1
0
mirror of https://github.com/django/django.git synced 2024-12-22 17:16:24 +00:00
Commit Graph

101 Commits

Author SHA1 Message Date
Tom Carrick
bcc2befd0e Fixed #31789 -- Added a new headers interface to HttpResponse. 2020-09-14 08:41:59 +02:00
Claude Paroz
4d973f5939 Refs #26601 -- Deprecated passing None as get_response arg to middleware classes.
This is the new contract since middleware refactoring in Django 1.10.

Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-02-18 20:03:44 +01:00
Viktor Lomakin
ee6b17187f Fixed #30812 -- Made ConditionalGetMiddleware set ETag only for responses with non-empty content. 2019-10-10 09:51:05 +02:00
Nick Pope
406dba04e1 Fixed #29406 -- Added support for Referrer-Policy header.
Thanks to James Bennett for the initial implementation.
2019-09-09 13:35:41 +02:00
Claude Paroz
05d0eca635 Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY. 2019-09-09 08:15:26 +02:00
Hasan Ramezani
090ca6512f Fixed #30604 -- Made mail_admins()/mail_managers() raise ValueError if ADMINS/MANAGERS is set incorrectly. 2019-07-02 07:34:07 +02:00
Nick Pope
413d50b5ff Corrected settings names in SecurityMiddleware tests. 2019-03-20 20:15:34 -04:00
Jon Dufresne
c492fdfd24 Removed default empty content argument from HttpResponse calls. 2019-02-09 16:27:32 -05:00
Tim Graham
043bd70942 Updated test URL patterns to use path() and re_path(). 2018-12-31 10:47:32 -05:00
Simon Charette
0f212db29d Made reused RequestFactory instances class attributes. 2018-11-27 09:49:02 -05:00
Artur Juraszek
817c6cdf0e Capitalized SecurityMiddleware headers for consistency with other headers.
(No behavior change since HTTP headers are case insensitive.)
2018-10-30 18:30:51 -04:00
Andreas Hug
a656a68127 Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware. 2018-08-01 09:28:42 -04:00
Mariusz Felisiak
362813d628
Fixed hanging indentation in various code. 2018-03-16 10:54:34 +01:00
Tim Graham
48d57788ee Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline. 2017-09-22 12:51:18 -04:00
Tim Graham
500532c95d Refs #23919 -- Removed default 'utf-8' argument for str.encode()/decode(). 2017-02-09 09:03:47 -05:00
Vytis Banaitis
8838d4dd49 Refs #23919 -- Replaced kwargs.pop() with keyword-only arguments. 2017-02-01 11:41:56 -05:00
chillaranand
d6eaf7c018 Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-25 12:23:46 -05:00
Claude Paroz
dc8834cad4 Refs #23919 -- Removed unneeded force_str calls 2017-01-20 08:44:31 +01:00
Claude Paroz
2b281cc35e Refs #23919 -- Removed most of remaining six usage
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
Claude Paroz
c716fe8782 Refs #23919 -- Removed six.PY2/PY3 usage
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz
d7b9aaa366 Refs #23919 -- Removed encoding preambles and future imports 2017-01-18 09:55:19 +01:00
za
321e94fa41 Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings. 2016-11-10 21:30:21 -05:00
Sven Engström
f46a838efc Fixed #26812 -- Fixed APPEND_SLASH on a URL including querystring with a trailing slash. 2016-11-06 10:38:36 +01:00
Adam Malinowski
37809b891e Fixed #27346 -- Stopped setting the Content-Length header in ConditionalGetMiddleware. 2016-11-05 22:24:54 +01:00
Kevin Christopher Henry
2327fad54e Fixed #27344 -- Made ConditionalGetMiddleware only process GET requests. 2016-10-17 16:11:53 -04:00
Tim Graham
61f9243e51 Fixed #27345 -- Stopped setting the Date header in ConditionalGetMiddleware. 2016-10-14 12:48:03 -04:00
Kevin Christopher Henry
9108696a75 Refs #19705 -- Changed gzip modification times to 0.
This makes gzip output deterministic, which allows
ConditionalGetMiddleware to reliably compare ETags on gzipped
content (views using the gzip_page() decorator in particular).
2016-10-14 07:41:42 -04:00
Kevin Christopher Henry
ad332e5ca9 Refs #19705 -- Made GZipMiddleware make ETags weak.
Django's conditional request processing can now produce 304 Not Modified
responses for content that is subject to compression.
2016-10-13 14:22:54 -04:00
Kevin Christopher Henry
bd7237d7ec Fixed #19705 -- Set proper headers on conditional Not Modified responses. 2016-10-12 14:43:25 -04:00
Denis Cornehl
a840710e1e Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware. 2016-10-10 14:55:59 -04:00
Kevin Christopher Henry
4ef0e019b7 Fixed #27083 -- Added support for weak ETags. 2016-09-10 08:14:52 -04:00
Ed Morley
3c2447dd13 Fixed #26947 -- Added an option to enable the HSTS header preload directive. 2016-08-10 20:23:54 -04:00
Ed Morley
8c3bc5cd78 Fixed docs to refer to HSTS includeSubdomains as a directive.
The spec refers to it as a 'directive' rather than a 'tag':
https://tools.ietf.org/html/rfc6797#section-6.1.2
2016-08-08 20:20:49 -04:00
Tim Graham
0850236a8c Fixed a typo in tests/middleware/test_security.py 2016-07-28 22:00:48 -04:00
andrewnester
20d39325ca Fixed #26765 -- Made CommonMiddleware no longer set an ETag when response has Cache-Control: no-store. 2016-07-15 15:34:00 -04:00
Claude Paroz
9588718cd4 Fixed #5897 -- Added the Content-Length response header in CommonMiddleware
Thanks Tim Graham for the review.
2016-06-27 10:44:57 +02:00
Jon Dufresne
4f336f6652 Fixed #26747 -- Used more specific assertions in the Django test suite. 2016-06-16 14:19:18 -04:00
Tim Graham
92053acbb9 Fixed E128 flake8 warnings in tests/. 2016-04-08 10:12:33 -04:00
ieatkittens
9390da7fb6 Fixed #26293 -- Fixed CommonMiddleware to process PREPEND_WWW and APPEND_SLASH independently. 2016-03-23 09:23:19 -04:00
harikrishnakanchi
74670498e9 Fixed #25971 -- Made BrokenLinkEmailsMiddleware ignore APPEND_SLASH redirects.
If APPEND_SLASH=True and the referer is the URL without a trailing '/', then
BrokenLinkEmailsMiddleware shouldn't send an email.
2016-03-08 09:21:42 -05:00
Tim Graham
406675b1a0 Fixed #26176 -- Fixed E123 flake8 warnings. 2016-02-05 15:11:07 -05:00
userimack
60586dd737 Fixed #26125 -- Fixed E731 flake warnings. 2016-01-25 14:23:43 -05:00
Denis Cornehl
186b6c61bf Fixed #26024 -- Fixed regression in ConditionalGetMiddleware ETag support.
Thanks Denis Cornehl for help with the patch.
2016-01-05 09:37:11 -05:00
Tim Graham
89616f0c79 Made cosmetic cleanups in middleware tests. 2015-12-31 10:29:39 -05:00
Derek J. Curtis
6be9589eb3 Fixed #25900 -- Fixed regression in CommonMiddleware ETag support. 2015-12-10 13:51:07 -05:00
Tim Graham
5bc881541c Moved a few CommonMiddleware tests to the correct test class. 2015-12-10 13:44:54 -05:00
Josh Soref
93452a70e8 Fixed many spelling mistakes in code, comments, and docs. 2015-12-03 12:48:24 -05:00
Aymeric Augustin
11f10b70f3 Fixed #25302 (again) -- Ignored scheme when checking for bad referers.
The check introduced in 4ce433e was too strict in real life. The poorly
implemented bots this patch attempted to ignore are sloppy when it comes
to http vs. https.
2015-11-26 21:27:12 +01:00
Tim Graham
37ea3cb03e Fixed "URLconf" spelling in code comments. 2015-10-22 14:46:42 -04:00
Maxime Lorant
4ce433e811 Fixed #25302 -- Prevented BrokenLinkEmailsMiddleware from reporting 404s when Referer = URL. 2015-08-24 19:35:49 -04:00