mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-12-26 11:06:07 +00:00
Code Issues 25 Releases Wiki Activity
17,506 Commits 28 Branches 426 Tags 667 MiB
546740544d
Commit Graph

7 Commits

Author SHA1 Message Date
Tim Graham
546740544d [1.7.x] Fixed a remote code execution vulnerabilty in URL reversing. 
Thanks Benjamin Bach for the report and initial patch.

This is a security fix; disclosure to follow shortly.

Backport of 8b93b31487 from master
 2014-04-21 18:29:12 -04:00
Athena
5d568bcfa6 Fixed #7571 -- Fixed parameter matching in include()'d urlpattern 
Fixed URL resolving in the case where an outer regex includes an inner
regex and both regexes use positional parameters instead of named
groups, causing the outer regex's parameters to override the inner
regex's.

Modified the regex url resolver so that it will concatenates and then
normalizes, instead of normalizing and then concatenating.
 2014-03-05 00:35:03 +01:00
Loic Bistuer
6685713869 Fixed E127 pep8 warnings. 2013-12-14 11:59:15 -05:00
Claude Paroz
5c1143910e Removed most of absolute_import imports 
Should be unneeded with Python 2.7 and up.
Added some unicode_literals along the way.
 2013-07-29 20:28:13 +02:00
Aymeric Augustin
31b5275235 Fixed #13260 -- Quoted arguments interpolated in URLs in reverse. 2013-03-18 23:58:22 +01:00
Florian Apolloner
33836cf88d Renamed some tests and removed references to modeltests/regressiontests. 2013-02-26 14:36:57 +01:00
Florian Apolloner
89f40e3624 Merged regressiontests and modeltests into the test root. 2013-02-26 14:36:57 +01:00