Hopiu/django-downloadview
1
0
Fork 0
mirror of https://github.com/jazzband/django-downloadview.git synced 2026-03-16 22:40:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
368 commits 4 branches 18 tags 910 KiB
Commit graph

8 commits

Author SHA1 Message Date
Rémy HUBSCHER
711b2e50b5
Run pre-commit on all files 2024-08-05 10:53:19 +02:00
Peter Marheine
0568c3c559 Prevent reflected file downloads on specially-named files 
This fixes #196, where it was observed that django_downloadview
was vulnerable to reflected file download attacks with
specially-named files, similar to CVE-2022-36359 in Django.
This change adopts the same replacement rules as used in Django's fix
in commit b3e4494d759202a3b6bf247fd34455bf13be5b80.
 2024-08-01 06:24:00 +00:00
Rémy HUBSCHER
6cd9ec3dd0
Fix test. 2020-09-18 10:50:26 +02:00
Rémy HUBSCHER
af30524bd2
Remove u'' in front of strings. 2020-01-07 15:21:34 +01:00
Rémy HUBSCHER
b094ed6cec
Add black support. 2020-01-07 15:12:51 +01:00
Rémy HUBSCHER
b893e52eba
Remove support for Python 2.7 2020-01-07 15:01:26 +01:00
Benoît Bryon
5fa0a6caea Psycho-rebased branch 87-double-quoted-filename on top of master 2015-06-13 00:57:44 +02:00
Benoît Bryon
c54131db6e Refs #98 - Moved tests outside django-downloadview package, i.e. in tests/ folder at project root. 2015-06-12 15:42:50 +02:00
Renamed from django_downloadview/tests/response.py (Browse further)