dinislage/web2py
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,821 Commits 18 Branches 72 Tags
ab2cdd595b47d71bfcd4c9ba4e54aadf42f0d94a
Commit Graph

6821 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
ilvalle
ab2cdd595b fix utils 2016-06-13 20:20:49 +02:00
ilvalle
7259516627 fix tools 2016-06-13 20:20:44 +02:00
mdipierro
a18e0e489f why is session.forget not callable in tests? 2016-06-12 21:08:33 -05:00
mdipierro
dfb0129f09 do not forget a missing session 2016-06-12 20:55:16 -05:00
mdipierro
cadb130518 fixed expose tests 2016-06-12 20:27:20 -05:00
mdipierro
a830f95f70 Merge branch 'ilvalle-py3_fixes' 2016-06-12 20:00:10 -05:00
mdipierro
f4a353960b merged conflicts 2016-06-12 19:59:58 -05:00
mdipierro
c5bafa16dd Merge pull request #1357 from chenl/master 
fix issue#1261: security issue: gluon.tools.Expose will follow symlinks
 2016-06-12 19:56:40 -05:00
Chen Rotem Levy
3c2ee85295 Merge branch 'issue_1261' 
Adding to Expose.__init__(..., follow_symlink_out=False).

If the user didn't override this, and if the OS supports symlinks, we
test that the we will not expose any symlinks that points outside of
self.base.

Expose is not also covered by unittests.
 2016-06-11 12:38:21 +03:00
Chen Rotem Levy
9877ad5155 fix in_base for base='/' 
If the base directory already ends with '/' the test failed.

It failed because we added an extra '/' to make sure that '/foobar' is
not under '/foo', so ask '/foobar/'.startswith('/foo/').

Whoever when we have the base already start with '/' we might test:
'/foo/bar/'.startwith('/foo//'), and give a false negative.  We
shouldn't have this case, because we normalized the path, but in the
case of the root directory ('/') even a normalized path ends with '/',
and thus when base='/' this function failed.

Some re-factoring was needed to make this base testable.
 2016-06-11 12:19:16 +03:00
Chen Rotem Levy
e020395bdc apply pull request #1313 
This should have resolved security issue#1261 -- gluon.tools.Expose
symlinks, however it does not deal well with the case where the base
exposed directory is '/'
 2016-06-11 11:20:23 +03:00
ilvalle
1f013d76f3 minor few fix 2016-06-10 14:14:40 +02:00
ilvalle
3103226686 revert fcgi changes 2016-06-10 14:14:39 +02:00
mdipierro
15a26c00b1 Merge pull request #1352 from zvolsky/_revert_wiki 
revert wiki to earlier (properly working) state
 2016-06-07 20:36:52 -05:00
mdipierro
df9928d69c Merge pull request #1349 from zvolsky/_represent_none 
represent none
 2016-06-07 20:36:01 -05:00
ilvalle
fd850ab46f fix validators, updated gluon/contrib/ipaddr 2016-06-07 19:50:49 +02:00
zvolsky
225a286162 revert wiki to earlier (properly working) state 2016-06-07 15:10:03 +02:00
zvolsky
876508a227 grid: custom representation of None value, in view 2016-06-06 12:43:11 +02:00
zvolsky
0c52f2a561 grid: custom representation of None value 2016-06-06 12:25:06 +02:00
ilvalle
92374741ff fix rewrite, enabled test_router & test_routes 2016-06-04 17:42:36 +02:00
ilvalle
71ba0e515f updated portalocker, few py3 syntax/import fix 2016-06-04 14:07:42 +02:00
ilvalle
dcd24cf88c Updated fpdf to the last version (py3 compatible), fix contrib/appconfig 2016-06-04 09:23:31 +02:00
ilvalle
2f7d76769c typo in globals 2016-06-03 23:44:45 +02:00
mdipierro
154073c3a6 Merge pull request #1341 from nextghost/master 
Ignore internal attributes when checking whether new session was changed
 2016-06-03 10:04:00 -05:00
mdipierro
14ac911ce7 Merge pull request #1344 from michele-comitini/jwt-renew-fix 
Jwt renew fix
 2016-06-03 10:02:41 -05:00
mdipierro
1554a29f5f Merge pull request #1345 from niphlod/fix/codecov 
should turn off the codecov/changes report
 2016-06-03 10:02:09 -05:00
ilvalle
97eb013831 fix test_html and test_template for py3 2016-06-03 11:46:32 +02:00
ilvalle
db8306b5c4 fix iteritems, enabled test_cache & test_dal for 3.5 2016-06-02 17:21:36 +02:00
ilvalle
707330accd Enabled 3.5 on travis 2016-06-02 16:06:49 +02:00
ilvalle
a1fd92b7f8 updated imports in tests 2016-06-02 14:28:21 +02:00
ilvalle
01bab81432 manually adapt few imports 2016-06-01 20:16:30 +02:00
niphlod
850d79c287 should turn off the codecov/changes report 2016-06-01 00:50:01 +02:00
Michele Comitini
67f85fd631 allow token renewal with http authorization header. 2016-05-31 23:55:58 +02:00
ilvalle
aa2bf4134e introduced _compact from pydal 2016-05-31 20:12:50 +02:00
ilvalle
48e10a3793 running libfuturize.fixes.fix_print_with_import 2016-05-30 21:23:40 +02:00
ilvalle
36ca754c77 running libfuturize.fixes.fix_raise 2016-05-30 18:03:48 +02:00
ilvalle
d74413bc16 running lib2to3.fixes.fix_methodattrs 2016-05-30 18:03:48 +02:00
ilvalle
02e0cd187a running lib2to3.fixes.fix_has_key 2016-05-29 08:31:20 +02:00
ilvalle
9588ba690c running lib2to3.fixes.fix_tuple_params 2016-05-29 08:31:20 +02:00
ilvalle
a5599f3eab running lib2to3.fixes.fix_idioms 2016-05-29 08:31:20 +02:00
ilvalle
9b9ed0ad0f running lib2to3.fixes.fix_funcattrs 2016-05-29 08:31:20 +02:00
ilvalle
8074927191 running lib2to3.fixes.fix_renames 2016-05-29 08:31:19 +02:00
ilvalle
35900da19b running lib2to3.fixes.fix_except 2016-05-29 08:31:19 +02:00
ilvalle
14830e8906 running lib2to3.fixes.fix_standarderror 2016-05-29 08:31:19 +02:00
ilvalle
d22222ebea running lib2to3.fixes.fix_reduce 2016-05-29 08:31:19 +02:00
ilvalle
ec8ea53917 running lib2to3.fixes.fix_apply 2016-05-29 07:45:46 +02:00
Martin Doucha
40b8a4d75d Whitespace fix 2016-05-28 22:25:58 +02:00
Martin Doucha
54e443dfad Ignore internal attributes when checking whether new session was changed 2016-05-28 21:54:24 +02:00
ilvalle
8d213a5b87 fix local import in __init__.py 2016-05-27 14:42:22 +02:00
Michele Comitini
95c1a734d1 fix wrong reference to request out of current namespace 2016-05-27 00:23:25 +02:00