| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2014-04-21 | [1.6.x] Fixed a remote code execution vulnerabilty in URL reversing. | Tim Graham | |
| Thanks Benjamin Bach for the report and initial patch. This is a security fix; disclosure to follow shortly. Backport of 8b93b31487d6d3b0fcbbd0498991ea0db9088054 from master | |||
| 2013-06-14 | Fixed #17076 -- When reversing a URL fails, inform the user which patterns ↵ | Wilfred Hughes | |
| were tried. | |||
| 2013-05-25 | Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation. | Preston Holmes | |
| SuspiciousOperations have been differentiated into subclasses, and are now logged to a 'django.security.*' logger. SuspiciousOperations that reach django.core.handlers.base.BaseHandler will now return a 400 instead of a 500. Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft for review. | |||
| 2013-05-21 | Use assertIsInstance in tests. | Marc Tamlyn | |
| Gives much nicer errors when it fails. | |||
| 2013-03-25 | Fixed #19541 -- Fixed BaseHandler to enable reversing URLs in response ↵ | Loic Bistuer | |
| middlewares and streamed responses with respect to per-request urlconf. | |||
| 2013-03-18 | Fixed #13260 -- Quoted arguments interpolated in URLs in reverse. | Aymeric Augustin | |
| 2013-03-13 | Fix #20022: Correctly handle prefixes with url-unsafe characters in reverse(). | Baptiste Mispelon | |
| 2013-03-10 | Fixed #20019 -- Ensured HttpRequest.resolver_match always exists. | Aymeric Augustin | |
| Obviously it isn't set until the URL is resolved. | |||
| 2013-02-26 | Renamed some tests and removed references to modeltests/regressiontests. | Florian Apolloner | |
| 2013-02-26 | Merged regressiontests and modeltests into the test root. | Florian Apolloner | |
