summaryrefslogtreecommitdiff
path: root/django/http
AgeCommit message (Expand)Author
2026-04-07[4.2.x] Fixed CVE-2026-33034 -- Enforced DATA_UPLOAD_MAX_MEMORY_SIZE on body ...Natalia
2026-04-07[4.2.x] Fixed CVE-2026-33033 -- Mitigated potential DoS in MultiPartParser.Natalia
2025-11-26[4.2.x] Fixed #36743 -- Increased URL max length enforced in HttpResponseRedi...varunkasyap
2025-11-05[4.2.x] Fixed CVE-2025-64458 -- Mitigated potential DoS in HttpResponseRedire...Jacob Walls
2023-04-12[4.2.x] Refs #34482 -- Reverted "Fixed #32969 -- Fixed pickling HttpResponse ...Mariusz Felisiak
2023-04-12[4.2.x] Fixed #34484, Refs #34482 -- Reverted "Fixed #29186 -- Fixed pickling...Mariusz Felisiak
2023-02-14[4.2.x] Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files.Markus Holtermann
2022-12-22Fixed #33735 -- Added async support to StreamingHttpResponse.Carlton Gibson
2022-12-05Fixed #34194 -- Added django.utils.http.content_disposition_header().Alex Vandiver
2022-11-14Fixed #34074 -- Added headers argument to RequestFactory and Client classes.David Wobrock
2022-11-10Updated documentation and comments for RFC updates.Nick Pope
2022-10-31Used more augmented assignment statements.Nick Pope
2022-09-14Fixed #29186 -- Fixed pickling HttpRequest and subclasses.Anvesh Mishra
2022-08-03Fixed CVE-2022-36359 -- Escaped filename in Content-Disposition header.Carlton Gibson
2022-06-28Refs #33697 -- Used django.utils.http.parse_header_parameters() for parsing b...Mehrdad
2022-06-28Removed unnecessary _parse_header() from MultiPartParser.Mariusz Felisiak
2022-06-28Refs #33697 -- Made MediaType use django.utils.http.parse_header_parameters().Mehrdad
2022-06-20Fixed #32969 -- Fixed pickling HttpResponse and subclasses.Anv3sh
2022-06-09Fixed #33755 -- Moved ASGI body-file cleanup into request class.Jonas Lundberg
2022-06-03Refs #33697 -- Made MultiPartParser use django.utils.http.parse_header_parame...Mehrdad
2022-06-01Refs #33697 -- Fixed multipart parsing of headers with double quotes and semi...Mehrdad
2022-05-17Fixed #33683 -- Document HttpResponseBase and allow import from django.httpCollin Anderson
2022-05-11Refs #33173 -- Removed use of deprecated cgi module.Carlton Gibson
2022-03-24Refs #32365 -- Removed internal uses of utils.timezone.utc alias.Carlton Gibson
2022-03-23Fixed #33569 -- Added SECURE_PROXY_SSL_HEADER support for list of protocols i...Thomas Schmidt
2022-03-07Refs #33562 -- Made HttpResponse.set_cookie() raise ValueError when both "exp...Luke Plant
2022-03-07Fixed #33562 -- Made HttpResponse.set_cookie() support timedelta for the max_...Luke Plant
2022-03-02Refs #33546 -- Optimized handling content types in HttpResponseBase.__init__().Keryn Knight
2022-03-02Refs #33546 -- Optimized HttpResponseBase.charset a bit.Keryn Knight
2022-03-02Refs #33546 -- Optimized ResponseHeaders._convert_to_charset() by reducing th...Keryn Knight
2022-03-02Refs #33546 -- Avoided unpacking data in ResponseHeaders when not necessary.Keryn Knight
2022-02-07Refs #33476 -- Refactored code to strictly match 88 characters line length.Mariusz Felisiak
2022-02-07Refs #33476 -- Reformatted code with Black.django-bot
2022-02-01Fixed CVE-2022-23833 -- Fixed DoS possiblity in file uploads.Mariusz Felisiak
2022-01-20Fixed #33062 -- Made MultiPartParser remove non-printable chars from file names.Hrushikesh Vaidya
2022-01-07Fixed #28628 -- Changed \d to [0-9] in regexes where appropriate.Ad Timmering
2021-12-02Updated various links to HTTPS and new locations.Mariusz Felisiak
2021-10-15Refs #30509 -- Adjusted internal FileResponse variable name.Carlton Gibson
2021-10-14Fixed #30509 -- Made FileResponse better handle buffers and non-zero file off...Piotr Kunicki
2021-09-22Optimized handling case-insensitive mappings.Illia Volochii
2021-08-02Simplified serializing HTTP response headers.Illia Volochii
2021-06-22Refs #24121 -- Added __repr__() to StreamingHttpResponse and subclasses.Nicolas Restrepo
2021-05-12Fixed #32366 -- Updated datetime module usage to recommended approach.Nick Pope
2021-05-04Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.Florian Apolloner
2021-04-30Fixed #32698 -- Moved HttpRequest.get_raw_uri() to ExceptionReporter._get_raw...Hasan Ramezani
2021-04-29Fixed capitalization of "ECMAScript" and "JavaScript".Nick Pope
2021-04-06Fixed CVE-2021-28658 -- Fixed potential directory-traversal via uploaded files.Mariusz Felisiak
2021-02-10Fixed #32355 -- Dropped support for Python 3.6 and 3.7Mariusz Felisiak
2021-01-28Fixed #32389 -- Fixed ResponseHeaders crash when data is not mapping.Illia Volochii
2021-01-14Refs #30997 -- Removed HttpRequest.is_ajax() per deprecation timeline.Mariusz Felisiak
generated by cgit v1.3 (git 2.53.0) at 2026-05-01 21:38:56 +0000