summaryrefslogtreecommitdiff
path: root/tests/utils_tests/test_text.py
AgeCommit message (Collapse)Author
2026-03-09Fixed #36293 -- Avoided buffering streaming responses in GZipMiddleware.farhan
This avoids latency and/or blocking. The example of streaming a CSV file was rewritten to employ batching for greater efficiency in all layers (db, HTTP, etc.). The improved performance from batching should outweigh the drag introduced by an additional byte for each flush. Co-authored-by: huoyinghui <huoyinghui@users.noreply.github.com>
2026-02-25Fixed #36944 -- Removed MAX_LENGTH_HTML and related 5M chars limit ↵Natalia
references from HTML truncation docs.
2026-02-03Fixed CVE-2026-1285 -- Mitigated potential DoS in ↵Natalia
django.utils.text.Truncator for HTML input. The `TruncateHTMLParser` used `deque.remove()` to remove tags from the stack when processing end tags. With crafted input containing many unmatched end tags, this caused repeated full scans of the tag stack, leading to quadratic time complexity. The fix uses LIFO semantics, only removing a tag from the stack when it matches the most recently opened tag. This avoids linear scans for unmatched end tags and reduces complexity to linear time. Refs #30686 and 6ee37ada3241ed263d8d1c2901b030d964cbd161. Thanks Seokchan Yoon for the report, and Jake Howard and Jacob Walls for reviews.
2025-03-01Applied Black's 2025 stable style.Mariusz Felisiak
https://github.com/psf/black/releases/tag/25.1.0
2024-03-04Refs CVE-2024-27351 -- Forwardported release notes and tests.Shai Berger
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2024-02-07Fixed #30686 -- Used Python HTMLParser in utils.text.Truncator.David Smith
2024-02-07Refs #30686 -- Fixed text truncation for negative or zero lengths.David Smith
2024-02-06Refs #30686 -- Improved test coverage of Truncator.David Smith
2023-10-04Fixed CVE-2023-43665 -- Mitigated potential DoS in ↵Natalia
django.utils.text.Truncator when truncating HTML text. Thanks Wenchao Li of Alibaba Group for the report.
2023-08-22Removed unnecessary trailing commas in tests.konsti
2022-02-07Refs #33476 -- Refactored code to strictly match 88 characters line length.Mariusz Felisiak
2022-02-07Refs #33476 -- Reformatted code with Black.django-bot
2021-12-14Fixed unescape_string_literal() crash on empty strings.Florian Apolloner
2021-12-14Added test for ValueErrors in unescape_string_literal().Florian Apolloner
2021-05-04Fixed CVE-2021-31542 -- Tightened path & file name sanitation in file uploads.Florian Apolloner
2021-01-14Refs #27753 -- Removed django.utils.text.unescape_entities() per deprecation ↵Mariusz Felisiak
timeline.
2020-06-04Refs #27804 -- Used subTest() in tests.utils_tests.test_text.Jon Dufresne
2020-05-29Fixed #28694 -- Made django.utils.text.slugify() strip dashes and underscores.David Smith
2020-05-29Added more tests for slugify().David Smith
2020-04-20Capitalized Unicode in docs, strings, and comments.Jon Dufresne
2019-12-30Fixed #30892 -- Fixed slugify() and admin's URLify.js for "İ".Sjbrgsn
Thanks Luis Nell for the implementation idea and very detailed report. Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-10-29Used more specific unittest assertions in tests.Nick Pope
* assertIsNone()/assertIsNotNone() instead of comparing to None. * assertLess() for < comparisons. * assertIs() for 'is' expressions. * assertIsInstance() for isinstance() expressions. * rounding of assertAlmostEqual() for round() expressions. * assertIs(..., True/False) instead of comparing to True/False. * assertIs()/assertIsNot() for ==/!= comparisons. * assertNotEqual() for == comparisons. * assertTrue()/assertFalse() instead of comparing to True/False.
2019-08-01Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when ↵Florian Apolloner
truncating HTML. Thanks to Guido Vranken for initial report.
2019-06-28Fixed #30400 -- Improved typography of user facing strings.Jon Dufresne
Thanks Claude Paroz for assistance with translations.
2019-05-08Refs #27753 -- Deprecated django.utils.text.unescape_entities().Jon Dufresne
The function was undocumented and only required for compatibility with Python 2. Code should use Python's html.unescape() that was added in Python 3.4.
2019-01-23Completed test coverage for utils.text._replace_entity().Hasan Ramezani
2019-01-19Completed test coverage for utils.text.Truncator.chars().Hasan Ramezani
2018-08-21Fixed #29654 -- Made text truncation an ellipsis character instead of three ↵Claude Paroz
dots. Thanks Sudhanshu Mishra for the initial patch and Tim Graham for the review.
2018-07-20Fixed #29412 -- Stopped marking slugify() result as HTML safe.Claude Paroz
2018-03-06Fixed CVE-2018-7537 -- Fixed catastrophic backtracking in ↵Tim Graham
django.utils.text.Truncator. Thanks James Davis for suggesting the fix.
2017-04-04Updated tests after French translation updateClaude Paroz
2017-03-04Refs #27795 -- Removed unneeded force_text callsClaude Paroz
Thanks Tim Graham for the review.
2017-02-09Refs #23919 -- Removed default 'utf-8' argument for str.encode()/decode().Tim Graham
2017-02-07Converted usage of ugettext* functions to their gettext* aliasesClaude Paroz
Thanks Tim Graham for the review.
2017-01-18Refs #23919 -- Removed six.<various>_types usageClaude Paroz
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18Refs #23919 -- Removed encoding preambles and future importsClaude Paroz
2016-11-10Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings.za
2016-08-24Fixed #26866 -- Added format_lazy functionMattias Loverot
Added format_lazy function to django.utils.text module. Useful when dealing with relative complex lazy string concatenations (e.g. in urls.py when translating urls in regular expressions).
2016-04-08Fixed E128 flake8 warnings in tests/.Tim Graham
2015-12-12Fixed #20223 -- Added keep_lazy() as a replacement for allow_lazy().Iacopo Spalletti
Thanks to bmispelon and uruz for the initial patch.
2015-07-17Fixed #16501 -- Added an allow_unicode parameter to SlugField.Edward Henderson
Thanks Flavio Curella and Berker Peksag for the initial patch.
2015-02-04Fixed #24242 -- Improved efficiency of utils.text.compress_sequence()Matthew Somerville
The function no longer flushes zfile after each write as doing so can lead to the gzipped streamed content being larger than the original content; each flush adds a 5/6 byte type 0 block. Removing this means buf.read() may return nothing, so only yield if that has some data. Testing shows without the flush() the buffer is being flushed every 17k or so and compresses the same as if it had been done as a whole string.
2015-01-17Removed utils.text.javascript_quote() per deprecation timeline; refs #21725.Tim Graham
2014-12-30Applied ignore_warnings to Django testsClaude Paroz
2014-12-06Refs #23947 -- Worked around a bug in Python that prevents deprecation ↵Diego Guimarães
warnings from appearing in tests.
2014-09-23Consolidated some text utils into the utils_tests test package.Loic Bistuer
2014-03-08Fixed #21188 -- Introduced subclasses for to-be-removed-in-django-XX warningsClaude Paroz
Thanks Anssi Kääriäinen for the idea and Simon Charette for the review.
2014-03-05Really hidden warnings in javascript_quote testsClaude Paroz
Refs #21725.
2014-02-22Deprecated django.utils.text.javascript_quote.Baptiste Mispelon
Refs #21725.
2014-02-22Fixed test failures when running in a narrow Python build.Baptiste Mispelon
generated by cgit v1.3 (git 2.53.0) at 2026-05-02 06:32:48 +0000