django.git/django/middleware/csrf.py, branch stable/5.2.x django http://cgit.adnoto.dev/django.git/atom?h=stable%2F5.2.x 2024-05-29T13:48:27Z Fixed 35467 -- Replaced urlparse with urlsplit where appropriate. 2024-05-29T13:48:27Z Jake Howard RealOrangeOne@users.noreply.github.com 2024-05-29T13:48:27Z urn:sha1:ff308a06047cd60806d604a7cf612e5656ee2ac9 This work should not generate any change of functionality, and `urlsplit` is approximately 6x faster. Most use cases of `urlparse` didn't touch the path, so they can be converted to `urlsplit` without any issue. Most of those which do use `.path`, simply parse the URL, mutate the querystring, then put them back together, which is also fine (so long as urlunsplit is used). Applied Black's 2024 stable style. 2024-01-26T11:45:07Z Mariusz Felisiak felisiak.mariusz@gmail.com 2024-01-26T11:45:07Z urn:sha1:305757aec19c9d5111e4d76095ae0acd66163e4b https://github.com/psf/black/releases/tag/24.1.0 Refs #32800 -- Removed CSRF_COOKIE_MASKED transitional setting per deprecation timeline. 2023-01-17T10:49:15Z Mariusz Felisiak felisiak.mariusz@gmail.com 2023-01-12T11:47:42Z urn:sha1:e01970e9d23a241473671ea26126f8440db4dead Fixed #34074 -- Added headers argument to RequestFactory and Client classes. 2022-11-14T09:21:51Z David Wobrock david.wobrock@gmail.com 2022-10-09T20:33:35Z urn:sha1:67da22f08e05018ea968fcacbac9ac37ea925d85 Updated documentation and comments for RFC updates. 2022-11-10T12:52:17Z Nick Pope nick@nickpope.me.uk 2022-11-04T12:33:09Z urn:sha1:9bd174b9a75299dce33e673a559f2b673399b971 - Updated references to RFC 1123 to RFC 5322 - Only partial as RFC 5322 sort of sub-references RFC 1123. - Updated references to RFC 2388 to RFC 7578 - Except RFC 2388 Section 5.3 which has no equivalent. - Updated references to RFC 2396 to RFC 3986 - Updated references to RFC 2616 to RFC 9110 - Updated references to RFC 3066 to RFC 5646 - Updated references to RFC 7230 to RFC 9112 - Updated references to RFC 7231 to RFC 9110 - Updated references to RFC 7232 to RFC 9110 - Updated references to RFC 7234 to RFC 9111 - Tidied up style of text when referring to RFC documents Refs #33476 -- Reformatted code with Black. 2022-02-07T19:37:05Z django-bot ops@djangoproject.com 2022-02-03T19:24:19Z urn:sha1:9c19aff7c7561e3a82978a272ecdaad40dda5c00 Refs #32800 -- Renamed _sanitize_token() to _check_token_format(). 2021-11-29T09:48:31Z Chris Jerdonek chris.jerdonek@gmail.com 2021-08-23T07:09:19Z urn:sha1:3ff7f6cf07a722635d690785c31ac89484134bee Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret. 2021-11-29T09:47:39Z Chris Jerdonek chris.jerdonek@gmail.com 2021-08-17T13:13:13Z urn:sha1:5d80843ebc5376d00f98bf2a6aadbada4c29365c This also adds CSRF_COOKIE_MASKED transitional setting helpful in migrating multiple instance of the same project to Django 4.1+. Thanks Florian Apolloner and Shai Berger for reviews. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com> Refs #32800 -- Added _add_new_csrf_cookie() helper function. 2021-08-17T10:23:54Z Chris Jerdonek chris.jerdonek@gmail.com 2021-08-02T18:07:53Z urn:sha1:231de683d86374c2b74da2185efc6ddfb5eb3341 This centralizes the logic to use when setting a new cookie. It also eliminates the need for the _get_new_csrf_token() function, which is now removed. Refs #32800 -- Renamed _set_token() to _set_csrf_cookie(). 2021-08-17T10:23:54Z Chris Jerdonek chris.jerdonek@gmail.com 2021-08-03T05:59:49Z urn:sha1:f10553ec93b853029f3b3c6fe215648f48bd1223