| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2020-07-16 | [2.2.x] Fixed #31790 -- Fixed setting SameSite cookies flag in ↵ | Mariusz Felisiak | |
| HttpResponse.delete_cookie(). Cookies with the "SameSite" flag set to None and without the "secure" flag will be soon rejected by latest browser versions. This affects sessions and messages cookies. Backport of 331324ecce1330dce3dbd1713203cb9a42854ad7 from stable/3.0.x | |||
| 2020-06-02 | [2.2.x] Fixed E128, E741 flake8 warnings. | Mariusz Felisiak | |
| Backport of 0668164b4ac93a5be79f5b87fae83c657124d9ab from master. | |||
| 2019-07-01 | [2.2.x] Fixed CVE-2019-12781 -- Made HttpRequest always trust ↵ | Carlton Gibson | |
| SECURE_PROXY_SSL_HEADER if set. An HTTP request would not be redirected to HTTPS when the SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if the proxy connected to Django via HTTPS. HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if set, rather than falling back to the request scheme when the SECURE_PROXY_SSL_HEADER did not have the secure value. Thanks to Gavin Wahl for the report and initial patch suggestion, and Shai Berger for review. Backport of 54d0f5e62f54c29a12dd96f44bacd810cbe03ac8 from master | |||
| 2019-01-16 | Fixed #20147 -- Added HttpRequest.headers. | Santiago Basulto | |
| 2018-09-25 | Normalized spelling of "lowercase" and "lowercased". | Jon Dufresne | |
| 2018-09-25 | Refs #29784 -- Normalized Python docs links to omit the version. | Jon Dufresne | |
| 2018-08-02 | Fixed #29627 -- Fixed QueryDict.urlencode() crash with non-string values. | Tim Graham | |
| Regression in 7d96f0c49ab750799860e42716d7105e11de44de. | |||
| 2018-07-16 | Fixed django/http/request.py docstring typo. | François Freitag | |
| 2018-07-10 | Simplified HttpRequest.__iter__(). | Sergey Fedoseev | |
| 2018-06-07 | Removed unused HttpRequest._post_parse_error attribute. | Josh Schneier | |
| Unused since 8f8c54f70bfa3aa8e311514297f1eeded2c32593. | |||
| 2018-05-15 | Fixed #16470 -- Allowed FileResponse to auto-set some Content headers. | Claude Paroz | |
| Thanks Simon Charette, Jon Dufresne, and Tim Graham for the reviews. | |||
| 2018-04-13 | Fixed #27863 -- Added support for the SameSite cookie flag. | Alex Gaynor | |
| Thanks Alex Gaynor for contributing to the patch. | |||
| 2018-02-07 | Refs #27795 -- Replaced force_bytes() usage in django.http. | Tim Graham | |
| 2018-01-10 | Fixed #28828 -- Improved performance of HttpRequest.build_absolute_uri(). | George-Cristian Bîrzan | |
| 2018-01-08 | Fixed #28989 -- Fixed HttpResponse.delete_cookie() for cookies that use ↵ | Alvin Lindstam | |
| __Secure/Host prefixes. | |||
| 2018-01-03 | Fixed #28982 -- Simplified code with and/or. | Дилян Палаузов | |
| 2018-01-02 | Fixed #28965 -- Updated Set-Cookie's Expires date format to follow RFC 7231. | Alexey | |
| 2017-12-26 | Fixed #28930 -- Simplified code with any() and all(). | Дилян Палаузов | |
| 2017-11-14 | Fixed #28795 -- Removed 'not in' checks and used dict.setdefault(). | Дилян Палаузов | |
| 2017-11-07 | Fixed #28720 -- Added HttpRequest.get_full_path_info(). | Jonas Haag | |
| 2017-11-06 | Fixed #28776 -- Fixed a/an/and typos in docs and comments. | Дилян Палаузов | |
| 2017-09-25 | Fixed #27857 -- Dropped support for Python 3.4. | Tim Graham | |
| 2017-09-22 | Removed unused eof argument to BoundaryIter._find_boundary(). | Mariusz Felisiak | |
| Unused since its introduction in d725cc9734272f867d41f7236235c28b3931a1b2. | |||
| 2017-09-07 | Reverted "Fixed #27818 -- Replaced try/except/pass with contextlib.suppress()." | Tim Graham | |
| This reverts commit 550cb3a365dee4edfdd1563224d5304de2a57fda because try/except performs better. | |||
| 2017-08-23 | Removed unneeded iter() calls. | Sergey Fedoseev | |
| A few of these were unnecessarily added in 2b281cc35ed9d997614ca3c416928d7fabfef1ad. | |||
| 2017-06-28 | Fixed #27818 -- Replaced try/except/pass with contextlib.suppress(). | Mads Jensen | |
| 2017-05-27 | Fixed #28226 -- Replaced use of str.join() with concatenation. | Tom | |
| 2017-04-27 | Refs #27795 -- Replaced many force_text() with str() | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2017-04-26 | Fixed #28137 -- Deprecated HttpRequest.xreadlines(). | Josh Schneier | |
| 2017-02-20 | Refs #27656 -- Updated django.forms/http docstring verbs according to PEP 257. | Anton Samarchyan | |
| 2017-02-17 | Fixed #27308 -- Fixed BytesWarnings in the test suite. | Tim Graham | |
| 2017-01-26 | Refs #23919, #27778 -- Removed obsolete mentions of unicode. | Vytis Banaitis | |
| 2017-01-25 | Corrected http.multipartparser.exhaust() docstring. | Tim Graham | |
| MultiPartParserError was removed in ebf34c3cdcd2c75349c60a064427ac255958bf9b. | |||
| 2017-01-25 | Refs #23919 -- Replaced super(ClassName, self) with super(). | chillaranand | |
| 2017-01-25 | Removed unused variables that are overwritten. | Mads Jensen | |
| 2017-01-22 | Refs #23919 -- Replaced six.reraise by raise | Claude Paroz | |
| 2017-01-20 | Refs #23919 -- Removed unneeded str() calls | Claude Paroz | |
| 2017-01-20 | Refs #23919 -- Removed unneeded force_str calls | Claude Paroz | |
| 2017-01-19 | Refs #23919 -- Removed Python 2 version check in django.http.cookie. | Tim Graham | |
| 2017-01-19 | Refs #23919 -- Stopped inheriting from object to define new style classes. | Simon Charette | |
| 2017-01-18 | Refs #23919 -- Removed most of remaining six usage | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2017-01-18 | Refs #23919 -- Removed six.<various>_types usage | Claude Paroz | |
| Thanks Tim Graham and Simon Charette for the reviews. | |||
| 2017-01-18 | Refs #23919 -- Removed six.PY2/PY3 usage | Claude Paroz | |
| Thanks Tim Graham for the review. | |||
| 2017-01-18 | Refs #23919 -- Removed encoding preambles and future imports | Claude Paroz | |
| 2016-12-27 | Fixed #27640 -- Fixed HttpResponse's __repr__() without a 'Content-Type' ↵ | roboslone | |
| header. | |||
| 2016-12-19 | Fixed #27606 -- Fixed HttpResponseRedirect.__repr__() crash when ↵ | Jerome Leclanche | |
| DisallowedRedirect is raised. | |||
| 2016-12-07 | Refs #17235 -- Made MultiPartParser leave request.POST immutable. | Vinay Karanam | |
| 2016-11-29 | Fixed #27181 -- Allowed contrib.sites to match domains with trailing ".". | Anton Samarchyan | |
| 2016-11-17 | Fixed #27156 -- Made changing HttpRequest.encoding clear GET. | PREMANAND | |
| 2016-11-14 | Fixed E305 flake8 warnings. | Ramin Farajpour Cami | |
