summaryrefslogtreecommitdiff
path: root/django/http
AgeCommit message (Collapse)Author
2017-01-18Refs #23919 -- Removed six.PY2/PY3 usageClaude Paroz
Thanks Tim Graham for the review.
2017-01-18Refs #23919 -- Removed encoding preambles and future importsClaude Paroz
2016-12-27Fixed #27640 -- Fixed HttpResponse's __repr__() without a 'Content-Type' ↵roboslone
header.
2016-12-19Fixed #27606 -- Fixed HttpResponseRedirect.__repr__() crash when ↵Jerome Leclanche
DisallowedRedirect is raised.
2016-12-07Refs #17235 -- Made MultiPartParser leave request.POST immutable.Vinay Karanam
2016-11-29Fixed #27181 -- Allowed contrib.sites to match domains with trailing ".".Anton Samarchyan
2016-11-17Fixed #27156 -- Made changing HttpRequest.encoding clear GET.PREMANAND
2016-11-14Fixed E305 flake8 warnings.Ramin Farajpour Cami
2016-11-01Fixed CVE-2016-9014 -- Validated Host header when DEBUG=True.Tim Graham
This is a security fix.
2016-09-03Replaced smart_* by force_* calls whenever possibleClaude Paroz
The smart_* version should only be used when a lazy string should keep its lazy status.
2016-08-30Fixed #27153 -- Added validation for HttpResponse status.Ryan Allen
2016-08-11Fixed #27046 -- Supported IPv6-formatted IPv4 addresses in host validation.Tim Graham
Thanks LaMont Jones for the report and patch.
2016-08-03Fixed #27005 -- Fixed crash if request.META[''CONTENT_LENGTH']=''.Tim Graham
2016-06-15Fixed broken links in docs and comments.Ville Skyttä
2016-06-06Fixed #26707 -- Added QueryDict.fromkeys()wim glenn
2016-06-05Fixed comment typo in multiparser.pyJon Dufresne
2016-06-04Made style improvements to multipartparser.pyAsif Saifuddin Auvi
2016-05-12Fixed #21231 -- Enforced a max size for GET/POST values read into memory.Andre Cruz
Thanks Tom Christie for review.
2016-05-06Removed HTTP prefixed CONTENT_TYPE/LENGTH headers in MultiPartParser.Tim Graham
The docs say that these headers always appear without the HTTP_ prefix. This may have been an oversight when they were added in d725cc9734272f867d41f7236235c28b3931a1b2, the only commit that uses these names.
2016-05-03Refs #22897 -- Removed unneeded empty string QueryDict argument.Tim Graham
2016-04-25Fixed #26052 -- Moved conditional_content_removal() processing to the test ↵Tim Graham
client.
2016-04-08Fixed E128 flake8 warnings in django/.Tim Graham
2016-03-15Fixed #26158 -- Rewrote http.parse_cookie() to better match browsers.Collin Anderson
2016-03-14Simplified _cookie_allows_colon_in_names condition.Tim Graham
2016-03-14Removed a workaround for a cookie encoding bug [1] in Python < 2.7.2.Tim Graham
[1] http://bugs.python.org/issue9824
2016-03-07Fixed #26325 -- Made MultiPartParser ignore filenames that normalize to an ↵John-Mark Bell
empty string.
2016-02-10Fixed #26014 -- Added WSGIRequest content_type and content_params attributes.Curtis Maloney
Parsed the CONTENT_TYPE header once and recorded it on the request.
2016-01-25Fixed #26125 -- Fixed E731 flake warnings.userimack
2015-12-14Fixed #25725 -- Made HttpReponse immediately close objects.Johannes Hoppe
2015-11-18Fixed #25644 -- Fixed reset cookie expiry date bug.Raphael Merx
Setting a cookie with the same name as a previously deleted cookie would set its expiry date to 'Thu, 01-Jan-1970 00:00:00 GMT'.
2015-10-21Fixed #25576 -- Added IOBase methods required by TextIOWrapper to HttpResponse.Jon Dufresne
2015-09-16Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN.Matt Robenolt
Thanks Seth Gottlieb for help with the documentation and Carl Meyer and Joshua Kehn for reviews.
2015-09-04Fixed #25099 -- Fixed crash in AdminEmailHandler on DisallowedHost.Vlastimil Zíma
2015-08-31Fixed #25331 -- Removed trailing blank lines in docstrings.Maxime Lorant
2015-08-12Fixed #25254 -- Added JsonResponse json_dumps_params parameter.Sambhav Satija
2015-08-04Fixed #25211 -- Added HttpRequest.get_port() and USE_X_FORWARDED_PORT setting.Matt Robenolt
2015-07-15Refs #24121 -- Added meaningful repr() to HttpResponse and subclasses.Keryn Knight
2015-07-13Fixed #25099 -- Cleaned up HttpRequest representations in error reporting.Vlastimil Zíma
2015-06-27Sorted imports in __init__.py files.Tim Graham
2015-06-17Refs #23763 -- Fixed Python 3.5 PendingDeprecationWarning in LazyStream.Tim Graham
Fixed "PendingDeprecationWarning: generator 'LazyStream.read.<locals>.parts' raised StopIteration" per PEP 0479.
2015-05-13Removed unnecessary arguments in .get method callsPiotr Jakimiak
2015-03-26Fixed #19910 -- Added slash to i18n redirect if APPEND_SLASH is set.Bas Peschier
This introduces a force_append_slash argument for request.get_full_path() which is used by RedirectFallbackMiddleware and CommonMiddleware when handling redirects for settings.APPEND_SLASH.
2015-03-18Fixed #23960 -- Removed http.fix_location_headerClaude Paroz
Thanks Carl Meyer for the report and Tim Graham for the review.
2015-03-12Fixed #24139 -- Changed HttpResponse.reason_phrase to evaluate based on ↵Jon Dufresne
status_code.
2015-03-11Fixed #24463 -- Removed mod_python functionality from HttpRequest._get_scheme()Rik
2015-02-19Fixed #20889 -- Prevented BadHeaderError when Python inserts newlineClaude Paroz
Workaround for http://bugs.python.org/issue20747. In some corner cases, Python 2 inserts a newline in a header value despite `maxlinelen` passed in Header constructor. Thanks Tim Graham for the review.
2015-02-06Sorted imports with isort; refs #23860.Tim Graham
2015-02-03Fixed #24240 -- Allowed GZipping a Unicode StreamingHttpResponseMatthew Somerville
make_bytes() assumed that if the Content-Encoding header is set, then everything had already been dealt with bytes-wise, but in a streaming situation this was not necessarily the case. make_bytes() is only called when necessary when working with a StreamingHttpResponse iterable, but by that point the middleware has added the Content-Encoding header and thus make_bytes() tried to call bytes(value) (and dies). If it had been a normal HttpResponse, make_bytes() would have been called when the content was set, well before the middleware set the Content-Encoding header. This commit removes the special casing when Content-Encoding is set, allowing unicode strings to be encoded during the iteration before they are e.g. gzipped. This behaviour was added a long time ago for #4969 and it doesn't appear to be necessary any more, as everything is correctly made into bytes at the appropriate places. Two new tests, to show that supplying non-ASCII characters to a StreamingHttpResponse works fine normally, and when passed through the GZip middleware (the latter dies without the change to make_bytes()). Removes the test with a nonsense Content-Encoding and Unicode input - if this were to happen, it can still be encoded as bytes fine.
2015-01-28Fixed #24137 -- Switched to HTTP reason phrases from Python stdlib.Jon Dufresne
2015-01-27Fixed #24209 -- Prevented crash when parsing malformed RFC 2231 headersRaul Cumplido
Thanks Tom Christie for the report and review.