Natalia
8124c42601
[5.0.x] Fixed CVE-2023-43665 -- Mitigated potential DoS in django.utils.text.Truncator when truncating HTML text.
...
Thanks Wenchao Li of Alibaba Group for the report.
2023-10-04 09:38:26 -03:00
konsti
48a1929ca0
Removed unnecessary trailing commas in tests.
2023-08-22 12:42:57 +02:00
Mariusz Felisiak
7119f40c98
Refs #33476 -- Refactored code to strictly match 88 characters line length.
2022-02-07 20:37:05 +01:00
django-bot
9c19aff7c7
Refs #33476 -- Reformatted code with Black.
2022-02-07 20:37:05 +01:00
Florian Apolloner
e1d673c373
Fixed unescape_string_literal() crash on empty strings.
2021-12-14 20:19:44 +01:00
Florian Apolloner
5d9c512e5b
Added test for ValueErrors in unescape_string_literal().
2021-12-14 20:18:43 +01:00
Florian Apolloner
0b79eb3691
Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.
2021-05-04 08:44:42 +02:00
Mariusz Felisiak
157ab32f34
Refs #27753 -- Removed django.utils.text.unescape_entities() per deprecation timeline.
2021-01-14 17:50:04 +01:00
Jon Dufresne
f47d5aac62
Refs #27804 -- Used subTest() in tests.utils_tests.test_text.
2020-06-04 11:16:21 +02:00
David Smith
0382ecfe02
Fixed #28694 -- Made django.utils.text.slugify() strip dashes and underscores.
2020-05-29 06:47:51 +02:00
David Smith
dde05e192c
Added more tests for slugify().
2020-05-29 06:28:57 +02:00
Jon Dufresne
505fec6bad
Capitalized Unicode in docs, strings, and comments.
2020-04-20 12:10:33 +02:00
Sjbrgsn
b2bd08bb7a
Fixed #30892 -- Fixed slugify() and admin's URLify.js for "İ".
...
Thanks Luis Nell for the implementation idea and very detailed report.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-12-30 20:47:22 +01:00
Nick Pope
7552de7866
Used more specific unittest assertions in tests.
...
* assertIsNone()/assertIsNotNone() instead of comparing to None.
* assertLess() for < comparisons.
* assertIs() for 'is' expressions.
* assertIsInstance() for isinstance() expressions.
* rounding of assertAlmostEqual() for round() expressions.
* assertIs(..., True/False) instead of comparing to True/False.
* assertIs()/assertIsNot() for ==/!= comparisons.
* assertNotEqual() for == comparisons.
* assertTrue()/assertFalse() instead of comparing to True/False.
2019-10-29 12:37:30 +01:00
Florian Apolloner
7f65974f82
Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML.
...
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Jon Dufresne
42b9a23267
Fixed #30400 -- Improved typography of user facing strings.
...
Thanks Claude Paroz for assistance with translations.
2019-06-28 16:46:18 +02:00
Jon Dufresne
b915b9f10f
Refs #27753 -- Deprecated django.utils.text.unescape_entities().
...
The function was undocumented and only required for compatibility with
Python 2.
Code should use Python's html.unescape() that was added in Python 3.4.
2019-05-08 08:00:59 +02:00
Hasan Ramezani
7e978fdc42
Completed test coverage for utils.text._replace_entity().
2019-01-23 19:33:21 -05:00
Hasan Ramezani
838e432e3e
Completed test coverage for utils.text.Truncator.chars().
2019-01-19 18:45:41 -05:00
Claude Paroz
201017df30
Fixed #29654 -- Made text truncation an ellipsis character instead of three dots.
...
Thanks Sudhanshu Mishra for the initial patch and Tim Graham for the review.
2018-08-21 17:46:45 +02:00
Claude Paroz
b004bd62e8
Fixed #29412 -- Stopped marking slugify() result as HTML safe.
2018-07-20 10:44:30 -04:00
Tim Graham
97b7dd59bb
Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in django.utils.text.Truncator.
...
Thanks James Davis for suggesting the fix.
2018-03-06 08:30:40 -05:00
Claude Paroz
389c3ffc04
Updated tests after French translation update
2017-04-04 13:07:47 +02:00
Claude Paroz
8346680e1c
Refs #27795 -- Removed unneeded force_text calls
...
Thanks Tim Graham for the review.
2017-03-04 18:18:21 +01:00
Tim Graham
500532c95d
Refs #23919 -- Removed default 'utf-8' argument for str.encode()/decode().
2017-02-09 09:03:47 -05:00
Claude Paroz
c651331b34
Converted usage of ugettext* functions to their gettext* aliases
...
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
Claude Paroz
7b2f2e74ad
Refs #23919 -- Removed six.<various>_types usage
...
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
Claude Paroz
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
za
321e94fa41
Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings.
2016-11-10 21:30:21 -05:00
Mattias Loverot
9aaeec337e
Fixed #26866 -- Added format_lazy function
...
Added format_lazy function to django.utils.text module.
Useful when dealing with relative complex lazy string concatenations
(e.g. in urls.py when translating urls in regular expressions).
2016-08-24 18:18:17 +02:00
Tim Graham
92053acbb9
Fixed E128 flake8 warnings in tests/.
2016-04-08 10:12:33 -04:00
Iacopo Spalletti
d693074d43
Fixed #20223 -- Added keep_lazy() as a replacement for allow_lazy().
...
Thanks to bmispelon and uruz for the initial patch.
2015-12-12 14:46:48 -05:00
Edward Henderson
f8cc464452
Fixed #16501 -- Added an allow_unicode parameter to SlugField.
...
Thanks Flavio Curella and Berker Peksag for the initial patch.
2015-07-17 13:48:58 -04:00
Matthew Somerville
caa3562d5b
Fixed #24242 -- Improved efficiency of utils.text.compress_sequence()
...
The function no longer flushes zfile after each write as doing so can
lead to the gzipped streamed content being larger than the original
content; each flush adds a 5/6 byte type 0 block. Removing this means
buf.read() may return nothing, so only yield if that has some data.
Testing shows without the flush() the buffer is being flushed every 17k
or so and compresses the same as if it had been done as a whole string.
2015-02-04 13:04:00 -05:00
Tim Graham
df3f3bbe29
Removed utils.text.javascript_quote() per deprecation timeline; refs #21725 .
2015-01-17 12:41:49 -05:00
Claude Paroz
51890ce889
Applied ignore_warnings to Django tests
2014-12-30 18:16:25 +01:00
Diego Guimarães
9f427617e4
Refs #23947 -- Worked around a bug in Python that prevents deprecation warnings from appearing in tests.
2014-12-06 14:46:01 -05:00
Loic Bistuer
3c6ac0bab8
Consolidated some text utils into the utils_tests test package.
2014-09-23 19:45:59 +07:00
Claude Paroz
210d0489c5
Fixed #21188 -- Introduced subclasses for to-be-removed-in-django-XX warnings
...
Thanks Anssi Kääriäinen for the idea and Simon Charette for the
review.
2014-03-08 09:57:40 +01:00
Claude Paroz
ac699cdc17
Really hidden warnings in javascript_quote tests
...
Refs #21725 .
2014-03-05 09:00:55 +01:00
Baptiste Mispelon
926e18d7d1
Deprecated django.utils.text.javascript_quote.
...
Refs #21725 .
2014-02-22 13:50:12 +01:00
Baptiste Mispelon
847171b0d0
Fixed test failures when running in a narrow Python build.
2014-02-22 13:50:12 +01:00
MattBlack85
1c1dffca75
Fixed #21725 -- Fixed JavaScript quoting encoding.
...
Thanks to nedbatchelder for the report.
2014-02-15 19:39:21 +01:00
Vajrasky Kok
c43c469a2e
Fixed #21731 -- Made javascript_quote escapes '</'.
2014-02-06 04:02:09 -05:00
Baptiste Mispelon
2c837233f5
Fixed #21574 -- Handle bytes consistently in utils.text.normalize_newlines.
...
All input is now coerced to text before being normalized.
This changes nothing under Python 2 but it allows bytes
to be passed to the function without a TypeError under Python3
(bytes are assumed to be utf-8 encoded text).
Thanks to trac user vajrasky for the report.
2013-12-12 16:09:12 +01:00
Vajrasky Kok
a1a26690b9
Fixed #21572 -- Added unit test for django.utils.text.normalize_newlines.
2013-12-07 16:28:22 +08:00
Vajrasky Kok
7169722d5c
Fixed #21505 -- Added unit test for django.utils.text.get_valid_filename.
2013-11-24 11:10:34 +01:00
Jason Myers
c3791463a5
Fixing E302 Errors
...
Signed-off-by: Jason Myers <jason@jasonamyers.com>
2013-11-02 23:48:47 -05:00
Tim Graham
36ded01527
Fixed #21302 -- Fixed unused imports and import *.
2013-11-02 15:24:56 -04:00
Larry O'Neill
83b9bfea44
Fixed #21266 -- Fixed E201,E202 pep8 warnings.
2013-10-14 18:12:00 -04:00