| Age | Commit message (Collapse) | Author |
|
validate_ipv4_address() was affected only on Python < 3.9.5, see [1].
URLValidator() uses a regular expressions and it was affected on all
Python versions.
[1] https://bugs.python.org/issue36384
|
|
Backport of c2e6047c725e26987c87e2be59f2ab4bf9828fa5 from main
|
|
Thanks Alexander Ebral for the report.
Regression in 98e05ccde440cc9b768952cc10bc8285f4924e1f.
Backport of 958cdf65ae90d26236d1815bbba804729595ec7a from main
|
|
- Validate filename returned by FileField.upload_to() not a filename
passed to the FileField.generate_filename() (upload_to() may
completely ignored passed filename).
- Allow relative paths (without dot segments) in the generated filename.
Thanks to Jakub Kleň for the report and review.
Thanks to all folks for checking this patch on existing projects.
Thanks Florian Apolloner and Markus Holtermann for the discussion and
implementation idea.
Regression in 0b79eb36915d178aef5c6a7bbce71b1e76d376d3.
Backport of b55699968fc9ee985384c64e37f6cc74a0a23683 from main
|
|
from being accepted in URLValidator on Python 3.9.5+.
In Python 3.9.5+ urllib.parse() automatically removes ASCII newlines
and tabs from URLs [1, 2]. Unfortunately it created an issue in
the URLValidator. URLValidator uses urllib.urlsplit() and
urllib.urlunsplit() for creating a URL variant with Punycode which no
longer contains newlines and tabs in Python 3.9.5+. As a consequence,
the regular expression matched the URL (without unsafe characters) and
the source value (with unsafe characters) was considered valid.
[1] https://bugs.python.org/issue43882 and
[2] https://github.com/python/cpython/commit/76cd81d60310d65d01f9d7b48a8985d8ab89c8b4
Backport of e1e81aa1c4427411e3c68facdd761229ffea6f6f from main.
|
|
file uploads.
|
|
STATICFILES_DIRS is a list of 2-tuples.
Thanks Jared Lockhart for the report.
Regression in c36075ac1dddfa986340b1a5e15fe48833322372.
Backport of 34d1905712d33e72c76b3a55a4fc24abbd11be6c from main
|
|
deserialization when PK is also a FK.
Backport of 8e90560aa8868a42bb8eda6273595bf0932a6090 from master
|
|
|
|
|
|
|
|
Co-authored-by: Craig Smith <hello@craigiansmith.com.au>
|
|
URLValidator now validates the maximum length of a hostname without
the userinfo and port.
|
|
marking as unused in an async context.
Thanks Hubert Bielenia for the report.
|
|
Follow up to b7a3a6c9ef0a89625881b47594120bca55fa2e49.
|
|
Many of the cache operations make use of the default argument to the
.get() operation to determine whether the key was found in the cache.
The default value of the default argument is None, so this results in
these operations assuming that None is not stored in the cache when it
actually is. Adding a sentinel object solves this issue.
Unfortunately the unmaintained python-memcached library does not support
a default argument to .get(), so the previous behavior is preserved for
the deprecated MemcachedCache backend.
|
|
|
|
ConnectionAbortedError/ConnectionResetError errors.
See https://bugs.python.org/issue27682 and
https://github.com/python/cpython/pull/9713
|
|
|
|
|
|
|
|
This removes unused (since d038c547b5ce585cbf9ef5bb7e5298f52e4a243b)
workaround to load a cache backend with its dotted import path and
moves remaining logic to the CacheHandler.
Thanks Tim Graham for the review.
|
|
|
|
Modern setups on Windows support terminal colors.
The colorama library may also be used, as an
alternative to the ANSICON library.
|
|
autogenerated default keys.
Thanks Nick Pope, René Fleschenberg, and Carlton Gibson for reviews.
|
|
|
|
|
|
argv argument.
This caused crash in environments where sys.argv[0] is incorrectly set
to None.
|
|
Thanks Johannes Maron and Nick Pope for reviews.
|
|
Thanks Mark Gajdosik for the report and initial patch.
|
|
|
|
Thread sensitive parameter is True by default from asgiref v3.3.0.
Added an explicit thread_sensitive=False to previously implicit uses.
|
|
proxies.
|
|
|
|
required mutually exclusive group is passed in options.
|
|
This patch allows upload handlers to handle interrupted uploads.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
|
|
Thanks Simon Charette and Mariusz Felisiak for reviews.
|
|
Removed a dublicated call to get_public_serializer_formats which
had already populated self.serialization_formats.
Thanks to Nick Pope for review.
|
|
|
|
django.core.files.locks.lock()/unlock() on POSIX systems.
|
|
destroyed while request is processing.
|
|
backends.
The servers property can be overridden to allow memcached backends to
alter the server configuration prior to it being passed to instantiate
the client. This allows avoidance of documentation for per-backend
differences, e.g. stripping the 'unix:' prefix for pylibmc.
|
|
|
|
directories of the file system cache on Python 3.7+.
|
|
static and storage directories on Python 3.7+.
Thanks WhiteSage for the report.
|
|
|
|
|
|
backends.
|
|
|
|
|