summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMariusz Felisiak <felisiak.mariusz@gmail.com>2021-01-07 08:15:39 +0100
committerMariusz Felisiak <felisiak.mariusz@gmail.com>2021-01-14 17:50:04 +0100
commit9e456f3166f6f4f7da9ec00e2160c1edc88fe5b3 (patch)
tree819b2c1c5afc53d142f1374067ac6a7c5c4ddc7e
parent157ab32f3446da7fa1f9d716509c290069a2a156 (diff)
Refs #30747 -- Removed django.utils.http.is_safe_url() per deprecation timeline.
-rw-r--r--django/utils/http.py11
-rw-r--r--docs/releases/4.0.txt2
-rw-r--r--tests/utils_tests/test_http.py17
3 files changed, 6 insertions, 24 deletions
diff --git a/django/utils/http.py b/django/utils/http.py
index 62c30d3394..962716eb00 100644
--- a/django/utils/http.py
+++ b/django/utils/http.py
@@ -3,7 +3,6 @@ import calendar
import datetime
import re
import unicodedata
-import warnings
from binascii import Error as BinasciiError
from email.utils import formatdate
from urllib.parse import (
@@ -12,7 +11,6 @@ from urllib.parse import (
)
from django.utils.datastructures import MultiValueDict
-from django.utils.deprecation import RemovedInDjango40Warning
from django.utils.regex_helper import _lazy_re_compile
# based on RFC 7232, Appendix C
@@ -267,15 +265,6 @@ def url_has_allowed_host_and_scheme(url, allowed_hosts, require_https=False):
)
-def is_safe_url(url, allowed_hosts, require_https=False):
- warnings.warn(
- 'django.utils.http.is_safe_url() is deprecated in favor of '
- 'url_has_allowed_host_and_scheme().',
- RemovedInDjango40Warning, stacklevel=2,
- )
- return url_has_allowed_host_and_scheme(url, allowed_hosts, require_https)
-
-
# Copied from urllib.parse.urlparse() but uses fixed urlsplit() function.
def _urlparse(url, scheme='', allow_fragments=True):
"""Parse a URL into 6 components:
diff --git a/docs/releases/4.0.txt b/docs/releases/4.0.txt
index 9b4252dfaf..636ddf5ec5 100644
--- a/docs/releases/4.0.txt
+++ b/docs/releases/4.0.txt
@@ -262,6 +262,8 @@ to remove usage of these features.
* ``django.utils.text.unescape_entities()`` is removed.
+* ``django.utils.http.is_safe_url()`` is removed.
+
See :ref:`deprecated-features-3.1` for details on these changes, including how
to remove usage of these features.
diff --git a/tests/utils_tests/test_http.py b/tests/utils_tests/test_http.py
index 1a857dafa1..4c11f91116 100644
--- a/tests/utils_tests/test_http.py
+++ b/tests/utils_tests/test_http.py
@@ -5,12 +5,11 @@ from unittest import mock
from django.test import SimpleTestCase
from django.utils.datastructures import MultiValueDict
-from django.utils.deprecation import RemovedInDjango40Warning
from django.utils.http import (
base36_to_int, escape_leading_slashes, http_date, int_to_base36,
- is_safe_url, is_same_domain, parse_etags, parse_http_date, parse_qsl,
- quote_etag, url_has_allowed_host_and_scheme, urlencode,
- urlsafe_base64_decode, urlsafe_base64_encode,
+ is_same_domain, parse_etags, parse_http_date, parse_qsl, quote_etag,
+ url_has_allowed_host_and_scheme, urlencode, urlsafe_base64_decode,
+ urlsafe_base64_encode,
)
@@ -130,7 +129,7 @@ class Base36IntTests(SimpleTestCase):
self.assertEqual(base36_to_int(b36), n)
-class IsSafeURLTests(SimpleTestCase):
+class URLHasAllowedHostAndSchemeTests(unittest.TestCase):
def test_bad_urls(self):
bad_urls = (
'http://example.com',
@@ -234,14 +233,6 @@ class IsSafeURLTests(SimpleTestCase):
False,
)
- def test_is_safe_url_deprecated(self):
- msg = (
- 'django.utils.http.is_safe_url() is deprecated in favor of '
- 'url_has_allowed_host_and_scheme().'
- )
- with self.assertWarnsMessage(RemovedInDjango40Warning, msg):
- is_safe_url('https://example.com', allowed_hosts={'example.com'})
-
class URLSafeBase64Tests(unittest.TestCase):
def test_roundtrip(self):