dinislage/web2py
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,918 Commits 18 Branches 72 Tags
116a7ff006be84df97a58f529e086122e84b4ecc
Commit Graph

4858 Commits

Author SHA1 Message Date
mdipierro
4bb261ec15 fixed py3 import 2016-08-01 04:41:51 -05:00
mdipierro
cf12fea68b fixed more imports 2016-08-01 04:26:46 -05:00
mdipierro
68375a4ea7 removed training comma 2016-08-01 04:18:06 -05:00
mdipierro
92a03f397d fixed another _compat import 2016-08-01 04:16:29 -05:00
mdipierro
eebf406d97 fixed import error 2016-08-01 04:13:32 -05:00
mdipierro
cc1ff02079 only one portalocker 2016-08-01 03:46:51 -05:00
mdipierro
35eaba1096 removed duplicated code, using pydal's _compat.py 2016-08-01 03:39:22 -05:00
mdipierro
4519985dc2 fixed indentation in webclient, issue #1396 2016-07-29 08:53:56 -05:00
mdipierro
ab93b74b85 Merge branch 'master' of github.com:web2py/web2py 2016-07-29 08:50:53 -05:00
mdipierro
6be3977fa7 fixed issue #1409, py2 vs py3 2016-07-29 08:50:28 -05:00
mdipierro
fe7a049a0f Merge pull request #1359 from oscarfonts/grid-HTMLExporter-maxtextlength 
Don't truncate texts on SQLFORM.grid HTML Export
 2016-07-29 08:33:25 -05:00
mdipierro
a6b96ba85b minor change to fabfile 2016-07-29 07:12:29 -05:00
niphlod
3bc6769e28 fixes #1406 2016-07-28 21:36:43 +02:00
mdipierro
e0d45a3edf Merge pull request #1398 from niphlod/fix/redis_scheduler 
feature parity (cron recurrence) with scheduler
 2016-07-25 12:50:42 -05:00
niphlod
cae10a68c0 fixed most of py3 warnings, output is much cleaner this way 2016-07-18 23:45:28 +02:00
niphlod
a0720ce01e feature parity (cron recurrence) with scheduler 2016-07-18 21:36:56 +02:00
mdipierro
7aa617a68f fixed regex (test) 2016-07-17 15:12:04 -05:00
mdipierro
665e14186e fixed issue with sessions in db on GAE 2016-07-17 04:18:56 -05:00
mdipierro
b6fc1b0809 Merge branch 'master' of github.com:web2py/web2py 2016-07-16 10:23:37 -05:00
mdipierro
fe04923d28 Merge pull request #1392 from ilvalle/py3_fixes_7 
Py3 fixes
 2016-07-16 03:01:16 -05:00
ilvalle
73399fdee6 fix py3 html 2016-07-15 20:35:54 +02:00
ilvalle
f9927f4f3d fix local import for contrib modules 2016-07-15 20:34:27 +02:00
mdipierro
4a3ccfdeab fixed issue #1362, == in args 2016-07-11 03:20:38 -05:00
mdipierro
64df136e69 minor import fix 2016-07-11 03:15:31 -05:00
mdipierro
350dc4ed8b partially addressed scheduler in widget 2016-07-11 03:03:55 -05:00
mdipierro
ccd807503a Merge pull request #1387 from ilvalle/appveyor_py35 
enabled py35 unittests on win
 2016-07-07 01:48:38 -05:00
mdipierro
d067897cef json(indent=...) parameter 2016-07-07 01:47:59 -05:00
ilvalle
967b2e27a7 added global_settings.is_py2 2016-07-06 17:25:26 +02:00
mdipierro
d2aa83c8a7 Merge branch 'master' of github.com:web2py/web2py 2016-07-05 08:35:58 -05:00
mdipierro
c5bd7ca25d look for dal in packages by default 2016-07-05 08:35:42 -05:00
ilvalle
61c9b7991e py35 fix cacheOnDisk on win 2016-07-04 20:30:50 +02:00
Jason Bohrer
0c4d254a9c Changed tuple to list 
The comparison between parts[1:3] and ('', host) would return false because a list and a tuple were being compared.
 2016-07-01 13:26:23 -04:00
mdipierro
d9c2f778ee fixed auth next open redirect 2016-07-01 02:22:15 -05:00
mdipierro
409cfda1f6 Merge pull request #1382 from apa-1/master 
Fix next redirect if only one / exists
 2016-07-01 02:00:58 -05:00
mdipierro
229da5847b Merge pull request #1381 from niphlod/fix/1363 
corner case - fixes #1363
 2016-07-01 02:00:18 -05:00
mdipierro
67b27f4daf removed webshell 2016-07-01 01:59:12 -05:00
mdipierro
9837aae642 Merge pull request #1378 from niphlod/fix/1331 
fixes #1331 (just rocket, really)
 2016-07-01 01:56:56 -05:00
mdipierro
5413b95320 Merge pull request #1377 from niphlod/fix/1347 
fixes #1347
 2016-07-01 01:56:37 -05:00
mdipierro
5d13e56dc5 Merge pull request #1376 from niphlod/fix/1354 
fixes #1354
 2016-07-01 01:56:21 -05:00
mdipierro
5a5c2b500a Merge pull request #1375 from niphlod/fix/1355 
fixes #1355
 2016-07-01 01:56:02 -05:00
Th3R3p0
d95acb6897 Fixed open redirect security vulnerability. The previous filter searched for two forward slashes "//" in the "_next” parameter and if the two forward slashes were found it would check the URI and determine if the hostname matched the hostname of the web server. If not, it would change the next variable to the None. However, browsers don't require two forward slashes. As a feature, browsers accept typos such as http:google.com or http:/google.com and redirect to http://google.com. This can be used to leverage an open redirect attack even with the current filter. This commit fixes the open redirect vulnerability in the _next get parameter. Thanks to jnbrex for helping debug/write the patch for this vulnerability. 2016-06-30 17:24:47 -04:00
Alex Artigues
f87c3e260c Fix next redirect if only one / exists 2016-06-29 20:54:13 -04:00
niphlod
9c8db3f65a corner case - fixes #1363 2016-06-28 23:52:28 +02:00
niphlod
0708dd36e7 fixes #1331 (just rocket, really) 2016-06-28 22:00:57 +02:00
niphlod
5e0a53f4c2 fixes #1347 2016-06-28 21:49:23 +02:00
niphlod
4966466509 fixes #1354 2016-06-28 21:46:07 +02:00
niphlod
a96f137e03 fixes #1355 2016-06-28 21:43:31 +02:00
ilvalle
4cdcf8eae0 Since py2.7 compile() supports Win and Mac newlines. Also input in 'exec' mode does not have to end in a newline anymore. 2016-06-28 19:58:25 +02:00
ilvalle
ea337e07d0 p3 fixes in applications 2016-06-28 19:58:20 +02:00
ilvalle
f343fab528 py3 fixes for admin app 2016-06-25 17:36:37 +02:00