summaryrefslogtreecommitdiff
path: root/tests/regressiontests/utils/http.py
AgeCommit message (Collapse)Author
2015-03-18[1.4.x] Made is_safe_url() reject URLs that start with control characters.Tim Graham
This is a security fix; disclosure to follow shortly.
2015-01-05[1.4.x] Fixed is_safe_url() to handle leading whitespace.Tim Graham
This is a security fix. Disclosure following shortly.
2014-05-12[1.4.x] Added additional checks in is_safe_url to account for flexible parsing.Tim Graham
This is a security fix. Disclosure following shortly.
2014-05-12[1.4.x] Dropped fix_IE_for_vary/attach.Aymeric Augustin
This is a security fix. Disclosure following shortly.
2012-02-16Use Python's changed comparisons, which makes this a bit more readable.Alex Gaynor
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17526 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-02-16Fixed #17693. Input validation and tests for base36 conversion utils. Thanks ↵Paul McMillan
Keryn Knight for the report. git-svn-id: http://code.djangoproject.com/svn/django/trunk@17525 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-11Fixed #16632 -- Crash on responses without Content-Type with IE. Thanks juan ↵Aymeric Augustin
for the report and kenth for the patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@17196 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-22Fixed #9089 -- Correctly handle list values in MultiValueDict instances when ↵Jannis Leidel
passed to django.utils.http.urlencode. Thanks, kratorius, guettli and obeattie. git-svn-id: http://code.djangoproject.com/svn/django/trunk@16064 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-15Fixed #15617 - CSRF referer checking too strictLuke Plant
Thanks to adam for the report. git-svn-id: http://code.djangoproject.com/svn/django/trunk@15840 bcc190cf-cafb-0310-a4f2-bffc1f526a37