Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/django/http/request.py
Commit message (Collapse)AuthorAgeFilesLines
* Fixed #24496 -- Added CSRF Referer checking against ↵Matt Robenolt2015-09-161-9/+2
| | | | | | | CSRF_COOKIE_DOMAIN. Thanks Seth Gottlieb for help with the documentation and Carl Meyer and Joshua Kehn for reviews.
* Fixed #25099 -- Fixed crash in AdminEmailHandler on ↵Vlastimil Zíma2015-09-041-2/+21
| | | | DisallowedHost.
* Fixed #25331 -- Removed trailing blank lines in docstrings.Maxime Lorant2015-08-311-2/+0
|
* Fixed #25211 -- Added HttpRequest.get_port() and ↵Matt Robenolt2015-08-041-1/+9
| | | | USE_X_FORWARDED_PORT setting.
* Fixed #25099 -- Cleaned up HttpRequest representations ↵Vlastimil Zíma2015-07-141-47/+0
| | | | in error reporting.
* Removed unnecessary arguments in .get method callsPiotr Jakimiak2015-05-131-1/+1
|
* Fixed #19910 -- Added slash to i18n redirect if ↵Bas Peschier2015-03-261-2/+3
| | | | | | | | APPEND_SLASH is set. This introduces a force_append_slash argument for request.get_full_path() which is used by RedirectFallbackMiddleware and CommonMiddleware when handling redirects for settings.APPEND_SLASH.
* Fixed #24463 -- Removed mod_python functionality from ↵Rik2015-03-111-5/+5
| | | | HttpRequest._get_scheme()
* Sorted imports with isort; refs #23860.Tim Graham2015-02-061-4/+5
|
* Fixed #23968 -- Replaced list comprehension with ↵Jon Dufresne2014-12-081-2/+2
| | | | generators and dict comprehension
* Removed unused variable ↵Matt Robenolt2014-11-241-1/+0
| | | | django.http.request.absolute_http_url_re
* Fixed #12098 -- Simplified HttpRequest.__repr__().Berker Peksag2014-11-201-1/+5
|
* Fixed #18456 -- Added path escaping to ↵Unai Zalakain2014-11-031-2/+4
| | | | HttpRequest.get_full_path().
* Limited lines to 119 characters in django/Tim Graham2014-09-051-2/+7
| | | | refs #23395.
* Fixed #22996 -- Prevented crash with unencoded query stringClaude Paroz2014-08-191-3/+11
| | | | | Thanks Jorge Carleitao for the report and Aymeric Augustin, Tim Graham for the reviews.
* Added a space before explanation of "Invalid HTTP_HOST ↵Daniel Hahler2014-07-061-2/+2
| | | | header: ..."
* Fixed #22799 -- Made GET and POST on HttpRequest ↵Duncan Parkes2014-06-251-1/+6
| | | | | | | | | | | | | | | QueryDicts, and FILES a MultiValueDict. Previously, GET, POST, and FILES on an HttpRequest were created in the __init__ method as dictionaries. This was not something you would usually notice causing trouble in production as you'd only see a WSGIRequest, but in testing using the test client, calling .getlist on GET, POST, or FILES for a request with no get/post data resulted in an AttributeError. Changed GET and POST on an HttpRequest object to be mutable QueryDicts (mutable because the Django tests, and probably many third party tests, were expecting it).
* Fixed #22897 -- Made QueryDict query_string argument ↵Duncan Parkes2014-06-251-1/+1
| | | | | | optional. Now QueryDict() is equivalent to QueryDict('') or QueryDict(None).
* Improved documentation for QueryDict.Duncan Parkes2014-06-251-3/+10
|
* Fixed #22680 -- I/O operation on closed file.Florian Apolloner2014-06-111-0/+6
| | | | | | | This patch is two-fold; first it ensure that Django does close everything in request.FILES at the end of the request and secondly the storage system should no longer close any files during save, it's up to the caller to handle that -- or let Django close the files at the end of the request.
* Fixed #18314 -- Corrected request.build_absolute_uri() ↵Unai Zalakain2014-06-071-8/+19
| | | | | | | | | | | handling of paths starting with // ``HttpRequest.build_absolute_uri()`` now correctly handles paths starting with ``//``. ``WSGIRequest`` now doesn't remove all the leading slashes either, because ``http://test/server`` and http://test//server`` aren't the same thing (RFC2396). Thanks to SmileyChris for the initial patch.
* Fix many many typos in comments throughout the codebaseAlex Gaynor2014-04-261-2/+2
|
* Replaced urllib/urlparse imports with from ↵Tim Graham2014-03-311-5/+1
| | | | django.utils.six.moves.
* Fixed E125 pep8 warningsChristopher Medrela2013-11-281-1/+1
|
* Fixed #21447 -- Restored code erroneously removed in ↵Baptiste Mispelon2013-11-161-1/+1
| | | | | | | | | | | 20472aa827669d2b83b74e521504e88e18d086a1. Also added some tests for HttpRequest.__repr__. Note that the added tests don't actually catch the accidental code removal (see ticket) but they do cover a codepath that wasn't tested before. Thanks to Tom Christie for the report and the original patch.
* Fixed all E261 warningscoagulant2013-11-021-7/+7
|
* Fixed #20338 -- Stripped ending dot during host validationClaude Paroz2013-10-241-0/+2
| | | | Thanks manfre for the report and Timo Graham for the review.
* Fixed #21287 -- Fixed E123 pep8 warningsAlasdair Nicol2013-10-181-2/+2
|
* Fixed #7603 -- Added a 'scheme' property to the ↵Unai Zalakain2013-10-151-8/+11
| | | | | | | | | | | | | | | | | | | HttpRequest object `HttpRequest.scheme` is `https` if `settings.SECURE_PROXY_SSL_HEADER` is appropriately set and falls back to `HttpRequest._get_scheme()` (a hook for subclasses to implement) otherwise. `WSGIRequest._get_scheme()` makes use of the `wsgi.url_scheme` WSGI environ variable to determine the request scheme. `HttpRequest.is_secure()` simply checks if `HttpRequest.scheme` is `https`. This provides a way to check the current scheme in templates, for example. It also allows us to deal with other schemes. Thanks nslater for the suggestion.
* Fixed #16822 -- Added RawPostDataExceptionTim Graham2013-10-081-1/+10
| | | | Thanks jaylett for the patch.
* Fixed #21189: Cleaned up usage of bare except clauses.Baptiste Mispelon2013-10-051-3/+3
| | | | | Thanks to berkerpeksag for the report and to claudep for the review.
* Fixed #19987 -- Disabled host validation when DEBUG=True.Will Hardy2013-07-311-2/+7
| | | | | | | | | | | The documentation promises that host validation is disabled when DEBUG=True, that all hostnames are accepted. Domains not compliant with RFC 1034/1035 were however being validated, this validation has now been removed when DEBUG=True. Additionally, when DEBUG=False a more detailed SuspiciousOperation exception message is provided when host validation fails because the hostname is not RFC 1034/1035 compliant.
* Removed most of absolute_import importsClaude Paroz2013-07-291-1/+1
| | | | | Should be unneeded with Python 2.7 and up. Added some unicode_literals along the way.
* Fixed missing initializations in WSGIRequest. Refs #20619Loic Bistuer2013-06-261-0/+4
|
* Fixed #18481 -- Wrapped request.FILES read error in ↵Claude Paroz2013-06-011-2/+8
| | | | | | | UnreadablePostError Thanks KyleMac for the report, André Cruz for the initial patch and Hiroki Kiyohara for the tests.
* Fixed #19866 -- Added security logger and return 400 for ↵Preston Holmes2013-05-261-2/+2
| | | | | | | | | | | | SuspiciousOperation. SuspiciousOperations have been differentiated into subclasses, and are now logged to a 'django.security.*' logger. SuspiciousOperations that reach django.core.handlers.base.BaseHandler will now return a 400 instead of a 500. Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft for review.
* Fixed #20038 -- Better error message for host validation.Baptiste Mispelon2013-04-031-21/+33
|
* Fixed #20019 -- Ensured HttpRequest.resolver_match ↵Aymeric Augustin2013-03-101-0/+1
| | | | | | always exists. Obviously it isn't set until the URL is resolved.
* Added a new required ALLOWED_HOSTS setting for HTTP host ↵Carl Meyer2013-02-191-5/+48
| | | | | | header validation. This is a security fix; disclosure and advisory coming shortly.
* Removed HttpRequest.raw_post_data.Aymeric Augustin2012-12-291-5/+0
|
* Fixed a security issue in get_host.Florian Apolloner2012-12-101-1/+2
| | | | Full disclosure and new release forthcoming.
* Fixed #19101 -- Decoding of non-ASCII POST data on Python 3.Aymeric Augustin2012-11-031-0/+3
| | | | Thanks Claude Paroz.
* Cleaned up the the http module. Moved all of the code ↵Alex Gaynor2012-10-211-0/+453
from __init__.py to request.py, response.py and utils.py