1
0
mirror of https://github.com/django/django.git synced 2024-11-19 16:04:13 +00:00
Commit Graph

18 Commits

Author SHA1 Message Date
Russell Keith-Magee
893cea211a Added protection against spoofing of X_FORWARDED_HOST headers. A security announcement will be made shortly.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16758 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-10 00:46:38 +00:00
Jannis Leidel
a6cd78662e Fixed #15785 -- Stopped HttpRequest.read() from reading beyond the end of a wsgi.input stream and removed some redundant code in the multipartparser. Thanks, tomchristie, grahamd and isagalaev.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16479 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-28 10:17:56 +00:00
Russell Keith-Magee
9e952be26f Fixed #16201 -- Ensure that requests with Content-Length=0 don't break the multipart parser. Thanks to albsen for the report and patch
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16353 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-10 08:39:38 +00:00
Luke Plant
db2f9bfae1 Fixed #16178 - Cleanup request classes' __repr__()
Thanks to julien for the patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16350 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-09 23:15:42 +00:00
Luke Plant
8bb46d8b7c Fixed #15679 - regression in HttpRequest.POST and raw_post_data access.
Thanks to vkryachko for the report.

This also fixes a slight inconsistency with raw_post_data after parsing of a
multipart request, and adds a test for that.  (Previously accessing
raw_post_data would have returned the empty string rather than raising an
Exception).

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15938 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-28 16:11:40 +00:00
Russell Keith-Magee
b4f0921463 Fixed #15018 -- Corrected the handling of LimitedStream under one edge case involving size restricted buffers and newlines. Thanks to xjdrew for the report, and aaugustin for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15222 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-16 07:31:35 +00:00
Russell Keith-Magee
78be884ea7 Fixed #3304 -- Added support for HTTPOnly cookies. Thanks to arvin for the suggestion, and rodolfo for the draft patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14707 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-26 13:30:50 +00:00
Alex Gaynor
035cb99b47 Make the requests test use unittest2, rather than the system unittest.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14487 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-07 15:41:17 +00:00
Russell Keith-Magee
269e921756 Fixed #9886 -- Added a file-like interface to HttpRequest. Thanks to Ivan Sagalaev for the suggestion and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14394 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-29 16:39:25 +00:00
Russell Keith-Magee
75536fef1f Modified the requests unit tests so that they aren't dependent on dictionary ordering.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13948 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-28 11:54:58 +00:00
Russell Keith-Magee
d63ee2097f Migrated requests doctests. Thanks to Stephan Jaekel.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13927 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-28 07:06:37 +00:00
Russell Keith-Magee
1637fefcb0 Fixed #14351 -- Modified the requests test case to avoid an timing problem in the test.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13922 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-28 04:35:50 +00:00
Malcolm Tredinnick
2d4da641a6 Allow setting HttpResponse cookie expiry times with datetime objects.
Patch from SmileyChris. Fixed #7770.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13809 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-12 20:52:49 +00:00
Malcolm Tredinnick
646f2f6101 Fixed #7494 -- Fixed build_absolute_url() for some types of (uncommon) URLs.
Patch from tom@almostobsolete.net and RobotAdam.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8490 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-23 17:28:12 +00:00
Malcolm Tredinnick
bfcecbffd3 Changed/fixed the way Django handles SCRIPT_NAME and PATH_INFO (or
equivalents). Basically, URL resolving will only use the PATH_INFO and the
SCRIPT_NAME will be prepended by reverse() automatically. Allows for more
portable development and installation. Also exposes SCRIPT_NAME in the
HttpRequest instance.

There are a number of cases where things don't work completely transparently,
so mod_python and fastcgi users should read the relevant docs.

Fixed #285, #1516, #3414.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8015 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-21 07:57:10 +00:00
Malcolm Tredinnick
30bdabb2b0 Fixed #6764 -- Added some error checking around cookie decoding. Thanks,
Michael Axiak.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7257 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-17 13:49:04 +00:00
Gary Wilson Jr
4487be66ef Fixed tests added in [7200] to not depend on unpredictable key order of dict, which was sometimes causing a test error.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7207 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-08 14:41:13 +00:00
Gary Wilson Jr
d73c70d1ed Fixed #5595 -- Made ModPythonRequest.__repr__ return a string instead of a unicode object. Fixes the printout of the request object in those server error e-mails I never get :)
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7200 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-08 03:06:30 +00:00