summaryrefslogtreecommitdiff
path: root/tests/file_uploads
AgeCommit message (Collapse)Author
2026-02-10Modified tests to format PKs with %s rather than %d.Tim Graham
It's how Django formats values internally and makes tests compatible with databases that use non-integer primary keys.
2025-07-23Refs #36500 -- Rewrapped long docstrings and block comments via a script.django-bot
Rewrapped long docstrings and block comments to 79 characters + newline using script from https://github.com/medmunds/autofix-w505.
2025-07-23Removed double spaces after periods and within phrases.Sarah Boyce
2024-07-09Fixed CVE-2024-39330 -- Added extra file name validation in Storage's save ↵Natalia
method. Thanks to Josh Schneier for the report, and to Carlton Gibson and Sarah Boyce for the reviews.
2024-01-26Applied Black's 2024 stable style.Mariusz Felisiak
https://github.com/psf/black/releases/tag/24.1.0
2023-11-24Fixed #34968 -- Made multipart parsing of headers raise an error on too long ↵Standa Opichal
headers. This also allow customizing the maximum size of headers via MAX_TOTAL_HEADER_SIZE.
2023-01-12Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings.Jarosław Wygoda
2023-01-10Fixed #34110 -- Added in-memory file storage.Francesco Panico
Thanks Paolo Melchiorre, Carlton Gibson, and Mariusz Felisiak for reviews.
2022-12-30Refs #34100 -- Made file upload tests use Storage.exists() where appropriate.Francesco Panico
2022-11-10Updated documentation and comments for RFC updates.Nick Pope
- Updated references to RFC 1123 to RFC 5322 - Only partial as RFC 5322 sort of sub-references RFC 1123. - Updated references to RFC 2388 to RFC 7578 - Except RFC 2388 Section 5.3 which has no equivalent. - Updated references to RFC 2396 to RFC 3986 - Updated references to RFC 2616 to RFC 9110 - Updated references to RFC 3066 to RFC 5646 - Updated references to RFC 7230 to RFC 9112 - Updated references to RFC 7231 to RFC 9110 - Updated references to RFC 7232 to RFC 9110 - Updated references to RFC 7234 to RFC 9111 - Tidied up style of text when referring to RFC documents
2022-06-28Refs #33697 -- Used django.utils.http.parse_header_parameters() for parsing ↵Mehrdad
boundary streams. This also removes unused parse_header() and _parse_header_params() helpers in django.http.multipartparser.
2022-06-01Refs #33697 -- Fixed multipart parsing of headers with double quotes and ↵Mehrdad
semicolons. See https://github.com/python/cpython/commit/1ef0c0349e8fdb5415e21231cb42edbf232b742a
2022-02-07Refs #33476 -- Refactored code to strictly match 88 characters line length.Mariusz Felisiak
2022-02-07Refs #33476 -- Reformatted code with Black.django-bot
2022-02-03Refs #33476 -- Refactored problematic code before reformatting by Black.Mariusz Felisiak
In these cases Black produces unexpected results, e.g. def make_random_password( self, length=10, allowed_chars='abcdefghjkmnpqrstuvwxyz' 'ABCDEFGHJKLMNPQRSTUVWXYZ' '23456789', ): or cursor.execute(""" SELECT ... """, [table name], )
2022-02-01Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads.Mariusz Felisiak
Thanks Alan Ryan for the report and initial patch.
2022-01-20Fixed #33062 -- Made MultiPartParser remove non-printable chars from file names.Hrushikesh Vaidya
2021-07-05Fixed isolation of test_filename_traversal_upload().Mariusz Felisiak
shutil.rmtree(MEDIA_ROOT) is already called as a class cleanup.
2021-06-04Refs #32355 -- Used addClassCleanup() in tests.Mariusz Felisiak
Inspired by Adam Johnson talk on DjangoCon Europe 2021.
2021-05-04Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.Florian Apolloner
2021-04-06Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files.Mariusz Felisiak
Thanks Claude Paroz for the initial patch. Thanks Dennis Brinkrolf for the report.
2020-09-30Fixed #30422 -- Made TemporaryFileUploadHandler handle interrupted uploads.aryan
This patch allows upload handlers to handle interrupted uploads. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-09-30Refs #30422 -- Added test for removing temporary files in MultiPartParser ↵aryan
when StopUpload is raised.
2020-06-11Fixed #28132 -- Made MultiPartParser ignore filenames with trailing slash.Michael Brown
2020-04-20Capitalized Unicode in docs, strings, and comments.Jon Dufresne
2020-02-28Fixed #31293 -- Allowed MultiPartParser to handle double-quoted encoded headers.007
2019-10-29Used more specific unittest assertions in tests.Nick Pope
* assertIsNone()/assertIsNotNone() instead of comparing to None. * assertLess() for < comparisons. * assertIs() for 'is' expressions. * assertIsInstance() for isinstance() expressions. * rounding of assertAlmostEqual() for round() expressions. * assertIs(..., True/False) instead of comparing to True/False. * assertIs()/assertIsNot() for ==/!= comparisons. * assertNotEqual() for == comparisons. * assertTrue()/assertFalse() instead of comparing to True/False.
2019-03-15Cleaned up exception message checking in some tests.Jon Dufresne
2019-02-09Refs #15362 -- Removed obsolete workaround in file_uploads test view.Jon Dufresne
2019-02-09Removed default empty content argument from HttpResponse calls.Jon Dufresne
2019-01-31Fixed #30147 -- Simplified directory creation with os.makedirs(..., ↵Jon Dufresne
exist_ok=True).
2019-01-28Fixed #30137 -- Replaced OSError aliases with the canonical OSError.Jon Dufresne
Used more specific errors (e.g. FileExistsError) as appropriate.
2018-12-31Updated test URL patterns to use path() and re_path().Tim Graham
2018-06-12Added tests for incorrect content type and size in MultiPartParser.Mads Jensen
2018-02-07Refs #27795 -- Removed force_bytes/text() usage in tests.Tim Graham
2017-05-27Fixed #28249 -- Removed unnecessary dict.keys() calls.Jon Dufresne
iter(dict) is equivalent to iter(dict.keys()).
2017-02-09Refs #23919 -- Removed default 'utf-8' argument for str.encode()/decode().Tim Graham
2017-02-08Used JsonResponse and response.json in file_uploads tests.Tim Graham
2017-01-26Refs #23919 -- Replaced tempfile.mkdtemp() with TemporaryDirectory() context ↵Chillar Anand
manager.
2017-01-26Refs #23919 -- Replaced usage of django.utils.http utilities with Python ↵Claude Paroz
equivalents Thanks Tim Graham for the review.
2017-01-25Refs #23919 -- Replaced super(ClassName, self) with super().chillaranand
2017-01-25Refs #23919 -- Replaced errno checking with PEP 3151 exceptions.Tim Graham
2017-01-20Refs #23919 -- Removed unneeded force_str callsClaude Paroz
2017-01-19Refs #23919 -- Removed obsolete contextlib.closing() calls (for Python 2).Tim Graham
2017-01-18Refs #23919 -- Removed most of remaining six usageClaude Paroz
Thanks Tim Graham for the review.
2017-01-18Refs #23919 -- Removed six.<various>_types usageClaude Paroz
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18Refs #23919 -- Removed six.PY2/PY3 usageClaude Paroz
Thanks Tim Graham for the review.
2017-01-18Refs #23919 -- Removed encoding preambles and future importsClaude Paroz
2016-11-10Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings.za
2016-09-03Replaced smart_* by force_* calls whenever possibleClaude Paroz
The smart_* version should only be used when a lazy string should keep its lazy status.