django http://cgit.adnoto.dev/django.git/atom?h=main 2026-04-07T11:12:23Z 2026-04-07T11:12:23Z Natalia 124304+nessita@users.noreply.github.com 2026-03-05T17:41:44Z urn:sha1:7e9885f99cee771b51692fadc5592bdbf19641aa When a multipart file part used `Content-Transfer-Encoding: base64` and the non-whitespace base64 bytes did not align to a multiple of 4 within a chunk, the parser entered a loop calling `field_stream.read(1-3)` once per whitespace byte. Each such call fetched the entire internal buffer, sliced off 1-3 bytes, and pushed the remainder back via unget(), doing an O(n) memory copy per call. A 2.5 MB payload of mostly whitespace produced CPU amplification relative to a normal upload of the same size. The alignment loop now reads `self._chunk_size` bytes at a time, and accumulates stripped parts in a list joined once at the end. Thanks to Seokchan Yoon for the report and the fixing patch. 2026-02-24T18:44:42Z sammiee5311 sammiee5311@gmail.com 2026-02-16T03:21:03Z urn:sha1:e84dc8715e91d51364ba6bda2b2fb07e7a8b750e Added LookupError to the except clause so invalid headers are silently skipped, consistent with other malformed header handling. 2025-08-28T17:25:36Z Jake Howard git@theorangeone.net 2025-08-20T15:04:48Z urn:sha1:41ff30f6f9d072036be1f74db8f0c8b21565299f Header parsing should apply only to the header value. The previous implementation happened to work but relied on unintended behavior. 2025-07-23T23:17:55Z django-bot ops@djangoproject.com 2025-07-23T03:41:41Z urn:sha1:69a93a88edb56ba47f624dac7a21aacc47ea474f Rewrapped long docstrings and block comments to 79 characters + newline using script from https://github.com/medmunds/autofix-w505. 2025-07-23T23:17:55Z Mike Edmunds medmunds@gmail.com 2025-07-23T03:40:48Z urn:sha1:55b0cc21310b76ce4018dd793ba50556eaf0af06 Manually reformatted some long docstrings and comments that would be damaged by the to-be-applied autofixer script, in cases where editorial judgment seemed necessary for style or wording changes. 2025-04-01T01:43:13Z Aarni Koskela akx@iki.fi 2025-03-05T16:45:10Z urn:sha1:c972af69e2021b75b89d8bc47e214ef875bbdc06 2024-01-26T11:45:07Z Mariusz Felisiak felisiak.mariusz@gmail.com 2024-01-26T11:45:07Z urn:sha1:305757aec19c9d5111e4d76095ae0acd66163e4b https://github.com/psf/black/releases/tag/24.1.0 2023-11-24T11:06:54Z Standa Opichal stanislav.opichal@rossum.ai 2023-11-10T16:40:24Z urn:sha1:1c6e8ec4ed6d9c374161eda965160e4782c7d71e This also allow customizing the maximum size of headers via MAX_TOTAL_HEADER_SIZE. 2023-02-14T07:18:40Z Markus Holtermann info@markusholtermann.eu 2022-12-13T09:27:39Z urn:sha1:85ac33591c393f1480d4f23b4daff40119cb6410 Thanks to Jakob Ackermann for the report. 2022-11-10T12:52:17Z Nick Pope nick@nickpope.me.uk 2022-11-04T12:33:09Z urn:sha1:9bd174b9a75299dce33e673a559f2b673399b971 - Updated references to RFC 1123 to RFC 5322 - Only partial as RFC 5322 sort of sub-references RFC 1123. - Updated references to RFC 2388 to RFC 7578 - Except RFC 2388 Section 5.3 which has no equivalent. - Updated references to RFC 2396 to RFC 3986 - Updated references to RFC 2616 to RFC 9110 - Updated references to RFC 3066 to RFC 5646 - Updated references to RFC 7230 to RFC 9112 - Updated references to RFC 7231 to RFC 9110 - Updated references to RFC 7232 to RFC 9110 - Updated references to RFC 7234 to RFC 9111 - Tidied up style of text when referring to RFC documents