| Age | Commit message (Collapse) | Author |
|
|
|
This is a security fix; disclosure and advisory coming shortly.
|
|
The reason was that the except clause needed to remove a connection
from the django.db.connections dict, but other parts of Django do not
expect this to happen. In addition the except clause was silently
swallowing the exception messages.
Refs #19707, special thanks to Carl Meyer for pointing out that this
approach should be taken.
|
|
|
|
|
|
Thanks aliva for the report and claudep for the feedback.
|
|
Full disclosure and new release forthcoming.
|
|
Thanks Claude Paroz.
|
|
Thanks daniel at blogg.se for the report and Aymeric Augustin for
his assistance on the patch.
|
|
Since http://bugs.python.org/issue2193 has been resolved in favour of
the colon in cookie names, we need to test invalid cookie removal using
a different character. "@" is still considered invalid by all sources.
|
|
|
|
|
|
Thanks paulegan for the report and Preston Holmes for the review.
|
|
|
|
|
|
|
|
Thanks Vinay Sajip for the support of his django3 branch and
Jannis Leidel for the review.
|
|
This is a preparation for unicode literals general usage in
Django (Python 3 compatibility).
|
|
Thanks to Florian Apolloner for suggesting the patch.
|
|
|
|
|
|
Thanks Ramiro for the patch.
|
|
Augustin for the review.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17835 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Thanks jonash for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17828 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
jaddison for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17766 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
IOError subclass so they can be distinguished from more serious errors. Thanks David Lowe.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17493 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Thanks dstufft for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17211 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
for the patch, dstufft
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17210 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
announcement will be made shortly.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16758 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
wsgi.input stream and removed some redundant code in the multipartparser. Thanks, tomchristie, grahamd and isagalaev.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16479 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
multipart parser. Thanks to albsen for the report and patch
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16353 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Thanks to julien for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16350 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Thanks to vkryachko for the report.
This also fixes a slight inconsistency with raw_post_data after parsing of a
multipart request, and adds a test for that. (Previously accessing
raw_post_data would have returned the empty string rather than raising an
Exception).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15938 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
involving size restricted buffers and newlines. Thanks to xjdrew for the report, and aaugustin for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15222 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
suggestion, and rodolfo for the draft patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14707 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14487 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Sagalaev for the suggestion and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14394 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
ordering.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13948 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13927 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
in the test.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13922 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Patch from SmileyChris. Fixed #7770.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13809 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Patch from tom@almostobsolete.net and RobotAdam.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8490 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
equivalents). Basically, URL resolving will only use the PATH_INFO and the
SCRIPT_NAME will be prepended by reverse() automatically. Allows for more
portable development and installation. Also exposes SCRIPT_NAME in the
HttpRequest instance.
There are a number of cases where things don't work completely transparently,
so mod_python and fastcgi users should read the relevant docs.
Fixed #285, #1516, #3414.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8015 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Michael Axiak.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7257 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
dict, which was sometimes causing a test error.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7207 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
unicode object. Fixes the printout of the request object in those server error e-mails I never get :)
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7200 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|