for incorrect content type and size in MultiPartParser.
2018-06-12 14:42:20 -04:00
Tim Graham
fa75b2cb51
Refs #27795 -- Removed force_bytes/text() usage in tests.
2018-02-07 14:20:04 -05:00
Jon Dufresne
21046e7773
Fixed #28249 -- Removed unnecessary dict.keys() calls.
...
iter(dict) is equivalent to iter(dict.keys()).
2017-05-27 19:08:46 -04:00
Tim Graham
500532c95d
Refs #23919 -- Removed default 'utf-8' argument for str.encode()/decode().
2017-02-09 09:03:47 -05:00
Tim Graham
5e303836b6
Used JsonResponse and response.json in file_uploads tests.
2017-02-08 08:42:28 -05:00
Chillar Anand
6478e07a62
Refs #23919 -- Replaced tempfile.mkdtemp() with TemporaryDirectory() context manager.
2017-01-26 13:54:16 -05:00
Claude Paroz
fee42fd99e
Refs #23919 -- Replaced usage of django.utils.http utilities with Python equivalents
...
Thanks Tim Graham for the review.
2017-01-26 19:49:03 +01:00
chillaranand
d6eaf7c018
Refs #23919 -- Replaced super(ClassName, self) with super().
2017-01-25 12:23:46 -05:00
Tim Graham
632c4ffd9c
Refs #23919 -- Replaced errno checking with PEP 3151 exceptions.
2017-01-25 10:13:08 -05:00
Claude Paroz
dc8834cad4
Refs #23919 -- Removed unneeded force_str calls
2017-01-20 08:44:31 +01:00
Tim Graham
5320fa77c3
Refs #23919 -- Removed obsolete contextlib.closing() calls (for Python 2).
2017-01-19 08:50:28 -05:00
Claude Paroz
2b281cc35e
Refs #23919 -- Removed most of remaining six usage
...
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
Claude Paroz
7b2f2e74ad
Refs #23919 -- Removed six.<various>_types usage
...
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
Claude Paroz
c716fe8782
Refs #23919 -- Removed six.PY2/PY3 usage
...
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
za
321e94fa41
Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings.
2016-11-10 21:30:21 -05:00
Claude Paroz
2ced2f785d
Replaced smart_* by force_* calls whenever possible
...
The smart_* version should only be used when a lazy string should keep
its lazy status.
2016-09-03 13:46:41 +02:00
Tim Graham
c9ae09addf
Replaced use of TestCase.fail() with assertRaises().
...
Also removed try/except/fail antipattern that hides exceptions.
2016-06-28 11:21:26 -04:00
Florian Apolloner
9baf692a58
Fixed #26601 -- Improved middleware per DEP 0005.
...
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Tim Graham
92053acbb9
Fixed E128 flake8 warnings in tests/.
2016-04-08 10:12:33 -04:00
John-Mark Bell
4b129ac81f
Fixed #26325 -- Made MultiPartParser ignore filenames that normalize to an empty string.
2016-03-07 13:19:39 -05:00