| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-08-19 | [1.7.x] Fixed #22996 -- Prevented crash with unencoded query string | Claude Paroz | |
| Thanks Jorge Carleitao for the report and Aymeric Augustin, Tim Graham for the reviews. Backport of fa02120d36 from master. | |||
| 2014-07-05 | [1.7.x] Added a space before explanation of "Invalid HTTP_HOST header: ..." | Daniel Hahler | |
| Backport of fff7b507ef from master | |||
| 2014-06-24 | [1.7.x] Improved documentation for QueryDict. | Duncan Parkes | |
| Backport of 7f4e2ef1e9 from master | |||
| 2014-06-20 | [1.7.x] Added HTTP 308 status and its description. | Yazhong Liu | |
| Backport of 97adfc2bf8 from master | |||
| 2014-06-11 | [1.7.x] Fixed #22680 -- I/O operation on closed file. | Florian Apolloner | |
| This patch is two-fold; first it ensure that Django does close everything in request.FILES at the end of the request and secondly the storage system should no longer close any files during save, it's up to the caller to handle that -- or let Django close the files at the end of the request. Backport of e2efc8965edf684aaf48621680ef54b84e116576 from master. | |||
| 2014-05-16 | [1.7.x] Fixed typo in multipartparser.py | mbacho | |
| Backport of 8a9d54aa69 from master | |||
| 2014-05-14 | [1.7.x] Dropped fix_IE_for_vary/attach. | Aymeric Augustin | |
| This is a security fix. Disclosure following shortly. | |||
| 2014-04-26 | [1.7.x] Fix many many typos in comments throughout the codebase | Alex Gaynor | |
| Backport of 2bcb8bfc8d from master | |||
| 2014-03-31 | [1.7.x] Replaced urllib/urlparse imports with from django.utils.six.moves. | Tim Graham | |
| Backport of 981b864fbd from master | |||
| 2014-03-03 | Fixed many typos in comments and docstrings. | Rodolfo Carvalho | |
| Thanks Piotr Kasprzyk for help with the patch. | |||
| 2014-02-14 | Fixed #17942 -- Added a JsonResponse class to more easily create JSON ↵ | Lukasz Balcerzak | |
| encoded responses. Thanks leahculver for the suggestion and Erik Romijn, Simon Charette, and Marc Tamlyn for the reviews. | |||
| 2014-01-16 | Fixed typo in docstring. | Martin Matusiak | |
| 2013-12-14 | Fixed E127 pep8 warnings. | Loic Bistuer | |
| 2013-11-28 | Fixed E125 pep8 warnings | Christopher Medrela | |
| 2013-11-23 | Simplified iteration in HTTP response objects. | Aymeric Augustin | |
| Fixed #20187 -- Allowed repeated iteration of HttpResponse. All this became possible when support for old-style streaming responses was finally removed. | |||
| 2013-11-16 | Fixed #21447 -- Restored code erroneously removed in ↵ | Baptiste Mispelon | |
| 20472aa827669d2b83b74e521504e88e18d086a1. Also added some tests for HttpRequest.__repr__. Note that the added tests don't actually catch the accidental code removal (see ticket) but they do cover a codepath that wasn't tested before. Thanks to Tom Christie for the report and the original patch. | |||
| 2013-11-15 | Fixed the use of the -ise suffix, where -ize is prefered | Alex Gaynor | |
| 2013-11-03 | Fixed all E226 violations | Alex Gaynor | |
| 2013-11-03 | Fixed flake8 E251 violations | Milton Mazzarri | |
| 2013-11-02 | Fixed the remaining E302 violations int eh django package | Alex Gaynor | |
| 2013-11-02 | Fixed all E261 warnings | coagulant | |
| 2013-11-02 | More attacking E302 violators | Alex Gaynor | |
| 2013-11-02 | Fixed #21302 -- Fixed unused imports and import *. | Tim Graham | |
| 2013-10-26 | Fixed up some more flake8 violations (this particular violation still has ↵ | Alex Gaynor | |
| many occurrences in the tests/ dir so it can't be removed from setup.cfg yet) | |||
| 2013-10-24 | Fixed #20338 -- Stripped ending dot during host validation | Claude Paroz | |
| Thanks manfre for the report and Timo Graham for the review. | |||
| 2013-10-21 | Fixed #21288 -- Fixed E126 pep8 warnings | Alasdair Nicol | |
| 2013-10-18 | Fixed #21287 -- Fixed E123 pep8 warnings | Alasdair Nicol | |
| 2013-10-17 | Fixed #21282 -- Made HttpResponse.serialize_headers accept latin-1 | Claude Paroz | |
| Thanks Raphaël Barrois for the report and the initial patch and Aymeric Augustin for the review. | |||
| 2013-10-15 | Fixed #7603 -- Added a 'scheme' property to the HttpRequest object | Unai Zalakain | |
| `HttpRequest.scheme` is `https` if `settings.SECURE_PROXY_SSL_HEADER` is appropriately set and falls back to `HttpRequest._get_scheme()` (a hook for subclasses to implement) otherwise. `WSGIRequest._get_scheme()` makes use of the `wsgi.url_scheme` WSGI environ variable to determine the request scheme. `HttpRequest.is_secure()` simply checks if `HttpRequest.scheme` is `https`. This provides a way to check the current scheme in templates, for example. It also allows us to deal with other schemes. Thanks nslater for the suggestion. | |||
| 2013-10-08 | Fixed #16822 -- Added RawPostDataException | Tim Graham | |
| Thanks jaylett for the patch. | |||
| 2013-10-05 | Fixed #21189: Cleaned up usage of bare except clauses. | Baptiste Mispelon | |
| Thanks to berkerpeksag for the report and to claudep for the review. | |||
| 2013-09-10 | Fixed #18403 -- Initialized bad_cookies in SimpleCookie | e0ne | |
| Thanks Stefano Crosta for the report. | |||
| 2013-09-09 | Fixed #20889 -- Prevented email.Header from inserting newlines | Daniel Boeve | |
| Passed large maxlinelen to email.Header to prevent newlines from being inserted into value returned by _convert_to_charset Thanks mjl at laubach.at for the report. | |||
| 2013-09-02 | Replaced "not PY3" by "PY2", new in six 1.4.0. | Aymeric Augustin | |
| 2013-08-24 | Fixed #20961 -- Fixed HttpResponse default empty content | Claude Paroz | |
| Thanks epandurski at gmail.com for the report. | |||
| 2013-07-31 | Fixed #19987 -- Disabled host validation when DEBUG=True. | Will Hardy | |
| The documentation promises that host validation is disabled when DEBUG=True, that all hostnames are accepted. Domains not compliant with RFC 1034/1035 were however being validated, this validation has now been removed when DEBUG=True. Additionally, when DEBUG=False a more detailed SuspiciousOperation exception message is provided when host validation fails because the hostname is not RFC 1034/1035 compliant. | |||
| 2013-07-30 | Fixed #10491 -- Allowed passing lazy objects to HttpResponseRedirect. | Baptiste Mispelon | |
| Thanks liangent for the report. | |||
| 2013-07-29 | Removed most of absolute_import imports | Claude Paroz | |
| Should be unneeded with Python 2.7 and up. Added some unicode_literals along the way. | |||
| 2013-07-11 | Fixed #13721 -- Added UploadedFile.content_type_extra. | Benjamin Kagia | |
| Thanks Waldemar Kornewald and mvschaik for work on the patch. | |||
| 2013-06-29 | Removed compatibility code for streaming responses. | Aymeric Augustin | |
| This code provided a deprecation path for old-style streaming responses. Refs #6527, #7581. | |||
| 2013-06-28 | Removed 'mimetype' arguments from a few places, as per deprecation TL. | Ramiro Morales | |
| This includes HttpResponse and co. __init__() methods, django.shortcuts.render_to_response() and the index(), sitemap() sitemap app views. | |||
| 2013-06-26 | Fixed missing initializations in WSGIRequest. Refs #20619 | Loic Bistuer | |
| 2013-06-14 | Fixed #20598 -- Add new HTTP status codes defined in rfc6585 | CHI Cheng | |
| 428, 429, 431 and 511 | |||
| 2013-06-01 | Fixed #18481 -- Wrapped request.FILES read error in UnreadablePostError | Claude Paroz | |
| Thanks KyleMac for the report, André Cruz for the initial patch and Hiroki Kiyohara for the tests. | |||
| 2013-05-25 | Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation. | Preston Holmes | |
| SuspiciousOperations have been differentiated into subclasses, and are now logged to a 'django.security.*' logger. SuspiciousOperations that reach django.core.handlers.base.BaseHandler will now return a 400 instead of a 500. Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft for review. | |||
| 2013-05-21 | Fixed #20472: response.content should be bytes on both Python 2 and 3 | Łukasz Langa | |
| 2013-05-19 | Fixed #12747 -- Made reason phrases customizable. | Aymeric Augustin | |
| 2013-05-17 | Corrected documentation on the constructor arguments of MultiPartParser | Eric Urban | |
| 2013-05-17 | Replaced an antiquated pattern. | Aymeric Augustin | |
| Thanks Lennart Regebro for pointing it out. | |||
| 2013-04-03 | Fixed #20038 -- Better error message for host validation. | Baptiste Mispelon | |
