django.git/tests/regressiontests/requests/tests.py, branch stable/4.2.x

django.git/tests/regressiontests/requests/tests.py, branch stable/4.2.x django http://cgit.adnoto.dev/django.git/atom?h=stable%2F4.2.x 2013-02-26T13:36:57Z Merged regressiontests and modeltests into the test root. 2013-02-26T13:36:57Z Florian Apolloner florian@apolloner.eu 2013-02-26T08:53:47Z urn:sha1:89f40e36246100df6a11316c31a76712ebc6c501 Added a new required ALLOWED_HOSTS setting for HTTP host header validation. 2013-02-19T18:23:29Z Carl Meyer carl@oddbird.net 2013-02-09T17:17:01Z urn:sha1:d51fb74360b94f2a856573174f8aae3cd905dd35 This is a security fix; disclosure and advisory coming shortly. Removed try-except in django.db.close_connection() 2013-02-12T22:25:09Z Anssi Kääriäinen akaariai@gmail.com 2013-02-12T21:11:22Z urn:sha1:fafee74306e869c23edcef864f9d816565a5c4a2 The reason was that the except clause needed to remove a connection from the django.db.connections dict, but other parts of Django do not expect this to happen. In addition the except clause was silently swallowing the exception messages. Refs #19707, special thanks to Carl Meyer for pointing out that this approach should be taken. Fixed #19707 -- Reset transaction state after requests 2013-02-10T11:55:54Z Anssi Kääriäinen akaariai@gmail.com 2013-02-05T21:52:29Z urn:sha1:a4e97cf315142e61bb4bc3ed8259b95d8586d09c Removed HttpRequest.raw_post_data. 2012-12-29T20:59:07Z Aymeric Augustin aymeric.augustin@m4x.org 2012-12-24T22:20:38Z urn:sha1:4a6490a4a0d0d7e45b1f549e3f9d97e5e2aeb731 Fixed #19468 -- Decoded request.path correctly on Python 3. 2012-12-22T12:32:39Z Aymeric Augustin aymeric.augustin@m4x.org 2012-12-17T09:49:26Z urn:sha1:1e4a27d08790c96f657d2e960c8142d1ca69aede Thanks aliva for the report and claudep for the feedback. Fixed a security issue in get_host. 2012-12-10T21:11:40Z Florian Apolloner florian@apolloner.eu 2012-11-27T21:19:37Z urn:sha1:27560924ec1e567be4727ef8d7dfc4d3879c048c Full disclosure and new release forthcoming. Fixed #19101 -- Decoding of non-ASCII POST data on Python 3. 2012-11-03T12:03:15Z Aymeric Augustin aymeric.augustin@m4x.org 2012-11-03T11:54:06Z urn:sha1:095eca8dd85cb27ed0b22829903df10f19cdab6c Thanks Claude Paroz. Fixed #5076 -- Properly decode POSTs with non-utf-8 payload encoding 2012-10-30T08:00:32Z Claude Paroz claude@2xlibre.net 2012-10-29T19:33:00Z urn:sha1:6de6988f9990b4b53f5a20bfc3811b3cc49291c5 Thanks daniel at blogg.se for the report and Aymeric Augustin for his assistance on the patch. Don't use : as an invalid cookie character 2012-10-26T00:40:32Z Ian Clelland ian@fullfactor.com 2012-09-28T15:09:05Z urn:sha1:02dda22832d313bde18798b2f5f1e9120a849815 Since http://bugs.python.org/issue2193 has been resolved in favour of the colon in cookie names, we need to test invalid cookie removal using a different character. "@" is still considered invalid by all sources.