dinislage/web2py
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,823 Commits 18 Branches 72 Tags
34f753be56f05f67e652c2d83e7f2424b3c19d55
Commit Graph

6823 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ilvalle 34f753be56 fix languages 2016-06-13 20:20:49 +02:00
ilvalle a27f6f88ef fix serializers, websocket_messaging 2016-06-13 20:20:49 +02:00
ilvalle ab2cdd595b fix utils 2016-06-13 20:20:49 +02:00
ilvalle 7259516627 fix tools 2016-06-13 20:20:44 +02:00
mdipierro a18e0e489f why is session.forget not callable in tests? 2016-06-12 21:08:33 -05:00
mdipierro dfb0129f09 do not forget a missing session 2016-06-12 20:55:16 -05:00
mdipierro cadb130518 fixed expose tests 2016-06-12 20:27:20 -05:00
mdipierro a830f95f70 Merge branch 'ilvalle-py3_fixes' 2016-06-12 20:00:10 -05:00
mdipierro f4a353960b merged conflicts 2016-06-12 19:59:58 -05:00
mdipierro c5bafa16dd Merge pull request #1357 from chenl/master 
fix issue#1261: security issue: gluon.tools.Expose will follow symlinks
 2016-06-12 19:56:40 -05:00
Chen Rotem Levy 3c2ee85295 Merge branch 'issue_1261' 
Adding to Expose.__init__(..., follow_symlink_out=False).

If the user didn't override this, and if the OS supports symlinks, we
test that the we will not expose any symlinks that points outside of
self.base.

Expose is not also covered by unittests.
 2016-06-11 12:38:21 +03:00
Chen Rotem Levy 9877ad5155 fix in_base for base='/' 
If the base directory already ends with '/' the test failed.

It failed because we added an extra '/' to make sure that '/foobar' is
not under '/foo', so ask '/foobar/'.startswith('/foo/').

Whoever when we have the base already start with '/' we might test:
'/foo/bar/'.startwith('/foo//'), and give a false negative.  We
shouldn't have this case, because we normalized the path, but in the
case of the root directory ('/') even a normalized path ends with '/',
and thus when base='/' this function failed.

Some re-factoring was needed to make this base testable.
 2016-06-11 12:19:16 +03:00
Chen Rotem Levy e020395bdc apply pull request #1313 
This should have resolved security issue#1261 -- gluon.tools.Expose
symlinks, however it does not deal well with the case where the base
exposed directory is '/'
 2016-06-11 11:20:23 +03:00
ilvalle 1f013d76f3 minor few fix 2016-06-10 14:14:40 +02:00
ilvalle 3103226686 revert fcgi changes 2016-06-10 14:14:39 +02:00
mdipierro 15a26c00b1 Merge pull request #1352 from zvolsky/_revert_wiki 
revert wiki to earlier (properly working) state
 2016-06-07 20:36:52 -05:00
mdipierro df9928d69c Merge pull request #1349 from zvolsky/_represent_none 
represent none
 2016-06-07 20:36:01 -05:00
ilvalle fd850ab46f fix validators, updated gluon/contrib/ipaddr 2016-06-07 19:50:49 +02:00
zvolsky 225a286162 revert wiki to earlier (properly working) state 2016-06-07 15:10:03 +02:00
zvolsky 876508a227 grid: custom representation of None value, in view 2016-06-06 12:43:11 +02:00
zvolsky 0c52f2a561 grid: custom representation of None value 2016-06-06 12:25:06 +02:00
ilvalle 92374741ff fix rewrite, enabled test_router & test_routes 2016-06-04 17:42:36 +02:00
ilvalle 71ba0e515f updated portalocker, few py3 syntax/import fix 2016-06-04 14:07:42 +02:00
ilvalle dcd24cf88c Updated fpdf to the last version (py3 compatible), fix contrib/appconfig 2016-06-04 09:23:31 +02:00
ilvalle 2f7d76769c typo in globals 2016-06-03 23:44:45 +02:00
mdipierro 154073c3a6 Merge pull request #1341 from nextghost/master 
Ignore internal attributes when checking whether new session was changed
 2016-06-03 10:04:00 -05:00
mdipierro 14ac911ce7 Merge pull request #1344 from michele-comitini/jwt-renew-fix 
Jwt renew fix
 2016-06-03 10:02:41 -05:00
mdipierro 1554a29f5f Merge pull request #1345 from niphlod/fix/codecov 
should turn off the codecov/changes report
 2016-06-03 10:02:09 -05:00
ilvalle 97eb013831 fix test_html and test_template for py3 2016-06-03 11:46:32 +02:00
ilvalle db8306b5c4 fix iteritems, enabled test_cache & test_dal for 3.5 2016-06-02 17:21:36 +02:00
ilvalle 707330accd Enabled 3.5 on travis 2016-06-02 16:06:49 +02:00
ilvalle a1fd92b7f8 updated imports in tests 2016-06-02 14:28:21 +02:00
ilvalle 01bab81432 manually adapt few imports 2016-06-01 20:16:30 +02:00
niphlod 850d79c287 should turn off the codecov/changes report 2016-06-01 00:50:01 +02:00
Michele Comitini 67f85fd631 allow token renewal with http authorization header. 2016-05-31 23:55:58 +02:00
ilvalle aa2bf4134e introduced _compact from pydal 2016-05-31 20:12:50 +02:00
ilvalle 48e10a3793 running libfuturize.fixes.fix_print_with_import 2016-05-30 21:23:40 +02:00
ilvalle 36ca754c77 running libfuturize.fixes.fix_raise 2016-05-30 18:03:48 +02:00
ilvalle d74413bc16 running lib2to3.fixes.fix_methodattrs 2016-05-30 18:03:48 +02:00
ilvalle 02e0cd187a running lib2to3.fixes.fix_has_key 2016-05-29 08:31:20 +02:00
ilvalle 9588ba690c running lib2to3.fixes.fix_tuple_params 2016-05-29 08:31:20 +02:00
ilvalle a5599f3eab running lib2to3.fixes.fix_idioms 2016-05-29 08:31:20 +02:00
ilvalle 9b9ed0ad0f running lib2to3.fixes.fix_funcattrs 2016-05-29 08:31:20 +02:00
ilvalle 8074927191 running lib2to3.fixes.fix_renames 2016-05-29 08:31:19 +02:00
ilvalle 35900da19b running lib2to3.fixes.fix_except 2016-05-29 08:31:19 +02:00
ilvalle 14830e8906 running lib2to3.fixes.fix_standarderror 2016-05-29 08:31:19 +02:00
ilvalle d22222ebea running lib2to3.fixes.fix_reduce 2016-05-29 08:31:19 +02:00
ilvalle ec8ea53917 running lib2to3.fixes.fix_apply 2016-05-29 07:45:46 +02:00
Martin Doucha 40b8a4d75d Whitespace fix 2016-05-28 22:25:58 +02:00
Martin Doucha 54e443dfad Ignore internal attributes when checking whether new session was changed 2016-05-28 21:54:24 +02:00