summaryrefslogtreecommitdiff
path: root/django/utils/http.py
AgeCommit message (Expand)Author
2017-05-10[1.11.x] Fixed #28142 -- Fixed is_safe_url() crash on invalid IPv6 URLs.UmanShahzad
2017-04-04[1.11.x] Fixed #27912, CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs.Tim Graham
2017-01-19[1.11.x] Fixed django/utils/http.py comment typo.Tim Graham
2016-09-10Fixed #27083 -- Added support for weak ETags.Kevin Christopher Henry
2016-09-07Refs #26956 -- Allowed is_safe_url() to validate against multiple hostsJon Dufresne
2016-08-19Fixed #26902 -- Allowed is_safe_url() to require an https URL.Przemysław Suliga
2016-05-12Fixed #21231 -- Enforced a max size for GET/POST values read into memory.Andre Cruz
2016-05-03Fixed #26567 -- Updated references to obsolete RFC2616.Vasiliy Faronov
2016-04-06Removed unused django.utils.http.PROTOCOL_TO_PORT.Tim Graham
2016-03-04Added safety to URL decoding in is_safe_url() on Python 2Claude Paroz
2016-03-04Fixed #26308 -- Prevented crash with binary URLs in is_safe_url()Claude Paroz
2016-03-01Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.Mark Striemer
2016-01-05Fixed #26024 -- Fixed regression in ConditionalGetMiddleware ETag support.Denis Cornehl
2015-12-12Fixed #20223 -- Added keep_lazy() as a replacement for allow_lazy().Iacopo Spalletti
2015-09-16Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN.Matt Robenolt
2015-03-18Made is_safe_url() reject URLs that start with control characters.Tim Graham
2015-02-12Fixed #24321 -- Improved `utils.http.same_origin` compliance with RFC6454Lukas Klein
2015-02-06Sorted imports with isort; refs #23860.Tim Graham
2015-01-13Fixed is_safe_url() to handle leading whitespace.Tim Graham
2014-09-08Fixed #23399 -- Optimized django.utils.http.int_to_bas36()Tim Graham
2014-08-22Fixed #23333 -- Made urlsafe_base64_decode() return proper type on Python 3.Ian Foote
2014-07-09Fixed #22223 -- Prevented over-escaping URLs in reverse()Claude Paroz
2014-05-14typo: urlaprse -> urlparseCollin Anderson
2014-05-14Added additional checks in is_safe_url to account for flexible parsing.Erik Romijn
2013-11-02Correct flake8 E302 violationsRay Ashman Jr
2013-11-02Correct flake8 violation E261Ray Ashman Jr
2013-10-26Fixed up some more flake8 violations (this particular violation still has man...Alex Gaynor
2013-10-21Fixed #21288 -- Fixed E126 pep8 warningsAlasdair Nicol
2013-09-22Removed a few trailing backslashes.Aymeric Augustin
2013-09-05Took advantage of django.utils.six.moves.urllib.*.Aymeric Augustin
2013-09-02Replaced "not PY3" by "PY2", new in six 1.4.0.Aymeric Augustin
2013-08-13Fixed is_safe_url() to reject URLs that use a scheme other than HTTP/S.Jacob Kaplan-Moss
2013-08-07Use `usegmt` flag in formatdateDavid Evans
2013-06-26Fixed #14881 -- Modified password reset to work with a non-integer UserModel.pk.Tim Graham
2013-05-19Fix a typo in a comment.Marc Tamlyn
2013-05-18Fixed #20411 -- Don't let invalid referers blow up CSRF same origin checks.Florian Apolloner
2013-03-28Fixed spelling errorsGavin Wahl
2013-03-19Fixed #18003 -- Preserved tracebacks when re-raising errors.konarkmodi
2012-12-10Fixed #18856 -- Ensured that redirects can't be poisoned by malicious users.Florian Apolloner
2012-09-26Fixed parse_http_date docstring and moved related testsClaude Paroz
2012-08-30Replaced some smart_xxx by force_xxx equivalentClaude Paroz
2012-08-14[py3] Fixed conditional_processing testsClaude Paroz
2012-08-07[py3] Ported django.utils.encoding.Aymeric Augustin
2012-08-03[py3] Removed uses of sys.maxint under Python 3.Aymeric Augustin
2012-07-22[py3] Updated urllib/urllib2/urlparse imports.Aymeric Augustin
2012-07-22[py3] Replaced unicode/str by six.text_type/bytes.Aymeric Augustin
2012-06-14Fixed #12140 -- Fixed http.urlencode result for empty listsClaude Paroz
2012-03-30Removed some Python < 2.6 compatibility code. Refs #17965.Aymeric Augustin
2012-02-16Use Python's changed comparisons, which makes this a bit more readable.Alex Gaynor
2012-02-16Fixed #17693. Input validation and tests for base36 conversion utils. Thanks ...Paul McMillan
generated by cgit v1.3 (git 2.53.0) at 2026-05-02 07:55:30 +0000