Viktor Lomakin
ee6b17187f
Fixed #30812 -- Made ConditionalGetMiddleware set ETag only for responses with non-empty content.
2019-10-10 09:51:05 +02:00
Claude Paroz
05d0eca635
Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY.
2019-09-09 08:15:26 +02:00
Hasan Ramezani
090ca6512f
Fixed #30604 -- Made mail_admins()/mail_managers() raise ValueError if ADMINS/MANAGERS is set incorrectly.
2019-07-02 07:34:07 +02:00
Simon Charette
0f212db29d
Made reused RequestFactory instances class attributes.
2018-11-27 09:49:02 -05:00
Andreas Hug
a656a68127
Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware.
2018-08-01 09:28:42 -04:00
Tim Graham
48d57788ee
Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline.
2017-09-22 12:51:18 -04:00
Tim Graham
500532c95d
Refs #23919 -- Removed default 'utf-8' argument for str.encode()/decode().
2017-02-09 09:03:47 -05:00
chillaranand
d6eaf7c018
Refs #23919 -- Replaced super(ClassName, self) with super().
2017-01-25 12:23:46 -05:00
Claude Paroz
dc8834cad4
Refs #23919 -- Removed unneeded force_str calls
2017-01-20 08:44:31 +01:00
Claude Paroz
2b281cc35e
Refs #23919 -- Removed most of remaining six usage
...
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
Claude Paroz
c716fe8782
Refs #23919 -- Removed six.PY2/PY3 usage
...
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
za
321e94fa41
Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings.
2016-11-10 21:30:21 -05:00
Sven Engström
f46a838efc
Fixed #26812 -- Fixed APPEND_SLASH on a URL including querystring with a trailing slash.
2016-11-06 10:38:36 +01:00
Adam Malinowski
37809b891e
Fixed #27346 -- Stopped setting the Content-Length header in ConditionalGetMiddleware.
2016-11-05 22:24:54 +01:00
Kevin Christopher Henry
2327fad54e
Fixed #27344 -- Made ConditionalGetMiddleware only process GET requests.
2016-10-17 16:11:53 -04:00
Tim Graham
61f9243e51
Fixed #27345 -- Stopped setting the Date header in ConditionalGetMiddleware.
2016-10-14 12:48:03 -04:00
Kevin Christopher Henry
9108696a75
Refs #19705 -- Changed gzip modification times to 0.
...
This makes gzip output deterministic, which allows
ConditionalGetMiddleware to reliably compare ETags on gzipped
content (views using the gzip_page() decorator in particular).
2016-10-14 07:41:42 -04:00
Kevin Christopher Henry
ad332e5ca9
Refs #19705 -- Made GZipMiddleware make ETags weak.
...
Django's conditional request processing can now produce 304 Not Modified
responses for content that is subject to compression.
2016-10-13 14:22:54 -04:00
Kevin Christopher Henry
bd7237d7ec
Fixed #19705 -- Set proper headers on conditional Not Modified responses.
2016-10-12 14:43:25 -04:00
Denis Cornehl
a840710e1e
Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware.
2016-10-10 14:55:59 -04:00
Kevin Christopher Henry
4ef0e019b7
Fixed #27083 -- Added support for weak ETags.
2016-09-10 08:14:52 -04:00
andrewnester
20d39325ca
Fixed #26765 -- Made CommonMiddleware no longer set an ETag when response has Cache-Control: no-store.
2016-07-15 15:34:00 -04:00
Claude Paroz
9588718cd4
Fixed #5897 -- Added the Content-Length response header in CommonMiddleware
...
Thanks Tim Graham for the review.
2016-06-27 10:44:57 +02:00
Jon Dufresne
4f336f6652
Fixed #26747 -- Used more specific assertions in the Django test suite.
2016-06-16 14:19:18 -04:00
Tim Graham
92053acbb9
Fixed E128 flake8 warnings in tests/.
2016-04-08 10:12:33 -04:00
ieatkittens
9390da7fb6
Fixed #26293 -- Fixed CommonMiddleware to process PREPEND_WWW and APPEND_SLASH independently.
2016-03-23 09:23:19 -04:00
harikrishnakanchi
74670498e9
Fixed #25971 -- Made BrokenLinkEmailsMiddleware ignore APPEND_SLASH redirects.
...
If APPEND_SLASH=True and the referer is the URL without a trailing '/', then
BrokenLinkEmailsMiddleware shouldn't send an email.
2016-03-08 09:21:42 -05:00
userimack
60586dd737
Fixed #26125 -- Fixed E731 flake warnings.
2016-01-25 14:23:43 -05:00
Denis Cornehl
186b6c61bf
Fixed #26024 -- Fixed regression in ConditionalGetMiddleware ETag support.
...
Thanks Denis Cornehl for help with the patch.
2016-01-05 09:37:11 -05:00
Tim Graham
89616f0c79
Made cosmetic cleanups in middleware tests.
2015-12-31 10:29:39 -05:00
Derek J. Curtis
6be9589eb3
Fixed #25900 -- Fixed regression in CommonMiddleware ETag support.
2015-12-10 13:51:07 -05:00
Tim Graham
5bc881541c
Moved a few CommonMiddleware tests to the correct test class.
2015-12-10 13:44:54 -05:00
Josh Soref
93452a70e8
Fixed many spelling mistakes in code, comments, and docs.
2015-12-03 12:48:24 -05:00
Aymeric Augustin
11f10b70f3
Fixed #25302 (again) -- Ignored scheme when checking for bad referers.
...
The check introduced in 4ce433e
was too strict in real life. The poorly
implemented bots this patch attempted to ignore are sloppy when it comes
to http vs. https.
2015-11-26 21:27:12 +01:00
Tim Graham
37ea3cb03e
Fixed "URLconf" spelling in code comments.
2015-10-22 14:46:42 -04:00
Maxime Lorant
4ce433e811
Fixed #25302 -- Prevented BrokenLinkEmailsMiddleware from reporting 404s when Referer = URL.
2015-08-24 19:35:49 -04:00
Jay Cox
434d309ef6
Fixed #24720 -- Avoided resolving URLs that don't end in a slash twice in CommonMiddleware.
...
This speeds up affected requests by about 5%.
2015-07-31 12:04:06 -04:00
Andriy Sokolovskiy
b40c551fdf
Fixed some unclosed objects in tests
2015-07-06 10:10:40 -04:00
Tim Graham
6c592e79e1
Removed unused code after refs #25017 .
2015-06-27 10:08:59 -04:00
sujayskumar
2e70bf3785
Fixed #25017 -- Allowed customizing the DISALLOWED_USER_AGENTS response
2015-06-27 08:46:23 -04:00
Simon Charette
be67400b47
Refs #24652 -- Used SimpleTestCase where appropriate.
2015-05-20 13:46:13 -04:00
Oliver A Bristow
4cd727095d
Fixed #24681 -- Removed Unicode bug in BrokenLinkEmailMiddleware
2015-04-21 22:02:04 +02:00
Bas Peschier
14f28f8233
Rephrased docstrings to assertions and added querystring test.
2015-03-26 09:27:37 -04:00
Claude Paroz
a0c2eb46dd
Fixed #23960 -- Removed http.fix_location_header
...
Thanks Carl Meyer for the report and Tim Graham for the review.
2015-03-18 18:22:50 +01:00
Tim Graham
0ed7d15563
Sorted imports with isort; refs #23860 .
2015-02-06 08:16:28 -05:00
darkryder
9ec8aa5e5d
Fixed #24149 -- Normalized tuple settings to lists.
2015-02-03 14:59:45 -05:00
Matthew Somerville
250aa7c39b
Fixed #24240 -- Allowed GZipping a Unicode StreamingHttpResponse
...
make_bytes() assumed that if the Content-Encoding header is set, then
everything had already been dealt with bytes-wise, but in a streaming
situation this was not necessarily the case.
make_bytes() is only called when necessary when working with a
StreamingHttpResponse iterable, but by that point the middleware has
added the Content-Encoding header and thus make_bytes() tried to call
bytes(value) (and dies). If it had been a normal HttpResponse,
make_bytes() would have been called when the content was set, well
before the middleware set the Content-Encoding header.
This commit removes the special casing when Content-Encoding is set,
allowing unicode strings to be encoded during the iteration before they
are e.g. gzipped. This behaviour was added a long time ago for #4969 and
it doesn't appear to be necessary any more, as everything is correctly
made into bytes at the appropriate places.
Two new tests, to show that supplying non-ASCII characters to a
StreamingHttpResponse works fine normally, and when passed through the
GZip middleware (the latter dies without the change to make_bytes()).
Removes the test with a nonsense Content-Encoding and Unicode input - if
this were to happen, it can still be encoded as bytes fine.
2015-02-03 18:18:12 +01:00
Samuel Colvin
5b74134f27
Fixed #24145 -- Added PUT & PATCH to CommonMiddleware APPEND_SLASH redirect error.
2015-01-29 15:23:01 -05:00
Collin Anderson
3d2cae0896
Fixed #24072 -- Added FileResponse for streaming binary files.
2015-01-05 10:51:52 -05:00