summaryrefslogtreecommitdiff
path: root/django/http
AgeCommit message (Collapse)Author
2014-08-19[1.7.x] Fixed #22996 -- Prevented crash with unencoded query stringClaude Paroz
Thanks Jorge Carleitao for the report and Aymeric Augustin, Tim Graham for the reviews. Backport of fa02120d36 from master.
2014-07-05[1.7.x] Added a space before explanation of "Invalid HTTP_HOST header: ..."Daniel Hahler
Backport of fff7b507ef from master
2014-06-24[1.7.x] Improved documentation for QueryDict.Duncan Parkes
Backport of 7f4e2ef1e9 from master
2014-06-20[1.7.x] Added HTTP 308 status and its description.Yazhong Liu
Backport of 97adfc2bf8 from master
2014-06-11[1.7.x] Fixed #22680 -- I/O operation on closed file.Florian Apolloner
This patch is two-fold; first it ensure that Django does close everything in request.FILES at the end of the request and secondly the storage system should no longer close any files during save, it's up to the caller to handle that -- or let Django close the files at the end of the request. Backport of e2efc8965edf684aaf48621680ef54b84e116576 from master.
2014-05-16[1.7.x] Fixed typo in multipartparser.pymbacho
Backport of 8a9d54aa69 from master
2014-05-14[1.7.x] Dropped fix_IE_for_vary/attach.Aymeric Augustin
This is a security fix. Disclosure following shortly.
2014-04-26[1.7.x] Fix many many typos in comments throughout the codebaseAlex Gaynor
Backport of 2bcb8bfc8d from master
2014-03-31[1.7.x] Replaced urllib/urlparse imports with from django.utils.six.moves.Tim Graham
Backport of 981b864fbd from master
2014-03-03Fixed many typos in comments and docstrings.Rodolfo Carvalho
Thanks Piotr Kasprzyk for help with the patch.
2014-02-14Fixed #17942 -- Added a JsonResponse class to more easily create JSON ↵Lukasz Balcerzak
encoded responses. Thanks leahculver for the suggestion and Erik Romijn, Simon Charette, and Marc Tamlyn for the reviews.
2014-01-16Fixed typo in docstring.Martin Matusiak
2013-12-14Fixed E127 pep8 warnings.Loic Bistuer
2013-11-28Fixed E125 pep8 warningsChristopher Medrela
2013-11-23Simplified iteration in HTTP response objects.Aymeric Augustin
Fixed #20187 -- Allowed repeated iteration of HttpResponse. All this became possible when support for old-style streaming responses was finally removed.
2013-11-16Fixed #21447 -- Restored code erroneously removed in ↵Baptiste Mispelon
20472aa827669d2b83b74e521504e88e18d086a1. Also added some tests for HttpRequest.__repr__. Note that the added tests don't actually catch the accidental code removal (see ticket) but they do cover a codepath that wasn't tested before. Thanks to Tom Christie for the report and the original patch.
2013-11-15Fixed the use of the -ise suffix, where -ize is preferedAlex Gaynor
2013-11-03Fixed all E226 violationsAlex Gaynor
2013-11-03Fixed flake8 E251 violationsMilton Mazzarri
2013-11-02Fixed the remaining E302 violations int eh django packageAlex Gaynor
2013-11-02Fixed all E261 warningscoagulant
2013-11-02More attacking E302 violatorsAlex Gaynor
2013-11-02Fixed #21302 -- Fixed unused imports and import *.Tim Graham
2013-10-26Fixed up some more flake8 violations (this particular violation still has ↵Alex Gaynor
many occurrences in the tests/ dir so it can't be removed from setup.cfg yet)
2013-10-24Fixed #20338 -- Stripped ending dot during host validationClaude Paroz
Thanks manfre for the report and Timo Graham for the review.
2013-10-21Fixed #21288 -- Fixed E126 pep8 warningsAlasdair Nicol
2013-10-18Fixed #21287 -- Fixed E123 pep8 warningsAlasdair Nicol
2013-10-17Fixed #21282 -- Made HttpResponse.serialize_headers accept latin-1Claude Paroz
Thanks Raphaël Barrois for the report and the initial patch and Aymeric Augustin for the review.
2013-10-15Fixed #7603 -- Added a 'scheme' property to the HttpRequest objectUnai Zalakain
`HttpRequest.scheme` is `https` if `settings.SECURE_PROXY_SSL_HEADER` is appropriately set and falls back to `HttpRequest._get_scheme()` (a hook for subclasses to implement) otherwise. `WSGIRequest._get_scheme()` makes use of the `wsgi.url_scheme` WSGI environ variable to determine the request scheme. `HttpRequest.is_secure()` simply checks if `HttpRequest.scheme` is `https`. This provides a way to check the current scheme in templates, for example. It also allows us to deal with other schemes. Thanks nslater for the suggestion.
2013-10-08Fixed #16822 -- Added RawPostDataExceptionTim Graham
Thanks jaylett for the patch.
2013-10-05Fixed #21189: Cleaned up usage of bare except clauses.Baptiste Mispelon
Thanks to berkerpeksag for the report and to claudep for the review.
2013-09-10Fixed #18403 -- Initialized bad_cookies in SimpleCookiee0ne
Thanks Stefano Crosta for the report.
2013-09-09Fixed #20889 -- Prevented email.Header from inserting newlinesDaniel Boeve
Passed large maxlinelen to email.Header to prevent newlines from being inserted into value returned by _convert_to_charset Thanks mjl at laubach.at for the report.
2013-09-02Replaced "not PY3" by "PY2", new in six 1.4.0.Aymeric Augustin
2013-08-24Fixed #20961 -- Fixed HttpResponse default empty contentClaude Paroz
Thanks epandurski at gmail.com for the report.
2013-07-31Fixed #19987 -- Disabled host validation when DEBUG=True.Will Hardy
The documentation promises that host validation is disabled when DEBUG=True, that all hostnames are accepted. Domains not compliant with RFC 1034/1035 were however being validated, this validation has now been removed when DEBUG=True. Additionally, when DEBUG=False a more detailed SuspiciousOperation exception message is provided when host validation fails because the hostname is not RFC 1034/1035 compliant.
2013-07-30Fixed #10491 -- Allowed passing lazy objects to HttpResponseRedirect.Baptiste Mispelon
Thanks liangent for the report.
2013-07-29Removed most of absolute_import importsClaude Paroz
Should be unneeded with Python 2.7 and up. Added some unicode_literals along the way.
2013-07-11Fixed #13721 -- Added UploadedFile.content_type_extra.Benjamin Kagia
Thanks Waldemar Kornewald and mvschaik for work on the patch.
2013-06-29Removed compatibility code for streaming responses.Aymeric Augustin
This code provided a deprecation path for old-style streaming responses. Refs #6527, #7581.
2013-06-28Removed 'mimetype' arguments from a few places, as per deprecation TL.Ramiro Morales
This includes HttpResponse and co. __init__() methods, django.shortcuts.render_to_response() and the index(), sitemap() sitemap app views.
2013-06-26Fixed missing initializations in WSGIRequest. Refs #20619Loic Bistuer
2013-06-14Fixed #20598 -- Add new HTTP status codes defined in rfc6585CHI Cheng
428, 429, 431 and 511
2013-06-01Fixed #18481 -- Wrapped request.FILES read error in UnreadablePostErrorClaude Paroz
Thanks KyleMac for the report, André Cruz for the initial patch and Hiroki Kiyohara for the tests.
2013-05-25Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation.Preston Holmes
SuspiciousOperations have been differentiated into subclasses, and are now logged to a 'django.security.*' logger. SuspiciousOperations that reach django.core.handlers.base.BaseHandler will now return a 400 instead of a 500. Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft for review.
2013-05-21Fixed #20472: response.content should be bytes on both Python 2 and 3Łukasz Langa
2013-05-19Fixed #12747 -- Made reason phrases customizable.Aymeric Augustin
2013-05-17Corrected documentation on the constructor arguments of MultiPartParserEric Urban
2013-05-17Replaced an antiquated pattern.Aymeric Augustin
Thanks Lennart Regebro for pointing it out.
2013-04-03Fixed #20038 -- Better error message for host validation.Baptiste Mispelon