mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-11-07 07:15:35 +00:00
Code Issues 32 Releases Wiki Activity
34,009 Commits 30 Branches 463 Tags
6e18c078d5c044a1d22dd6a64ace11d9e5f6d0bc
Commit Graph

24 Commits

Author SHA1 Message Date
YashRaj1506
9bb83925d6 Fixed #36470 -- Prevented log injection in runserver when handling NOT FOUND. 
Migrated `WSGIRequestHandler.log_message()` to use a more robust
`log_message()` helper, which was based of `log_response()` via factoring out
the common bits.

Refs CVE-2025-48432.

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2025-10-20 16:21:32 -03:00
Paul Bailey
9d52e0720f Fixed #35051 -- Prevented runserver from removing non-zero Content-Length for HEAD requests. 2023-12-31 08:32:37 +01:00
Sarah Boyce
8acc433e41 Fixed #28054 -- Made runserver not return response body for HEAD requests. 
Co-authored-by: jannschu <jannik.schuerg@posteo.de>
 2023-01-27 21:49:54 +01:00
rafrafek
cdd4ff67d2 Refs #25684 -- Removed double newline from request/response output of runserver. 
Follow up to 0bc5cd6280.
 2022-02-14 06:55:34 +01:00
django-bot
9c19aff7c7 Refs #33476 -- Reformatted code with Black. 2022-02-07 20:37:05 +01:00
Petter Strandmark
772eca0b02 Fixed #32240 -- Made runserver suppress ConnectionAbortedError/ConnectionResetError errors. 
See https://bugs.python.org/issue27682 and
https://github.com/python/cpython/pull/9713
 2020-12-14 20:46:18 +01:00
Petter Strandmark
28124e7bdf Refs #4444 -- Added tests for handling broken pipe errors in WSGIServer. 2020-12-14 20:46:18 +01:00
Simon Charette
0f212db29d Made reused RequestFactory instances class attributes. 2018-11-27 09:49:02 -05:00
Claude Paroz
523e04dfeb Captured logging in tests with self.assertLogs(). 2018-05-07 09:34:02 -04:00
Claude Paroz
607970f31c Replaced django.test.utils.patch_logger() with assertLogs(). 
Thanks Tim Graham for the review.
 2018-05-07 09:34:00 -04:00
Jon Dufresne
21046e7773 Fixed #28249 -- Removed unnecessary dict.keys() calls. 
iter(dict) is equivalent to iter(dict.keys()).
 2017-05-27 19:08:46 -04:00
Tim Graham
500532c95d Refs #23919 -- Removed default 'utf-8' argument for str.encode()/decode(). 2017-02-09 09:03:47 -05:00
Claude Paroz
042b7350a0 Refs #23919 -- Removed unneeded str() calls 2017-01-20 14:13:55 +01:00
Simon Charette
cecc079168 Refs #23919 -- Stopped inheriting from object to define new style classes. 2017-01-19 08:39:46 +01:00
Tim Graham
35225e2ade Refs #27025 -- Fixed a servers test on Python 3.6. 
After https://hg.python.org/cpython/rev/4ea79767ff75/,
test_strips_underscore_headers fails with:
'Stub' object has no attribute 'sendall'.
 2016-08-08 16:50:48 -04:00
Tim Graham
f0a84112ba Refs #25684 -- Silenced logging output in servers tests. 2016-02-08 11:14:27 -05:00
Flavio Curella
0bc5cd6280 Fixed #25684 -- Made runserver use logging for request/response output. 
Thanks andreif for the contributing to the patch.
 2016-01-11 07:35:17 -05:00
Tim Graham
1a76257b1b Fixed #25204 -- Added missing space in runserver logging. 2015-08-01 08:01:24 -04:00
Tim Graham
6e3fe089dd Replaced six.BytesIO with io.BytesIO 2015-07-20 08:19:47 -04:00
Simon Charette
be67400b47 Refs #24652 -- Used SimpleTestCase where appropriate. 2015-05-20 13:46:13 -04:00
Tim Graham
c8074d62f8 Fixed typo in error message in the test. 2015-02-19 19:36:20 -05:00
Carl Meyer
316b8d4974 Stripped headers containing underscores to prevent spoofing in WSGI environ. 
This is a security fix. Disclosure following shortly.

Thanks to Jedediah Smith for the report.
 2015-01-13 13:03:05 -05:00
wrwrwr
6dbe979b4d Fixed #23930 -- Added copies of captured_std* managers from CPython's test.support. 
StringIO import was adapted for compatibility with Python 2.
 2014-11-29 11:21:58 -05:00
Flavio Curella
c53f2451a8 Fixed #23398 -- Added helpful error message when runserver is accessed via HTTPS 2014-09-09 12:29:30 -04:00