1
0
mirror of https://github.com/django/django.git synced 2024-12-23 01:25:58 +00:00
Commit Graph

71 Commits

Author SHA1 Message Date
Berker Peksag
4971a9afe5 Fixed #18119 -- Added a DomainNameValidator validator.
Thanks Claude Paroz for the review.

Co-authored-by: Nina Menezes <77671865+nmenezes0@users.noreply.github.com>
2024-05-21 23:11:12 +02:00
ksg
a6c7db1d1d
Fixed #34943 -- Made EmailValidator.__eq__() ignore domain_allowlist ordering.
Signed-off-by: ksg97031 <ksg97031@gmail.com>
2023-10-28 14:35:25 +02:00
ksg97031
d22ba07630 Fixed #34920 -- Made FileExtensionValidator.__eq__() ignore allowed_extensions ordering. 2023-10-24 05:31:11 +02:00
Mariusz Felisiak
9b9c805ced
Removed unneeded escapes in regexes.
Special characters lose their special meaning inside sets of characters.

"-" lose its special meaning if it's placed as the first or last
character.

Follow up to 7c6b66383d.
2023-08-02 19:53:16 +02:00
Mariusz Felisiak
ad0410ec4f Fixed CVE-2023-36053 -- Prevented potential ReDoS in EmailValidator and URLValidator.
Thanks Seokchan Yoon for reports.
2023-07-03 08:16:55 +02:00
Jacob Rief
1fe0b167af Fixed #34473 -- Fixed step validation for form fields with non-zero minimum value. 2023-06-16 08:38:28 +02:00
Kamil Turek
ae509f8f08 Fixed #34014 -- Fixed DecimalValidator validating 0 in positive exponent scientific notation.
Thanks Shiplu Mokaddim for the report.
2022-09-17 10:02:55 +02:00
Kapil Bansal
3a82b5f655 Fixed #32559 -- Added 'step_size’ to numeric form fields.
Co-authored-by: Jacob Rief <jacob.rief@uibk.ac.at>
2022-05-12 14:16:52 +02:00
django-bot
9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Mariusz Felisiak
c5cd878382
Refs #33476 -- Refactored problematic code before reformatting by Black.
In these cases Black produces unexpected results, e.g.

def make_random_password(
    self,
    length=10,
    allowed_chars='abcdefghjkmnpqrstuvwxyz' 'ABCDEFGHJKLMNPQRSTUVWXYZ' '23456789',
):

or

cursor.execute("""
SELECT ...
""",
    [table name],
)
2022-02-03 11:20:46 +01:00
Mariusz Felisiak
d25710a625 Refs #31670 -- Removed whitelist argument and domain_whitelist attribute in EmailValidator per deprecation timeline. 2021-09-20 21:23:01 +02:00
Mariusz Felisiak
61d92c650f Refs #22123 -- Added more URLValidator test for invalid IPv6 literals. 2021-08-06 12:58:55 +02:00
chrishna1
033636286a Fixed #32959 -- Moved tests URLs to validators.tests. 2021-07-28 11:39:36 +02:00
Mariusz Felisiak
e1d787f1b3 Fixed CVE-2021-33571 -- Prevented leading zeros in IPv4 addresses.
validate_ipv4_address() was affected only on Python < 3.9.5, see [1].
URLValidator() uses a regular expressions and it was affected on all
Python versions.

[1] https://bugs.python.org/issue36384
2021-06-02 10:58:39 +02:00
Mariusz Felisiak
e1e81aa1c4
Fixed #32713, Fixed CVE-2021-32052 -- Prevented newlines and tabs from being accepted in URLValidator on Python 3.9.5+.
In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines
and tabs from URLs [1, 2]. Unfortunately it created an issue in
the URLValidator. URLValidator uses urllib.urlsplit() and
urllib.urlunsplit() for creating a URL variant with Punycode which no
longer contains newlines and tabs in Python 3.9.5+. As a consequence,
the regular expression matched the URL (without unsafe characters) and
the source value (with unsafe characters) was considered valid.

[1] https://bugs.python.org/issue43882 and
[2] 76cd81d603
2021-05-06 08:45:23 +02:00
Claudio Catterina
faa6d41cda
Fixed typo in DecimalValidator tests.
This replaces redundant test for -Infinity with +Infinity.
2020-07-16 11:21:39 +02:00
David Smith
27c09043da Refs #31670 -- Renamed whitelist argument and attribute of EmailValidator. 2020-06-18 21:43:20 +02:00
Yash Saini
ccb1cfb64e Fixed #31548 -- Fixed URLValidator crash on non-strings. 2020-05-08 20:53:05 +02:00
Yash Saini
bda6ade7b7 Added URLValidator test for missing scheme. 2020-05-08 20:50:25 +02:00
ElizabethU
54ea290e5b Fixed #30651 -- Made __eq__() methods return NotImplemented for not implemented comparisons.
Changed __eq__ to return NotImplemented instead of False if compared to
an object of the same type, as is recommended by the Python data model
reference. Now these models can be compared to ANY (or other objects
with __eq__ overwritten) without returning False automatically.
2019-10-01 17:58:19 +02:00
buzzi
24cae0bedc Fixed #29860 -- Allowed BaseValidator to accept a callable limit_value. 2018-10-22 10:26:54 -04:00
Tom Forbes
8c70ba92dd Refactored validators tests to use subtests. 2018-08-18 15:04:48 -04:00
Fabio Bonelli
f636f0bb86 Fixed #29007 -- Fixed DecimalValidator crash on NaN, SNan, Inf, and Infinity values. 2018-01-10 21:43:32 -05:00
Josh Schneier
e8c4596329 Fixed #28562 -- Fixed DecimalValidator handling of positive exponent scientific notation. 2017-09-27 09:42:04 -04:00
Josh Schneier
0dbcd0e87f Added tests for DecimalValidator. 2017-09-11 14:18:02 -04:00
Alejandro Zamora
90d7b912b9 Fixed #28201 -- Added ProhibitNullCharactersValidator and used it on CharField form field. 2017-08-12 20:14:14 -04:00
Mads Jensen
a51c4de194 Used assertRaisesMessage() to test Django's error messages. 2017-07-29 19:07:23 -04:00
Arne de Laat
681d2599ee Fixed #28165 -- Ignored case in FileExtensionValidator's allowed_extensions. 2017-06-07 16:53:36 -04:00
Arne de Laat
b137add6cf Added FileExtensionValidator tests for uppercase and missing file extensions. 2017-06-07 16:53:10 -04:00
Claude Paroz
289fc1bfa5 Refs #23919 -- Removed str_prefix usage 2017-01-20 15:43:28 +01:00
Tim Graham
4e729feaa6 Refs #23919 -- Removed django.utils._os.upath()/npath()/abspathu() usage.
These functions do nothing on Python 3.
2017-01-20 08:01:02 -05:00
Aymeric Augustin
a556396339 Refs #23919 -- Replaced io.open() with open().
io.open() is an alias for open() on Python 3.
2017-01-18 21:45:12 -05:00
Claude Paroz
d7b9aaa366 Refs #23919 -- Removed encoding preambles and future imports 2017-01-18 09:55:19 +01:00
Ramin Farajpour Cami
967be82443 Fixed E305 flake8 warnings. 2016-11-14 12:30:46 -05:00
za
321e94fa41 Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings. 2016-11-10 21:30:21 -05:00
wim glenn
21dd792349 Fixed #26578 -- Prohibited non-ASCII digits in validate_ipv4_address. 2016-10-28 11:38:49 -04:00
Baptiste Mispelon
a9215b7c36 Refs #21548 -- Skipped tests that rely on pillow when it's not installed 2016-07-02 15:46:16 +02:00
Berker Peksag
12b4280444 Fixed #21548 -- Added FileExtensionValidator and validate_image_file_extension. 2016-06-30 09:08:50 -04:00
Tim Graham
c9ae09addf Replaced use of TestCase.fail() with assertRaises().
Also removed try/except/fail antipattern that hides exceptions.
2016-06-28 11:21:26 -04:00
Akshesh
d58aaa24e3 Fixed #26107 -- Added option to int_list_validator() to allow negative integers. 2016-02-18 18:58:18 -05:00
Dheerendra Rathor
06627ef2ca Fixed #25635 -- Made URLValidator allow '+' in scheme. 2015-10-31 17:50:05 -04:00
Iulia Chiriac
75ed590032 Fixed #24636 -- Added model field validation for decimal places and max digits. 2015-09-18 14:30:20 -04:00
Edward Henderson
f8cc464452 Fixed #16501 -- Added an allow_unicode parameter to SlugField.
Thanks Flavio Curella and Berker Peksag for the initial patch.
2015-07-17 13:48:58 -04:00
Shai Berger
17d3a6d804 Fixed catastrophic backtracking in URLValidator.
Thanks João Silva for reporting the problem and Tim Graham for finding the
problematic RE and for review.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Tim Graham
014247ad19 Prevented newlines from being accepted in some validators.
This is a security fix; disclosure to follow shortly.

Thanks to Sjoerd Job Postmus for the report and draft patch.
2015-07-08 15:23:03 -04:00
Anoop Thomas Mathew
2400329508 Fixed #24349 -- Limited domain name labels to 63 characters in EmailValidator 2015-04-17 18:08:33 -04:00
Bertrand Bordage
3e64f3d0fc Fixed #24531 -- Improved CommaSeparatedIntegerField validation.
`','`, `'1,,1'`, `',1'` etc. are no longer considered as valid
comma-separated integer lists.
2015-03-25 18:49:59 -04:00
Tim Graham
0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Danilo Bargen
8b77b64f1c Refactored URLValidator tests by moving URLs to text files. 2014-11-03 13:02:11 -05:00
Anubhav Joshi
5cdb8f8c1e Fixed #16617 -- Added 'value' to BaseValidator params.
Also allowed overriding the default messages in subclasses of BaseValidator.

Thanks sperrygrove for initial patch.
2014-07-26 10:03:00 -04:00