django.git - django

Age	Commit message (Collapse)	Author
2025-09-03	Refs #34989 -- Ensured the Content-Length header is set when redirect with ↵	Ronan LE HAY
	APPEND_SLASH.
2024-05-29	Fixed 35467 -- Replaced urlparse with urlsplit where appropriate.	Jake Howard
	This work should not generate any change of functionality, and `urlsplit` is approximately 6x faster. Most use cases of `urlparse` didn't touch the path, so they can be converted to `urlsplit` without any issue. Most of those which do use `.path`, simply parse the URL, mutate the querystring, then put them back together, which is also fine (so long as urlunsplit is used).
2023-12-08	Fixed #34742 -- Made CommonMiddleware raise APPEND_SLASH RuntimeError on ↵	Avaneesh Kumar
	DELETE requests.
2022-06-02	Fixed #33700 -- Skipped extra resolution for successful requests not ending ↵	Anders Kaseorg
	with /. By moving a should_redirect_with_slash call out of an if block, commit 9390da7fb6e251eaa9a785692f987296cb14523f negated the performance fix of commit 434d309ef6dbecbfd2b322d3a1da78aa5cb05fa8 (#24720). Meanwhile, the logging issue #26293 that it targeted was subsequently fixed more fully by commit 40b69607c751c4afa453edfd41d2ed155e58187e (#26504), so it is no longer needed. This effectively reverts it. This speeds up successful requests not ending with / when APPEND_SLASH is enabled (the default, and still useful in projects with a mix of URLs with and without trailing /). The amount of speedup varies from about 5% in a typical project to nearly 50% on a benchmark with many routes. Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2022-02-07	Refs #33476 -- Reformatted code with Black.	django-bot

2020-10-28	Made small readability improvements.	Martin Thoma

2020-10-22	Fixed #32124 -- Added per-view opt-out for APPEND_SLASH behavior.	Carlton Gibson

2020-09-14	Fixed #31789 -- Added a new headers interface to HttpResponse.	Tom Carrick

2019-03-30	Optimized CommonMiddleware's check for DISALLOWED_USER_AGENTS.	Brad
	Avoided getattribute + getitem for each DISALLOWED_USER_AGENTS.
2018-08-01	Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware.	Andreas Hug

2018-03-16	Fixed hanging indentation in various code.	Mariusz Felisiak

2017-11-11	Refs #26447 -- Removed outdated ETag comment in CommonMiddleware.	Tim Graham
	Follow up to 48d57788ee56811fa77cd37b9edf40535f82d87e.
2017-09-22	Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline.	Tim Graham

2017-03-04	Refs #27656 -- Updated remaining docstring verbs according to PEP 257.	Anton Samarchyan

2017-02-27	Imported django.http classes instead of django.http.	Asif Saifuddin Auvi

2017-01-30	Refs #23919 -- Assumed request COOKIES and META are str	Claude Paroz

2017-01-18	Refs #23919 -- Removed most of remaining six usage	Claude Paroz
	Thanks Tim Graham for the review.
2016-11-06	Fixed #26812 -- Fixed APPEND_SLASH on a URL including querystring with a ↵	Sven Engström
	trailing slash.
2016-10-10	Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ↵	Denis Cornehl
	ConditionalGetMiddleware.
2016-09-10	Fixed #27083 -- Added support for weak ETags.	Kevin Christopher Henry

2016-07-15	Fixed #26765 -- Made CommonMiddleware no longer set an ETag when response ↵	andrewnester
	has Cache-Control: no-store.
2016-06-27	Fixed #5897 -- Added the Content-Length response header in CommonMiddleware	Claude Paroz
	Thanks Tim Graham for the review.
2016-06-04	Removed an unused logger in middleware/common.py	Tim Graham

2016-05-17	Fixed #26601 -- Improved middleware per DEP 0005.	Florian Apolloner
	Thanks Tim Graham for polishing the patch, updating the tests, and writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-04-04	Fixed W503 flake8 warnings.	Tim Graham

2016-03-23	Fixed #26293 -- Fixed CommonMiddleware to process PREPEND_WWW and ↵	ieatkittens
	APPEND_SLASH independently.
2016-03-08	Fixed #25971 -- Made BrokenLinkEmailsMiddleware ignore APPEND_SLASH redirects.	harikrishnakanchi
	If APPEND_SLASH=True and the referer is the URL without a trailing '/', then BrokenLinkEmailsMiddleware shouldn't send an email.
2016-02-09	Fixed typo in django/middleware/common.py docstring.	Liam Brenner

2016-01-05	Fixed #26024 -- Fixed regression in ConditionalGetMiddleware ETag support.	Denis Cornehl
	Thanks Denis Cornehl for help with the patch.
2015-12-31	Fixed #26013 -- Moved django.core.urlresolvers to django.urls.	Marten Kenbeek
	Thanks to Tim Graham for the review.
2015-12-10	Fixed #25900 -- Fixed regression in CommonMiddleware ETag support.	Derek J. Curtis

2015-11-26	Fixed #25302 (again) -- Ignored scheme when checking for bad referers.	Aymeric Augustin
	The check introduced in 4ce433e was too strict in real life. The poorly implemented bots this patch attempted to ignore are sloppy when it comes to http vs. https.
2015-08-24	Fixed #25302 -- Prevented BrokenLinkEmailsMiddleware from reporting 404s ↵	Maxime Lorant
	when Referer = URL.
2015-08-15	Fixed #24935 -- Refactored common conditional GET handling.	Denis Cornehl

2015-07-31	Fixed #24720 -- Avoided resolving URLs that don't end in a slash twice in ↵	Jay Cox
	CommonMiddleware. This speeds up affected requests by about 5%.
2015-06-27	Fixed #25017 -- Allowed customizing the DISALLOWED_USER_AGENTS response	sujayskumar

2015-04-21	Fixed #24681 -- Removed Unicode bug in BrokenLinkEmailMiddleware	Oliver A Bristow

2015-03-26	Fixed #19910 -- Added slash to i18n redirect if APPEND_SLASH is set.	Bas Peschier
	This introduces a force_append_slash argument for request.get_full_path() which is used by RedirectFallbackMiddleware and CommonMiddleware when handling redirects for settings.APPEND_SLASH.
2015-03-18	Fixed #23960 -- Removed http.fix_location_header	Claude Paroz
	Thanks Carl Meyer for the report and Tim Graham for the review.
2015-02-06	Sorted imports with isort; refs #23860.	Tim Graham

2015-01-29	Fixed #24145 -- Added PUT & PATCH to CommonMiddleware APPEND_SLASH redirect ↵	Samuel Colvin
	error.
2014-11-04	Fixed #23531 -- Added CommonMiddleware.response_redirect_class.	Berker Peksag

2014-03-21	Removed settings.SEND_BROKEN_LINK_EMAILS per deprecation timeline.	Tim Graham

2014-03-08	Fixed #21188 -- Introduced subclasses for to-be-removed-in-django-XX warnings	Claude Paroz
	Thanks Anssi Kääriäinen for the idea and Simon Charette for the review.
2013-11-28	Fixed E125 pep8 warnings	Christopher Medrela

2013-10-15	Fixed #7603 -- Added a 'scheme' property to the HttpRequest object	Unai Zalakain
	`HttpRequest.scheme` is `https` if `settings.SECURE_PROXY_SSL_HEADER` is appropriately set and falls back to `HttpRequest._get_scheme()` (a hook for subclasses to implement) otherwise. `WSGIRequest._get_scheme()` makes use of the `wsgi.url_scheme` WSGI environ variable to determine the request scheme. `HttpRequest.is_secure()` simply checks if `HttpRequest.scheme` is `https`. This provides a way to check the current scheme in templates, for example. It also allows us to deal with other schemes. Thanks nslater for the suggestion.
2013-06-29	Advanced deprecation warnings for Django 1.7.	Aymeric Augustin

2013-05-26	Replaced `and...or...` constructs with PEP 308 conditional expressions.	Ramiro Morales

2013-05-25	Fixed #20099 -- Eased subclassing of BrokenLinkEmailsMiddleware	Claude Paroz
	Thanks Ram Rachum for the report and the initial patch, and Simon Charette for the review.
2013-05-18	Fixed #20356 -- Prevented crash when HTTP_REFERER contains non-ascii	Claude Paroz
	Thanks srusskih for the report and Aymeric Augustin for the review.