summaryrefslogtreecommitdiff
path: root/django/http/response.py
AgeCommit message (Collapse)Author
2022-12-22Fixed #33735 -- Added async support to StreamingHttpResponse.Carlton Gibson
Thanks to Florian Vazelle for initial exploratory work, and to Nick Pope and Mariusz Felisiak for review.
2022-12-05Fixed #34194 -- Added django.utils.http.content_disposition_header().Alex Vandiver
2022-10-31Used more augmented assignment statements.Nick Pope
Identified using the following command: $ git grep -I '\(\<[_a-zA-Z0-9]\+\>\) *= *\1 *[-+/*^%&|<>@]'
2022-09-14Fixed #29186 -- Fixed pickling HttpRequest and subclasses.Anvesh Mishra
2022-08-03Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header.Carlton Gibson
Thanks to Motoyasu Saburi for the report.
2022-06-20Fixed #32969 -- Fixed pickling HttpResponse and subclasses.Anv3sh
2022-03-24Refs #32365 -- Removed internal uses of utils.timezone.utc alias.Carlton Gibson
Remaining test case ensures that uses of the alias are mapped canonically by the migration writer.
2022-03-07Refs #33562 -- Made HttpResponse.set_cookie() raise ValueError when both ↵Luke Plant
"expires" and "max_age" are passed. This fixes the case where you might pass set_cookie(expires=val, max_age=val) and max_age is silently ignored.
2022-03-07Fixed #33562 -- Made HttpResponse.set_cookie() support timedelta for the ↵Luke Plant
max_age argument.
2022-03-02Refs #33546 -- Optimized handling content types in HttpResponseBase.__init__().Keryn Knight
This removes an extraneous conditional causing "Content-Type" to be checked within the ResponseHeaders twice, if a content_type parameter is provided.
2022-03-02Refs #33546 -- Optimized HttpResponseBase.charset a bit.Keryn Knight
This avoids scanning the Content-Type if it's empty, allowing the Content-Type header itself to have a charset assigned without using the re module.
2022-03-02Refs #33546 -- Optimized ResponseHeaders._convert_to_charset() by reducing ↵Keryn Knight
the type-checking duplication. In the common case, where keys and values are be encoded into ascii/latin-1, defer the checking for newlines until it's been successfully coerced to a string. Co-authored-by: Nick Pope <nick@nickpope.me.uk>
2022-03-02Refs #33546 -- Avoided unpacking data in ResponseHeaders when not necessary.Keryn Knight
2022-02-07Refs #33476 -- Reformatted code with Black.django-bot
2021-10-15Refs #30509 -- Adjusted internal FileResponse variable name.Carlton Gibson
Follow up to dc724c5bf9d3b8d59c9571aa751c3cd001cdeced.
2021-10-14Fixed #30509 -- Made FileResponse better handle buffers and non-zero file ↵Piotr Kunicki
offsets.
2021-09-22Optimized handling case-insensitive mappings.Illia Volochii
Elements yielded by _destruct_iterable_mapping_values are always unpacked. Since unpacking can be done with any iterable, there is no need to convert elements to tuples. Also, such elements can be used directly in for loops, creating a dictionary of them is excessive. Co-authored-by: Nick Pope <nick@nickpope.me.uk>
2021-08-02Simplified serializing HTTP response headers.Illia Volochii
Since ResponseHeaders was introduced, header names and values are stored as strings. There is no need to check whether they are bytes. Co-authored-by: Nick Pope <nick@nickpope.me.uk>
2021-06-22Refs #24121 -- Added __repr__() to StreamingHttpResponse and subclasses.Nicolas Restrepo
2021-05-12Fixed #32366 -- Updated datetime module usage to recommended approach.Nick Pope
- Replaced datetime.utcnow() with datetime.now(). - Replaced datetime.utcfromtimestamp() with datetime.fromtimestamp(). - Replaced datetime.utctimetuple() with datetime.timetuple(). - Replaced calendar.timegm() and datetime.utctimetuple() with datetime.timestamp().
2021-04-29Fixed capitalization of "ECMAScript" and "JavaScript".Nick Pope
2021-01-28Fixed #32389 -- Fixed ResponseHeaders crash when data is not mapping.Illia Volochii
2020-12-08Fixed grammar in HttpResponse docstring.ᴙɘɘᴙgYmɘᴙɘj
2020-11-10Refs #32074 -- Fixed handling memoryview content by HttpResponse on Python ↵Mariusz Felisiak
3.10+. An iterator was added to memoryview in Python 3.10, see https://bugs.python.org/issue41732 Refs #30294
2020-10-07Fixed #32002 -- Added headers parameter to HttpResponse and subclasses.Tom Carrick
2020-09-14Fixed #31789 -- Added a new headers interface to HttpResponse.Tom Carrick
2020-09-05Fixed #31982 -- Made HttpResponse.set_cookie() cast max_age argument to an ↵Hasan Ramezani
integer.
2020-07-16Fixed #31790 -- Fixed setting SameSite and Secure cookies flags in ↵Mariusz Felisiak
HttpResponse.delete_cookie(). Cookies with the "SameSite" flag set to None and without the "secure" flag will be soon rejected by latest browser versions. This affects sessions and messages cookies.
2020-05-11Refs #30116 -- Simplified regex match group access with Match.__getitem__().Jon Dufresne
The method has been available since Python 3.6. The shorter syntax is also marginally faster.
2020-02-11Fixed #31240 -- Properly closed FileResponse when wsgi.file_wrapper is used.Florian Apolloner
Thanks to Oskar Persson for the report.
2020-02-11Reverted "Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes ↵Florian Apolloner
file-like object." This reverts commit cce47ff65a4dd3786c049ec14ee889e128ca7de9.
2019-12-12Fixed #30862 -- Allowed setting SameSite cookies flags to 'none'.Osaetin Daniel
Thanks Florian Apolloner and Carlton Gibson for reviews.
2019-10-29Fixed #30899 -- Lazily compiled import time regular expressions.Hasan Ramezani
2019-06-20Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes file-like ↵Chris Jerdonek
object.
2019-05-17Fixed #30196 -- Made FileResponse set Content-Disposition inline if filename ↵ShingenPizza
is available.
2019-03-29Fixed #30294 -- Allowed HttpResponse to accept memoryview content.sage
2019-01-28Fixed #30137 -- Replaced OSError aliases with the canonical OSError.Jon Dufresne
Used more specific errors (e.g. FileExistsError) as appropriate.
2019-01-17Refs #27829 -- Removed settings.DEFAULT_CONTENT_TYPE per deprecation timeline.Tim Graham
2018-09-25Normalized spelling of "lowercase" and "lowercased".Jon Dufresne
2018-09-25Refs #29784 -- Normalized Python docs links to omit the version.Jon Dufresne
2018-05-15Fixed #16470 -- Allowed FileResponse to auto-set some Content headers.Claude Paroz
Thanks Simon Charette, Jon Dufresne, and Tim Graham for the reviews.
2018-04-13Fixed #27863 -- Added support for the SameSite cookie flag.Alex Gaynor
Thanks Alex Gaynor for contributing to the patch.
2018-02-07Refs #27795 -- Replaced force_bytes() usage in django.http.Tim Graham
2018-01-08Fixed #28989 -- Fixed HttpResponse.delete_cookie() for cookies that use ↵Alvin Lindstam
__Secure/Host prefixes.
2018-01-02Fixed #28965 -- Updated Set-Cookie's Expires date format to follow RFC 7231.Alexey
2017-11-14Fixed #28795 -- Removed 'not in' checks and used dict.setdefault().Дилян Палаузов
2017-11-06Fixed #28776 -- Fixed a/an/and typos in docs and comments.Дилян Палаузов
2017-09-07Reverted "Fixed #27818 -- Replaced try/except/pass with contextlib.suppress()."Tim Graham
This reverts commit 550cb3a365dee4edfdd1563224d5304de2a57fda because try/except performs better.
2017-06-28Fixed #27818 -- Replaced try/except/pass with contextlib.suppress().Mads Jensen
2017-05-27Fixed #28226 -- Replaced use of str.join() with concatenation.Tom