Commit Graph

77 Commits

Author SHA1 Message Date
Kevin Christopher Henry 2327fad54e Fixed #27344 -- Made ConditionalGetMiddleware only process GET requests. 2016-10-17 16:11:53 -04:00
Tim Graham 61f9243e51 Fixed #27345 -- Stopped setting the Date header in ConditionalGetMiddleware. 2016-10-14 12:48:03 -04:00
Kevin Christopher Henry 9108696a75 Refs #19705 -- Changed gzip modification times to 0.
This makes gzip output deterministic, which allows
ConditionalGetMiddleware to reliably compare ETags on gzipped
content (views using the gzip_page() decorator in particular).
2016-10-14 07:41:42 -04:00
Kevin Christopher Henry ad332e5ca9 Refs #19705 -- Made GZipMiddleware make ETags weak.
Django's conditional request processing can now produce 304 Not Modified
responses for content that is subject to compression.
2016-10-13 14:22:54 -04:00
Kevin Christopher Henry bd7237d7ec Fixed #19705 -- Set proper headers on conditional Not Modified responses. 2016-10-12 14:43:25 -04:00
Denis Cornehl a840710e1e Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware. 2016-10-10 14:55:59 -04:00
Kevin Christopher Henry 4ef0e019b7 Fixed #27083 -- Added support for weak ETags. 2016-09-10 08:14:52 -04:00
Ed Morley 3c2447dd13 Fixed #26947 -- Added an option to enable the HSTS header preload directive. 2016-08-10 20:23:54 -04:00
Ed Morley 8c3bc5cd78 Fixed docs to refer to HSTS includeSubdomains as a directive.
The spec refers to it as a 'directive' rather than a 'tag':
https://tools.ietf.org/html/rfc6797#section-6.1.2
2016-08-08 20:20:49 -04:00
Tim Graham 0850236a8c Fixed a typo in tests/middleware/test_security.py 2016-07-28 22:00:48 -04:00
andrewnester 20d39325ca Fixed #26765 -- Made CommonMiddleware no longer set an ETag when response has Cache-Control: no-store. 2016-07-15 15:34:00 -04:00
Claude Paroz 9588718cd4 Fixed #5897 -- Added the Content-Length response header in CommonMiddleware
Thanks Tim Graham for the review.
2016-06-27 10:44:57 +02:00
Jon Dufresne 4f336f6652 Fixed #26747 -- Used more specific assertions in the Django test suite. 2016-06-16 14:19:18 -04:00
Tim Graham 92053acbb9 Fixed E128 flake8 warnings in tests/. 2016-04-08 10:12:33 -04:00
ieatkittens 9390da7fb6 Fixed #26293 -- Fixed CommonMiddleware to process PREPEND_WWW and APPEND_SLASH independently. 2016-03-23 09:23:19 -04:00
harikrishnakanchi 74670498e9 Fixed #25971 -- Made BrokenLinkEmailsMiddleware ignore APPEND_SLASH redirects.
If APPEND_SLASH=True and the referer is the URL without a trailing '/', then
BrokenLinkEmailsMiddleware shouldn't send an email.
2016-03-08 09:21:42 -05:00
Tim Graham 406675b1a0 Fixed #26176 -- Fixed E123 flake8 warnings. 2016-02-05 15:11:07 -05:00
userimack 60586dd737 Fixed #26125 -- Fixed E731 flake warnings. 2016-01-25 14:23:43 -05:00
Denis Cornehl 186b6c61bf Fixed #26024 -- Fixed regression in ConditionalGetMiddleware ETag support.
Thanks Denis Cornehl for help with the patch.
2016-01-05 09:37:11 -05:00
Tim Graham 89616f0c79 Made cosmetic cleanups in middleware tests. 2015-12-31 10:29:39 -05:00
Derek J. Curtis 6be9589eb3 Fixed #25900 -- Fixed regression in CommonMiddleware ETag support. 2015-12-10 13:51:07 -05:00
Tim Graham 5bc881541c Moved a few CommonMiddleware tests to the correct test class. 2015-12-10 13:44:54 -05:00
Josh Soref 93452a70e8 Fixed many spelling mistakes in code, comments, and docs. 2015-12-03 12:48:24 -05:00
Aymeric Augustin 11f10b70f3 Fixed #25302 (again) -- Ignored scheme when checking for bad referers.
The check introduced in 4ce433e was too strict in real life. The poorly
implemented bots this patch attempted to ignore are sloppy when it comes
to http vs. https.
2015-11-26 21:27:12 +01:00
Tim Graham 37ea3cb03e Fixed "URLconf" spelling in code comments. 2015-10-22 14:46:42 -04:00
Maxime Lorant 4ce433e811 Fixed #25302 -- Prevented BrokenLinkEmailsMiddleware from reporting 404s when Referer = URL. 2015-08-24 19:35:49 -04:00
Jay Cox 434d309ef6 Fixed #24720 -- Avoided resolving URLs that don't end in a slash twice in CommonMiddleware.
This speeds up affected requests by about 5%.
2015-07-31 12:04:06 -04:00
Andriy Sokolovskiy b40c551fdf Fixed some unclosed objects in tests 2015-07-06 10:10:40 -04:00
Tim Graham 6c592e79e1 Removed unused code after refs #25017. 2015-06-27 10:08:59 -04:00
sujayskumar 2e70bf3785 Fixed #25017 -- Allowed customizing the DISALLOWED_USER_AGENTS response 2015-06-27 08:46:23 -04:00
Simon Charette be67400b47 Refs #24652 -- Used SimpleTestCase where appropriate. 2015-05-20 13:46:13 -04:00
Oliver A Bristow 4cd727095d Fixed #24681 -- Removed Unicode bug in BrokenLinkEmailMiddleware 2015-04-21 22:02:04 +02:00
Bas Peschier 14f28f8233 Rephrased docstrings to assertions and added querystring test. 2015-03-26 09:27:37 -04:00
Claude Paroz a0c2eb46dd Fixed #23960 -- Removed http.fix_location_header
Thanks Carl Meyer for the report and Tim Graham for the review.
2015-03-18 18:22:50 +01:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
darkryder 9ec8aa5e5d Fixed #24149 -- Normalized tuple settings to lists. 2015-02-03 14:59:45 -05:00
Matthew Somerville 250aa7c39b Fixed #24240 -- Allowed GZipping a Unicode StreamingHttpResponse
make_bytes() assumed that if the Content-Encoding header is set, then
everything had already been dealt with bytes-wise, but in a streaming
situation this was not necessarily the case.

make_bytes() is only called when necessary when working with a
StreamingHttpResponse iterable, but by that point the middleware has
added the Content-Encoding header and thus make_bytes() tried to call
bytes(value) (and dies). If it had been a normal HttpResponse,
make_bytes() would have been called when the content was set, well
before the middleware set the Content-Encoding header.

This commit removes the special casing when Content-Encoding is set,
allowing unicode strings to be encoded during the iteration before they
are e.g. gzipped. This behaviour was added a long time ago for #4969 and
it doesn't appear to be necessary any more, as everything is correctly
made into bytes at the appropriate places.

Two new tests, to show that supplying non-ASCII characters to a
StreamingHttpResponse works fine normally, and when passed through the
GZip middleware (the latter dies without the change to make_bytes()).
Removes the test with a nonsense Content-Encoding and Unicode input - if
this were to happen, it can still be encoded as bytes fine.
2015-02-03 18:18:12 +01:00
Samuel Colvin 5b74134f27 Fixed #24145 -- Added PUT & PATCH to CommonMiddleware APPEND_SLASH redirect error. 2015-01-29 15:23:01 -05:00
Collin Anderson 3d2cae0896 Fixed #24072 -- Added FileResponse for streaming binary files. 2015-01-05 10:51:52 -05:00
Berker Peksag bae404dea3 Converted middleware tests to use RequestFactory. 2014-12-29 19:36:18 +02:00
Michael Hall 895dc880eb Fixed #23812 -- Changed django.utils.six.moves.xrange imports to range 2014-12-13 12:45:58 -05:00
Sean Wang 311feae8ba Fixed #23806 -- Added a test case for settings.DISALLOWED_USER_AGENTS. 2014-11-13 09:45:14 +01:00
Berker Peksag df0523debc Fixed #23531 -- Added CommonMiddleware.response_redirect_class. 2014-11-04 17:56:57 -05:00
Berker Peksag f7969b0920 Fixed #23620 -- Used more specific assertions in the Django test suite. 2014-11-03 11:56:37 -05:00
Tim Graham 52ef6a4726 Fixed #17101 -- Integrated django-secure and added check --deploy option
Thanks Carl Meyer for django-secure and for reviewing.

Thanks also to Zach Borboa, Erik Romijn, Collin Anderson, and
Jorge Carleitao for reviews.
2014-09-12 15:05:23 -04:00
Tim Graham a9fd740d22 Fixed #23276 -- Deprecated passing views as strings to url(). 2014-08-12 13:15:40 -04:00
Mark Lavin 79956d0694 Fixed #22440 -- Updated ConditionalGetMiddleware to comply with RFC 2616. 2014-06-13 20:01:35 -04:00
Aymeric Augustin df09d85482 Fixed #17552 -- Removed a hack for IE6 and earlier.
It prevented the GZipMiddleware from compressing some data types even on
more recent version of IE where the corresponding bug was fixed.

Thanks Aaron Cannon for the report and Tim Graham for the review.
2014-06-10 08:42:31 +02:00
Florian Apolloner 9d1bf8f841 Removed executeable bit from a few files. 2014-05-25 23:16:40 +02:00
Kevin Christopher Henry 91afc00513 Fixed #21157 -- Fixed problems with ResolverMatch
- Fixed bug in get_callable() that caused resolve() to put a string
  in ResolverMatch.func.
- Made ResolverMatch.url_name match the actual url name (or None).
- Updated tests that used the string value in ResolverMatch.func, and
  added regression tests for this bug.
- Corrected test urls whose dummy view paths caused failures (behavior
  that was previously masked by this bug).
2014-04-23 20:12:34 -04:00