test0908
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
8,993 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

7 Commits

Author SHA1 Message Date
Russell Keith-Magee 1070c57b83 Fixed #14436 -- Escalated 1.2 PendingDeprecationWarnings to DeprecationWarnings, and removed 1.1 deprecated code. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14138 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-10-11 12:20:07 +00:00
Luke Plant 568b9cdf37 Fixed a test so that it actually tests what it's supposed to test. 
Previously it passed whether or not the view was 'csrf_exempt'ed.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13735 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-09-10 23:56:10 +00:00
Luke Plant 364583b894 Fixed #14235 - UnicodeDecodeError in CSRF middleware 
Thanks to jbg for the report.

This changeset essentially backs out [13698] in favour of a method that
sanitizes the token rather than escaping it.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13732 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-09-10 22:56:56 +00:00
James Bennett 9e3b327aca Patch CSRF-protection system to deal with reported security issue. Announcement and details to follow. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13698 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-09-09 00:34:54 +00:00
Luke Plant ac8b7ff021 Fixed #13716 - the CSRF get_token function stopped working for views with csrf_view_exempt 
This was a regression caused by the the CSRF changes in 1.2.

Thanks to edevil for the report.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13336 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-06-08 14:35:48 +00:00
Luke Plant 48edb177ed Fixed #12053 - form examples don't validate according to w3c 
Thanks to skyl for the report.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12086 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2010-01-04 21:55:52 +00:00
Luke Plant 7230a995ce Moved contrib.csrf.* to core code. 
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2009-10-27 00:36:34 +00:00