summaryrefslogtreecommitdiff
path: root/django/http/response.py
AgeCommit message (Collapse)Author
2020-07-16[3.1.x] Fixed #31790 -- Fixed setting SameSite and Secure cookies flags in ↵Mariusz Felisiak
HttpResponse.delete_cookie(). Cookies with the "SameSite" flag set to None and without the "secure" flag will be soon rejected by latest browser versions. This affects sessions and messages cookies. Backport of 240cbb63bf9965c63d7a3cc9032f91410f414d46 from master
2020-05-11Refs #30116 -- Simplified regex match group access with Match.__getitem__().Jon Dufresne
The method has been available since Python 3.6. The shorter syntax is also marginally faster.
2020-02-11Fixed #31240 -- Properly closed FileResponse when wsgi.file_wrapper is used.Florian Apolloner
Thanks to Oskar Persson for the report.
2020-02-11Reverted "Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes ↵Florian Apolloner
file-like object." This reverts commit cce47ff65a4dd3786c049ec14ee889e128ca7de9.
2019-12-12Fixed #30862 -- Allowed setting SameSite cookies flags to 'none'.Osaetin Daniel
Thanks Florian Apolloner and Carlton Gibson for reviews.
2019-10-29Fixed #30899 -- Lazily compiled import time regular expressions.Hasan Ramezani
2019-06-20Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes file-like ↵Chris Jerdonek
object.
2019-05-17Fixed #30196 -- Made FileResponse set Content-Disposition inline if filename ↵ShingenPizza
is available.
2019-03-29Fixed #30294 -- Allowed HttpResponse to accept memoryview content.sage
2019-01-28Fixed #30137 -- Replaced OSError aliases with the canonical OSError.Jon Dufresne
Used more specific errors (e.g. FileExistsError) as appropriate.
2019-01-17Refs #27829 -- Removed settings.DEFAULT_CONTENT_TYPE per deprecation timeline.Tim Graham
2018-09-25Normalized spelling of "lowercase" and "lowercased".Jon Dufresne
2018-09-25Refs #29784 -- Normalized Python docs links to omit the version.Jon Dufresne
2018-05-15Fixed #16470 -- Allowed FileResponse to auto-set some Content headers.Claude Paroz
Thanks Simon Charette, Jon Dufresne, and Tim Graham for the reviews.
2018-04-13Fixed #27863 -- Added support for the SameSite cookie flag.Alex Gaynor
Thanks Alex Gaynor for contributing to the patch.
2018-02-07Refs #27795 -- Replaced force_bytes() usage in django.http.Tim Graham
2018-01-08Fixed #28989 -- Fixed HttpResponse.delete_cookie() for cookies that use ↵Alvin Lindstam
__Secure/Host prefixes.
2018-01-02Fixed #28965 -- Updated Set-Cookie's Expires date format to follow RFC 7231.Alexey
2017-11-14Fixed #28795 -- Removed 'not in' checks and used dict.setdefault().Дилян Палаузов
2017-11-06Fixed #28776 -- Fixed a/an/and typos in docs and comments.Дилян Палаузов
2017-09-07Reverted "Fixed #27818 -- Replaced try/except/pass with contextlib.suppress()."Tim Graham
This reverts commit 550cb3a365dee4edfdd1563224d5304de2a57fda because try/except performs better.
2017-06-28Fixed #27818 -- Replaced try/except/pass with contextlib.suppress().Mads Jensen
2017-05-27Fixed #28226 -- Replaced use of str.join() with concatenation.Tom
2017-04-27Refs #27795 -- Replaced many force_text() with str()Claude Paroz
Thanks Tim Graham for the review.
2017-02-20Refs #27656 -- Updated django.forms/http docstring verbs according to PEP 257.Anton Samarchyan
2017-01-25Refs #23919 -- Replaced super(ClassName, self) with super().chillaranand
2017-01-20Refs #23919 -- Removed unneeded str() callsClaude Paroz
2017-01-20Refs #23919 -- Removed unneeded force_str callsClaude Paroz
2017-01-18Refs #23919 -- Removed most of remaining six usageClaude Paroz
Thanks Tim Graham for the review.
2017-01-18Refs #23919 -- Removed six.<various>_types usageClaude Paroz
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18Refs #23919 -- Removed six.PY2/PY3 usageClaude Paroz
Thanks Tim Graham for the review.
2017-01-18Refs #23919 -- Removed encoding preambles and future importsClaude Paroz
2016-12-27Fixed #27640 -- Fixed HttpResponse's __repr__() without a 'Content-Type' ↵roboslone
header.
2016-12-19Fixed #27606 -- Fixed HttpResponseRedirect.__repr__() crash when ↵Jerome Leclanche
DisallowedRedirect is raised.
2016-08-30Fixed #27153 -- Added validation for HttpResponse status.Ryan Allen
2016-06-15Fixed broken links in docs and comments.Ville Skyttä
2016-04-08Fixed E128 flake8 warnings in django/.Tim Graham
2015-12-14Fixed #25725 -- Made HttpReponse immediately close objects.Johannes Hoppe
2015-11-18Fixed #25644 -- Fixed reset cookie expiry date bug.Raphael Merx
Setting a cookie with the same name as a previously deleted cookie would set its expiry date to 'Thu, 01-Jan-1970 00:00:00 GMT'.
2015-10-21Fixed #25576 -- Added IOBase methods required by TextIOWrapper to HttpResponse.Jon Dufresne
2015-08-31Fixed #25331 -- Removed trailing blank lines in docstrings.Maxime Lorant
2015-08-12Fixed #25254 -- Added JsonResponse json_dumps_params parameter.Sambhav Satija
2015-07-15Refs #24121 -- Added meaningful repr() to HttpResponse and subclasses.Keryn Knight
2015-03-12Fixed #24139 -- Changed HttpResponse.reason_phrase to evaluate based on ↵Jon Dufresne
status_code.
2015-02-19Fixed #20889 -- Prevented BadHeaderError when Python inserts newlineClaude Paroz
Workaround for http://bugs.python.org/issue20747. In some corner cases, Python 2 inserts a newline in a header value despite `maxlinelen` passed in Header constructor. Thanks Tim Graham for the review.
2015-02-06Sorted imports with isort; refs #23860.Tim Graham
2015-02-03Fixed #24240 -- Allowed GZipping a Unicode StreamingHttpResponseMatthew Somerville
make_bytes() assumed that if the Content-Encoding header is set, then everything had already been dealt with bytes-wise, but in a streaming situation this was not necessarily the case. make_bytes() is only called when necessary when working with a StreamingHttpResponse iterable, but by that point the middleware has added the Content-Encoding header and thus make_bytes() tried to call bytes(value) (and dies). If it had been a normal HttpResponse, make_bytes() would have been called when the content was set, well before the middleware set the Content-Encoding header. This commit removes the special casing when Content-Encoding is set, allowing unicode strings to be encoded during the iteration before they are e.g. gzipped. This behaviour was added a long time ago for #4969 and it doesn't appear to be necessary any more, as everything is correctly made into bytes at the appropriate places. Two new tests, to show that supplying non-ASCII characters to a StreamingHttpResponse works fine normally, and when passed through the GZip middleware (the latter dies without the change to make_bytes()). Removes the test with a nonsense Content-Encoding and Unicode input - if this were to happen, it can still be encoded as bytes fine.
2015-01-28Fixed #24137 -- Switched to HTTP reason phrases from Python stdlib.Jon Dufresne
2015-01-05Closed files in FileResponse; refs #24072Collin Anderson
2015-01-05Fixed #24072 -- Added FileResponse for streaming binary files.Collin Anderson