Hopiu/django-downloadview
1
0
Fork 0
mirror of https://github.com/jazzband/django-downloadview.git synced 2026-03-16 22:40:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
django-downloadview/django_downloadview
History
Peter Marheine 0568c3c559 Prevent reflected file downloads on specially-named files 
This fixes #196, where it was observed that django_downloadview
was vulnerable to reflected file download attacks with
specially-named files, similar to CVE-2022-36359 in Django.
This change adopts the same replacement rules as used in Django's fix
in commit b3e4494d759202a3b6bf247fd34455bf13be5b80.
2024-08-01 06:24:00 +00:00
..
apache Use python3 super and remove useless method re-definitions 2023-09-26 11:26:43 +02:00
lighttpd Add isort support. 2020-01-07 15:19:22 +01:00
nginx Merge pull request #206 from sevdog/upgrade-middleware-doc 2024-07-30 22:07:22 +10:00
views Use python3 super and remove useless method re-definitions 2023-09-26 11:26:43 +02:00
__init__.py Replace use of pkg_resources (setuptools) 2024-07-31 11:41:25 +00:00
api.py Add isort config. 2020-01-07 15:51:55 +01:00
decorators.py Fix missing function parameter 2020-01-13 17:23:54 +02:00
exceptions.py Remove support for Python 2.7 2020-01-07 15:01:26 +01:00
files.py Use python3 super and remove useless method re-definitions 2023-09-26 11:26:43 +02:00
io.py Update compatibility for Django 4.0 2021-12-23 13:05:46 +11:00
middlewares.py Use hasattr to check if any of required attribute is present 2024-07-31 16:18:20 +02:00
response.py Prevent reflected file downloads on specially-named files 2024-08-01 06:24:00 +00:00
shortcuts.py Add black support. 2020-01-07 15:12:51 +01:00
storage.py Use python3 super and remove useless method re-definitions 2023-09-26 11:26:43 +02:00
test.py Use python3 super and remove useless method re-definitions 2023-09-26 11:26:43 +02:00
utils.py Add isort support. 2020-01-07 15:19:22 +01:00