mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-01-27 02:29:55 +00:00
Code Issues 32 Releases Wiki Activity
django/tests/regressiontests
History
Jacob Kaplan-Moss 9f8287a3f1 SECURITY ALERT: Corrected regular expressions for URL and email fields. 
Certain email addresses/URLs could trigger a catastrophic backtracking situation, causing 100% CPU and server overload. If deliberately triggered, this could be the basis of a denial-of-service attack.

This security vulnerability was disclosed in public, so we're skipping our
normal security release process to get the fix out as soon as possible.

This is a security related update. A full announcement, as well as backports for the 1.1.X and 1.0.X series will follow.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11603 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-09 20:57:59 +00:00
..
admin_changelist
Fixed #10348: ChangeList no longer overwrites a select_related provided by ModelAdmin.queryset().
2009-05-14 15:09:33 +00:00
admin_inlines
Fixed #9362 -- Prevented inline forms from overwriting the content_type_id attribute on objets being inlined. Thanks to carljm for the report and patch.
2009-05-03 13:38:36 +00:00
admin_ordering
admin_registration
admin_scripts
Fixed a few Python 2.3 incompatibilities that were causing test failures.
2009-05-29 05:23:50 +00:00
admin_validation
Fixed #9932 -- Added a validation error when an inline tries to exclude the foreign key that provides the link to the parent model. Thanks to david for the report and patch.
2009-05-03 13:39:33 +00:00
admin_views
Fixed #11820 -- Corrected the spelling of Grace Hopper's name in a test. Thanks to shields@msrl.com for the report, and apologies to Admiral Hopper for the error.
2009-09-13 04:32:55 +00:00
admin_widgets
Fixed #11532 -- Corrected the link used for edit_inline foreign keys in admin when the admin is deployed using the old style admin.root approach. Thanks to JP for the report.
2009-07-23 14:31:33 +00:00
aggregation_regress
Fixed #10906 -- Added a check for PostgreSQL pre 8.2 when using StdDev/Variance aggregates. Thanks to Richard Davies for the report and patch.
2009-05-10 09:22:53 +00:00
app_loading
auth_backends
backends
Fixed #10566: Added support for cx_Oracle compiled with the WITH_UNICODE flag.
2009-08-24 15:45:48 +00:00
bug639
bug8245
builtin_server
Fixed #9659: fixed wsgi.file_wrapper in the builtin server. Thanks, mitsuhiko.
2009-05-07 15:39:06 +00:00
cache
comment_tests
Corrected tests from [10784]; instead of retrieving two comments, it was retrieving one comment twice.
2009-05-15 02:54:55 +00:00
conditional_processing
context_processors
custom_columns_regress
custom_managers_regress
datastructures
datatypes
dateformat
Fixed #10825: fixed the 'U' format code to dateformat (and the date/now filter/tag). Thanks to gsong and mir.
2009-05-08 13:39:37 +00:00
datetime_safe
db_typecasts
decorators
Added 'key_prefix' keyword argument to cache_page()
2009-09-28 21:54:54 +00:00
defaultfilters
Fixed #10675 -- Added unicode paragraph and line-sep handling to escapejs.
2009-04-12 04:55:41 +00:00
defer_regress
Fixed #10733 -- Added a regression test for queries with multiple references to multiple foreign keys in only() clauses. Thanks to mrts for the report.
2009-06-06 12:16:06 +00:00
delete_regress
Fixed #9479 -- Corrected an edge case in bulk queryset deletion that could cause an infinite loop when using MySQL InnoDB.
2009-06-03 13:23:19 +00:00
dispatch
Fixed #10753 -- Fixed regression in dispatcher after [10398]. Thanks for the patch and tests, minmax
2009-04-10 18:58:32 +00:00
expressions_regress
extra_regress
Fixed #10847 -- Modified handling of extra() to use a masking strategy, rather than last-minute trimming. Thanks to Tai Lee for the report, and Alex Gaynor for his work on the patch.
2009-04-30 15:40:09 +00:00
file_storage
Fixed a few Python 2.3 incompatibilities that were causing test failures.
2009-05-29 05:23:50 +00:00
file_uploads
Fixed #10687: fixed request parsing when upload_handlers is empty. Thanks, Armin Ronacher.
2009-05-08 17:22:34 +00:00
fixtures_regress
Fixed #11428 -- Ensured that SQL generating commands and dumpdata don't include proxy models in their output. Thanks to Anssi Kaariainen for the report.
2009-07-27 14:32:30 +00:00
forms
SECURITY ALERT: Corrected regular expressions for URL and email fields.
2009-10-09 20:57:59 +00:00
formwizard
generic_inline_admin
Fixed the tests from [9438] to work consistantly across databases. In particular, it was failing on newer versions of PostgreSQL after [10586].
2009-04-22 22:38:14 +00:00
generic_relations_regress
get_or_create_regress
httpwrappers
Fixed #10188: prevent newlines in HTTP headers. Thanks, bthomas.
2009-05-08 11:15:23 +00:00
humanize
i18n
initial_sql_regress
inline_formsets
Fixed #10750: respect comment=False in inline formsets. Thanks, Koen Biermans.
2009-05-08 09:59:46 +00:00
introspection
Fixed #11049: introspection on Oracle now identifies IntegerFields correctly.
2009-08-21 21:42:39 +00:00
m2m_regress
Fixed #11311 -- Reverted [10952], Refs #10785. Changeset [10952] caused problems with m2m relations between models that had non-integer primary keys. Thanks to Ronny for the report and test case.
2009-06-15 11:47:01 +00:00
m2m_through_regress
Fixed #11107 -- Corrected the generation of sequence reset SQL for m2m fields with an intermediate model. Thanks to J Clifford Dyer for the report and fix.
2009-07-11 14:22:52 +00:00
mail
Fixed #11546 -- Modified the mail regression test to avoid getting hung up on 32/64 bit differences. Thanks to Richard Davies for the report.
2009-07-25 05:14:46 +00:00
managers_regress
many_to_one_regress
max_lengths
Make sure that all uses of max_length in the test suite use values smaller than 255. If we use max_length > 255 the test suite can't be run on MySQL 4.
2009-05-07 18:06:22 +00:00
middleware
model_fields
Added test for pickling of a model with an ImageField, refs #11103.
2009-05-29 04:06:09 +00:00
model_forms_regress
Fixed #11149 -- Don't call save_form_data on file-type fields multiple times when saving a model form.
2009-05-19 23:13:33 +00:00
model_formsets_regress
Modified a test from r10787 so that the comparison order is reliable. Thanks to Alex Gaynor and Tom Tobin for the report via IRC.
2009-05-20 00:19:13 +00:00
model_inheritance_regress
model_inheritance_select_related
model_regress
Fixed #10153: foreign key gte and lte lookups now work. Thanks, joelhooks and adurdin.
2009-05-07 16:12:08 +00:00
modeladmin
Fixed #10208: ModelAdmin now respects the exclude and field atributes of custom ModelForms. Thanks, Alex Gaynor.
2009-04-22 15:48:51 +00:00
null_fk
Fixed #11392 -- Enforced a predictable result order for a couple of test cases. Thanks to Nathan Auch for the report and patch.
2009-06-29 12:29:48 +00:00
null_fk_ordering
null_queries
one_to_one_regress
Fixed #9023 -- Corrected a problem where cached attribute values would cause a delete to cascade to a related object even when the relationship had been set to None. Thanks to TheShark for the report and test case, and to juriejan and Jacob for their work on the patch.
2009-06-15 14:30:51 +00:00
pagination_regress
queries
Fixed an assumed ordering in the queries regression tests by making it explicit.
2009-08-20 16:05:25 +00:00
requests
reverse_single_related
select_related_regress
serializers_regress
Fixed #11392 -- Enforced a predictable result order for a couple of test cases. Thanks to Nathan Auch for the report and patch.
2009-06-29 12:29:48 +00:00
servers
SECURITY ALERT: Corrected a problem with the Admin media handler that could lead to the exposure of system files. Thanks to Gary Wilson for the patch.
2009-07-29 02:40:14 +00:00
string_lookup
syndication
templates
Fixed #11833: name conflict in filter test.
2009-09-10 16:35:23 +00:00
test_client_regress
Fixed #10571 -- Ensured that unicode POST data is correctly encoded by the test client. Thanks to Rick Wagner for his help identifying and fixing this problem.
2009-04-11 09:20:10 +00:00
test_utils
text
Fixed #9315 -- Handle spaces in URL tag arguments.
2009-04-10 04:13:27 +00:00
urlpatterns_reverse
Fixed #10061 -- Added namespacing for named URLs - most importantly, for the admin site, where the absence of this facility was causing problems. Thanks to the many people who contributed to and helped review this patch.
2009-07-16 16:16:13 +00:00
utils
Fixed #10825: fixed the 'U' format code to dateformat (and the date/now filter/tag). Thanks to gsong and mir.
2009-05-08 13:39:37 +00:00
views
Fixed #10458 -- Corrected the next_month and previous_month context variables provided with the generic month_archive view. The value returned now matches the docstring and the generic views documentation. Thanks to fperetti for the report and initial patch.
2009-04-13 13:23:03 +00:00
__init__.py