summaryrefslogtreecommitdiff
path: root/tests/regressiontests/requests
AgeCommit message (Collapse)Author
2013-02-26Merged regressiontests and modeltests into the test root.Florian Apolloner
2013-02-19Added a new required ALLOWED_HOSTS setting for HTTP host header validation.Carl Meyer
This is a security fix; disclosure and advisory coming shortly.
2013-02-13Removed try-except in django.db.close_connection()Anssi Kääriäinen
The reason was that the except clause needed to remove a connection from the django.db.connections dict, but other parts of Django do not expect this to happen. In addition the except clause was silently swallowing the exception messages. Refs #19707, special thanks to Carl Meyer for pointing out that this approach should be taken.
2013-02-10Fixed #19707 -- Reset transaction state after requestsAnssi Kääriäinen
2012-12-29Removed HttpRequest.raw_post_data.Aymeric Augustin
2012-12-22Fixed #19468 -- Decoded request.path correctly on Python 3.Aymeric Augustin
Thanks aliva for the report and claudep for the feedback.
2012-12-10Fixed a security issue in get_host.Florian Apolloner
Full disclosure and new release forthcoming.
2012-11-03Fixed #19101 -- Decoding of non-ASCII POST data on Python 3.Aymeric Augustin
Thanks Claude Paroz.
2012-10-30Fixed #5076 -- Properly decode POSTs with non-utf-8 payload encodingClaude Paroz
Thanks daniel at blogg.se for the report and Aymeric Augustin for his assistance on the patch.
2012-10-26Don't use : as an invalid cookie characterIan Clelland
Since http://bugs.python.org/issue2193 has been resolved in favour of the colon in cookie names, we need to test invalid cookie removal using a different character. "@" is still considered invalid by all sources.
2012-10-20Used @override_settings in several tests.Aymeric Augustin
2012-10-20Used FakePayload in requests testsClaude Paroz
2012-10-20Fixed #5611 -- Restricted accepted content types in parsing POST dataClaude Paroz
Thanks paulegan for the report and Preston Holmes for the review.
2012-10-18Added missed poisoned host header testsPreston Holmes
2012-08-11[py3] Used BytesIO to test request streamsClaude Paroz
2012-08-08[py3] Used compatible imports of StringIO.Aymeric Augustin
2012-06-07Fixed #18269 -- Applied unicode_literals for Python 3 compatibility.Claude Paroz
Thanks Vinay Sajip for the support of his django3 branch and Jannis Leidel for the review.
2012-05-19Marked bytestrings with b prefix. Refs #18269Claude Paroz
This is a preparation for unicode literals general usage in Django (Python 3 compatibility).
2012-05-03Inserted more simplefilter calls to be sure warnings are emitted.Claude Paroz
Thanks to Florian Apolloner for suggesting the patch.
2012-05-03Made warning assertions work with or without -Wall python switchClaude Paroz
2012-05-03Used catch_warnings instead of save/restore methods. Refs #17049.Claude Paroz
2012-05-03Fixed #18042 -- Advanced deprecation warnings.Aymeric Augustin
Thanks Ramiro for the patch.
2012-03-31Fixed #18029 -- Removed mod_python as of deprecation process. Thanks Aymeric ↵Claude Paroz
Augustin for the review. git-svn-id: http://code.djangoproject.com/svn/django/trunk@17835 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-30Removed with_statement imports, useless in Python >= 2.6. Refs #17965. ↵Claude Paroz
Thanks jonash for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@17828 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-18Fixed #17931 -- Accepted aware datetimes to set cookies expiry dates. Thanks ↵Aymeric Augustin
jaddison for the report. git-svn-id: http://code.djangoproject.com/svn/django/trunk@17766 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-02-10Fixed #17277 - Wrap IOErrors raised due to client disconnect in a specific ↵Carl Meyer
IOError subclass so they can be distinguished from more serious errors. Thanks David Lowe. git-svn-id: http://code.djangoproject.com/svn/django/trunk@17493 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-16Refs #17323 -- Updated a test to use try/finally to avoid state leakage. ↵Carl Meyer
Thanks dstufft for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@17211 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-16Fixed #17323 -- Renamed HttpRequest.raw_post_data to request.body. Thanks ↵Adrian Holovaty
for the patch, dstufft git-svn-id: http://code.djangoproject.com/svn/django/trunk@17210 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-10Added protection against spoofing of X_FORWARDED_HOST headers. A security ↵Russell Keith-Magee
announcement will be made shortly. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16758 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-28Fixed #15785 -- Stopped HttpRequest.read() from reading beyond the end of a ↵Jannis Leidel
wsgi.input stream and removed some redundant code in the multipartparser. Thanks, tomchristie, grahamd and isagalaev. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16479 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-10Fixed #16201 -- Ensure that requests with Content-Length=0 don't break the ↵Russell Keith-Magee
multipart parser. Thanks to albsen for the report and patch git-svn-id: http://code.djangoproject.com/svn/django/trunk@16353 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-09Fixed #16178 - Cleanup request classes' `__repr__()`Luke Plant
Thanks to julien for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16350 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-28Fixed #15679 - regression in HttpRequest.POST and raw_post_data access.Luke Plant
Thanks to vkryachko for the report. This also fixes a slight inconsistency with raw_post_data after parsing of a multipart request, and adds a test for that. (Previously accessing raw_post_data would have returned the empty string rather than raising an Exception). git-svn-id: http://code.djangoproject.com/svn/django/trunk@15938 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-16Fixed #15018 -- Corrected the handling of LimitedStream under one edge case ↵Russell Keith-Magee
involving size restricted buffers and newlines. Thanks to xjdrew for the report, and aaugustin for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@15222 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-26Fixed #3304 -- Added support for HTTPOnly cookies. Thanks to arvin for the ↵Russell Keith-Magee
suggestion, and rodolfo for the draft patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14707 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-07Make the requests test use unittest2, rather than the system unittest.Alex Gaynor
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14487 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-29Fixed #9886 -- Added a file-like interface to HttpRequest. Thanks to Ivan ↵Russell Keith-Magee
Sagalaev for the suggestion and patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14394 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-28Modified the requests unit tests so that they aren't dependent on dictionary ↵Russell Keith-Magee
ordering. git-svn-id: http://code.djangoproject.com/svn/django/trunk@13948 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-28Migrated requests doctests. Thanks to Stephan Jaekel.Russell Keith-Magee
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13927 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-28Fixed #14351 -- Modified the requests test case to avoid an timing problem ↵Russell Keith-Magee
in the test. git-svn-id: http://code.djangoproject.com/svn/django/trunk@13922 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-12Allow setting HttpResponse cookie expiry times with datetime objects.Malcolm Tredinnick
Patch from SmileyChris. Fixed #7770. git-svn-id: http://code.djangoproject.com/svn/django/trunk@13809 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-23Fixed #7494 -- Fixed build_absolute_url() for some types of (uncommon) URLs.Malcolm Tredinnick
Patch from tom@almostobsolete.net and RobotAdam. git-svn-id: http://code.djangoproject.com/svn/django/trunk@8490 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-21Changed/fixed the way Django handles SCRIPT_NAME and PATH_INFO (orMalcolm Tredinnick
equivalents). Basically, URL resolving will only use the PATH_INFO and the SCRIPT_NAME will be prepended by reverse() automatically. Allows for more portable development and installation. Also exposes SCRIPT_NAME in the HttpRequest instance. There are a number of cases where things don't work completely transparently, so mod_python and fastcgi users should read the relevant docs. Fixed #285, #1516, #3414. git-svn-id: http://code.djangoproject.com/svn/django/trunk@8015 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-17Fixed #6764 -- Added some error checking around cookie decoding. Thanks,Malcolm Tredinnick
Michael Axiak. git-svn-id: http://code.djangoproject.com/svn/django/trunk@7257 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-08Fixed tests added in [7200] to not depend on unpredictable key order of ↵Gary Wilson Jr
dict, which was sometimes causing a test error. git-svn-id: http://code.djangoproject.com/svn/django/trunk@7207 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-08Fixed #5595 -- Made `ModPythonRequest.__repr__` return a string instead of a ↵Gary Wilson Jr
unicode object. Fixes the printout of the request object in those server error e-mails I never get :) git-svn-id: http://code.djangoproject.com/svn/django/trunk@7200 bcc190cf-cafb-0310-a4f2-bffc1f526a37