summaryrefslogtreecommitdiff
path: root/tests/utils_tests/test_http.py
AgeCommit message (Collapse)Author
2019-03-20[2.2.x] Fixed #30264 -- Fixed crash of test_parsing_year_less_than_70() on ↵Mariusz Felisiak
32-bit systems. Thanks Andreas Beckmann and Chris Lamb for the report. Backport of c9888bc8ecb8943ef08090e3325dcbdac825eafc from master
2018-12-27Fixed #30024 -- Made urlencode() and Client raise TypeError when None is ↵Jon Dufresne
passed as data.
2018-11-03Increased test coverage of django.utils.http.Hasan Ramezani
2018-08-01Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware.Andreas Hug
2018-06-29Fixed #29525 -- Allowed is_safe_url()'s allowed_hosts arg to be a string.Przemysław Suliga
2018-01-11Fixed #28638 -- Made allowed_hosts a required argument of is_safe_url().Jon Dufresne
2018-01-02Refs #28965 -- Deprecated unused django.utils.http.cookie_date().Tim Graham
2017-10-12Fixed #28679 -- Fixed urlencode()'s handling of bytes.François Freitag
Regression in fee42fd99ee470528858c2ccb3621135c30ec262. Thanks Claude Paroz, Jon Dufresne, and Tim Graham for the guidance.
2017-10-10Split django.utils.http tests into separate test classes.François Freitag
2017-09-22Refs #26956 -- Removed the host parameter of django.utils.http.is_safe_url().Tim Graham
Per deprecation timeline.
2017-09-21Added test for too large input to django.utils.http.base36_to_int().Mads Jensen
2017-05-10Fixed #28142 -- Fixed is_safe_url() crash on invalid IPv6 URLs.UmanShahzad
2017-04-04Fixed #27912, CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs.Tim Graham
This is a security fix.
2017-01-18Refs #23919 -- Removed six.PY2/PY3 usageClaude Paroz
Thanks Tim Graham for the review.
2017-01-18Refs #23919 -- Removed encoding preambles and future importsClaude Paroz
2016-09-17Refs #27025 -- Fixed "invalid escape sequence" warnings in Python 3.6.Tim Graham
http://bugs.python.org/issue27364
2016-09-10Fixed #27083 -- Added support for weak ETags.Kevin Christopher Henry
2016-09-07Refs #26956 -- Allowed is_safe_url() to validate against multiple hostsJon Dufresne
2016-08-19Fixed #26902 -- Allowed is_safe_url() to require an https URL.Przemysław Suliga
Thanks Andrew Nester, Berker Peksag, and Tim Graham for reviews.
2016-04-08Fixed E128 flake8 warnings in tests/.Tim Graham
2016-03-04Added safety to URL decoding in is_safe_url() on Python 2Claude Paroz
The errors='replace' parameter to force_text altered the URL before checking it, which wasn't considered sane. Refs 24fc935218 and ada7a4aef.
2016-03-04Fixed #26308 -- Prevented crash with binary URLs in is_safe_url()Claude Paroz
This fixes a regression introduced by c5544d28923. Thanks John Eskew for the reporti and Tim Graham for the review.
2016-03-01Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.Mark Striemer
This is a security fix.
2016-01-29Refs #26022 -- Used context manager version of assertRaises in tests.Hasan
2016-01-05Fixed #26024 -- Fixed regression in ConditionalGetMiddleware ETag support.Denis Cornehl
Thanks Denis Cornehl for help with the patch.
2015-12-03Fixed many spelling mistakes in code, comments, and docs.Josh Soref
2015-09-16Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN.Matt Robenolt
Thanks Seth Gottlieb for help with the documentation and Carl Meyer and Joshua Kehn for reviews.
2015-03-18Made is_safe_url() reject URLs that start with control characters.Tim Graham
This is a security fix; disclosure to follow shortly.
2015-02-12Fixed #24321 -- Improved `utils.http.same_origin` compliance with RFC6454Lukas Klein
2015-02-06Sorted imports with isort; refs #23860.Tim Graham
2015-01-13Fixed is_safe_url() to handle leading whitespace.Tim Graham
This is a security fix. Disclosure following shortly.
2014-11-03Fixed #23620 -- Used more specific assertions in the Django test suite.Berker Peksag
2014-09-23Consolidated some text utils into the utils_tests test package.Loic Bistuer
2014-08-22Fixed #23333 -- Made urlsafe_base64_decode() return proper type on Python 3.Ian Foote
2014-07-07Fixed #22909 -- Removed camelCasing in some tests.Tim Graham
Thanks brylie.
2014-05-14Added additional checks in is_safe_url to account for flexible parsing.Erik Romijn
This is a security fix. Disclosure following shortly.
2014-05-14Dropped fix_IE_for_vary/attach.Aymeric Augustin
This is a security fix. Disclosure following shortly.
2013-10-14Fixed #21266 -- Fixed E201,E202 pep8 warnings.Larry O'Neill
2013-09-02Replaced "not PY3" by "PY2", new in six 1.4.0.Aymeric Augustin
2013-07-01Stopped using django.utils.unittest in the test suite.Aymeric Augustin
Refs #20680.
2013-04-12Modified utils_tests for unittest2 discovery.Preston Timmons