summaryrefslogtreecommitdiff
path: root/tests/middleware
Commit message (Collapse)AuthorAgeFilesLines
* Refs #33476 -- Applied Black's 2023 stable style.David Smith2023-02-011-2/+0
| | | | | | | | Black 23.1.0 is released which, as the first release of the year, introduces the 2023 stable style. This incorporates most of last year's preview style. https://github.com/psf/black/releases/tag/23.1.0
* Refs #34074 -- Used headers argument for RequestFactory and Client in docs ↵David Wobrock2023-01-041-5/+6
| | | | and tests.
* Fixed #33735 -- Added async support to StreamingHttpResponse.Carlton Gibson2022-12-221-0/+22
| | | | | Thanks to Florian Vazelle for initial exploratory work, and to Nick Pope and Mariusz Felisiak for review.
* Fixed #34170 -- Implemented Heal The Breach (HTB) in GzipMiddleware.Andreas Pelme2022-12-171-2/+38
|
* Updated documentation and comments for RFC updates.Nick Pope2022-11-101-1/+1
| | | | | | | | | | | | | | | - Updated references to RFC 1123 to RFC 5322 - Only partial as RFC 5322 sort of sub-references RFC 1123. - Updated references to RFC 2388 to RFC 7578 - Except RFC 2388 Section 5.3 which has no equivalent. - Updated references to RFC 2396 to RFC 3986 - Updated references to RFC 2616 to RFC 9110 - Updated references to RFC 3066 to RFC 5646 - Updated references to RFC 7230 to RFC 9112 - Updated references to RFC 7231 to RFC 9110 - Updated references to RFC 7232 to RFC 9110 - Updated references to RFC 7234 to RFC 9111 - Tidied up style of text when referring to RFC documents
* Avoided assignment followed by immediate return.Nick Pope2022-10-311-2/+1
| | | | | | | | Identified using the following command: $ pcre2grep --line-number --multiline --recursive \ "(?s)(\n +)(\w+) = [^\n]+\1return \2;?$" \ django docs extras js_tests scripts tests
* Fixed #33700 -- Skipped extra resolution for successful requests not ending ↵Anders Kaseorg2022-06-021-0/+10
| | | | | | | | | | | | | | | | | | | with /. By moving a should_redirect_with_slash call out of an if block, commit 9390da7fb6e251eaa9a785692f987296cb14523f negated the performance fix of commit 434d309ef6dbecbfd2b322d3a1da78aa5cb05fa8 (#24720). Meanwhile, the logging issue #26293 that it targeted was subsequently fixed more fully by commit 40b69607c751c4afa453edfd41d2ed155e58187e (#26504), so it is no longer needed. This effectively reverts it. This speeds up successful requests not ending with / when APPEND_SLASH is enabled (the default, and still useful in projects with a mix of URLs with and without trailing /). The amount of speedup varies from about 5% in a typical project to nearly 50% on a benchmark with many routes. Signed-off-by: Anders Kaseorg <andersk@mit.edu>
* Refs #33476 -- Refactored code to strictly match 88 characters line length.Mariusz Felisiak2022-02-071-4/+6
|
* Refs #33476 -- Reformatted code with Black.django-bot2022-02-076-285/+362
|
* Fixed 32956 -- Lowercased spelling of "web" and "web framework" where ↵David Smith2021-07-291-4/+4
| | | | appropriate.
* Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting.Tim Graham2021-04-301-28/+0
|
* Fixed #31840 -- Added support for Cross-Origin Opener Policy header.bankc2021-03-301-0/+39
| | | | | | Thanks Adam Johnson and Tim Graham for the reviews. Co-authored-by: Tim Graham <timograham@gmail.com>
* Fixed #32124 -- Added per-view opt-out for APPEND_SLASH behavior.Carlton Gibson2020-10-223-0/+28
|
* Fixed #31789 -- Added a new headers interface to HttpResponse.Tom Carrick2020-09-142-43/+70
|
* Refs #26601 -- Deprecated passing None as get_response arg to middleware ↵Claude Paroz2020-02-182-219/+301
| | | | | | | | | classes. This is the new contract since middleware refactoring in Django 1.10. Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es> Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
* Fixed #30812 -- Made ConditionalGetMiddleware set ETag only for responses ↵Viktor Lomakin2019-10-101-0/+6
| | | | with non-empty content.
* Fixed #29406 -- Added support for Referrer-Policy header.Nick Pope2019-09-091-0/+33
| | | | Thanks to James Bennett for the initial implementation.
* Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY.Claude Paroz2019-09-091-2/+2
|
* Fixed #30604 -- Made mail_admins()/mail_managers() raise ValueError if ↵Hasan Ramezani2019-07-021-1/+1
| | | | ADMINS/MANAGERS is set incorrectly.
* Corrected settings names in SecurityMiddleware tests.Nick Pope2019-03-201-33/+26
|
* Removed default empty content argument from HttpResponse calls.Jon Dufresne2019-02-091-1/+1
|
* Updated test URL patterns to use path() and re_path().Tim Graham2018-12-313-11/+11
|
* Made reused RequestFactory instances class attributes.Simon Charette2018-11-271-4/+6
|
* Capitalized SecurityMiddleware headers for consistency with other headers.Artur Juraszek2018-10-301-32/+32
| | | | (No behavior change since HTTP headers are case insensitive.)
* Fixed CVE-2018-14574 -- Fixed open redirect possibility in CommonMiddleware.Andreas Hug2018-08-012-0/+21
|
* Fixed hanging indentation in various code.Mariusz Felisiak2018-03-161-1/+2
|
* Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline.Tim Graham2017-09-221-57/+1
|
* Refs #23919 -- Removed default 'utf-8' argument for str.encode()/decode().Tim Graham2017-02-091-1/+1
|
* Refs #23919 -- Replaced kwargs.pop() with keyword-only arguments.Vytis Banaitis2017-02-011-10/+10
|
* Refs #23919 -- Replaced super(ClassName, self) with super().chillaranand2017-01-251-1/+1
|
* Refs #23919 -- Removed unneeded force_str callsClaude Paroz2017-01-201-2/+1
|
* Refs #23919 -- Removed most of remaining six usageClaude Paroz2017-01-181-4/+5
| | | | Thanks Tim Graham for the review.
* Refs #23919 -- Removed six.PY2/PY3 usageClaude Paroz2017-01-181-19/+0
| | | | Thanks Tim Graham for the review.
* Refs #23919 -- Removed encoding preambles and future importsClaude Paroz2017-01-181-3/+0
|
* Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings.za2016-11-101-2/+2
|
* Fixed #26812 -- Fixed APPEND_SLASH on a URL including querystring with a ↵Sven Engström2016-11-061-0/+12
| | | | trailing slash.
* Fixed #27346 -- Stopped setting the Content-Length header in ↵Adam Malinowski2016-11-051-24/+0
| | | | ConditionalGetMiddleware.
* Fixed #27344 -- Made ConditionalGetMiddleware only process GET requests.Kevin Christopher Henry2016-10-171-0/+25
|
* Fixed #27345 -- Stopped setting the Date header in ConditionalGetMiddleware.Tim Graham2016-10-141-7/+0
|
* Refs #19705 -- Changed gzip modification times to 0.Kevin Christopher Henry2016-10-141-0/+20
| | | | | This makes gzip output deterministic, which allows ConditionalGetMiddleware to reliably compare ETags on gzipped content (views using the gzip_page() decorator in particular).
* Refs #19705 -- Made GZipMiddleware make ETags weak.Kevin Christopher Henry2016-10-131-13/+30
| | | | | Django's conditional request processing can now produce 304 Not Modified responses for content that is subject to compression.
* Fixed #19705 -- Set proper headers on conditional Not Modified responses.Kevin Christopher Henry2016-10-121-0/+22
|
* Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ↵Denis Cornehl2016-10-101-1/+35
| | | | ConditionalGetMiddleware.
* Fixed #27083 -- Added support for weak ETags.Kevin Christopher Henry2016-09-101-5/+0
|
* Fixed #26947 -- Added an option to enable the HSTS header preload directive.Ed Morley2016-08-101-0/+31
|
* Fixed docs to refer to HSTS includeSubdomains as a directive.Ed Morley2016-08-081-2/+2
| | | | | The spec refers to it as a 'directive' rather than a 'tag': https://tools.ietf.org/html/rfc6797#section-6.1.2
* Fixed a typo in tests/middleware/test_security.pyTim Graham2016-07-281-1/+1
|
* Fixed #26765 -- Made CommonMiddleware no longer set an ETag when response ↵andrewnester2016-07-151-0/+14
| | | | has Cache-Control: no-store.
* Fixed #5897 -- Added the Content-Length response header in CommonMiddlewareClaude Paroz2016-06-271-0/+24
| | | | Thanks Tim Graham for the review.
* Fixed #26747 -- Used more specific assertions in the Django test suite.Jon Dufresne2016-06-162-9/+9
|
View Lorry Controller Status