dinislage/web2py
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
6,896 Commits 18 Branches 72 Tags
ae6fdb21c9f4e1dd08d0032ed820ac5b4e4532da
Commit Graph

6896 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
niphlod ae6fdb21c9 this crashes win and 3.5 2016-07-19 22:21:35 +02:00
mdipierro 759616e537 Merge pull request #1400 from niphlod/py3/fix_warnings 
fixed most of py3 warnings, output is much cleaner this way
 2016-07-18 18:21:24 -05:00
niphlod cae10a68c0 fixed most of py3 warnings, output is much cleaner this way 2016-07-18 23:45:28 +02:00
mdipierro 7aa617a68f fixed regex (test) 2016-07-17 15:12:04 -05:00
mdipierro 665e14186e fixed issue with sessions in db on GAE 2016-07-17 04:18:56 -05:00
mdipierro b6fc1b0809 Merge branch 'master' of github.com:web2py/web2py 2016-07-16 10:23:37 -05:00
mdipierro fe04923d28 Merge pull request #1392 from ilvalle/py3_fixes_7 
Py3 fixes
 2016-07-16 03:01:16 -05:00
ilvalle 73399fdee6 fix py3 html 2016-07-15 20:35:54 +02:00
ilvalle f9927f4f3d fix local import for contrib modules 2016-07-15 20:34:27 +02:00
mdipierro 584327553c fixed Link to Chrome extension that auto-opens error tickets #613 2016-07-11 03:30:48 -05:00
mdipierro 4a3ccfdeab fixed issue #1362, == in args 2016-07-11 03:20:38 -05:00
mdipierro 64df136e69 minor import fix 2016-07-11 03:15:31 -05:00
mdipierro 7fe2684ffa Merge branch 'master' of github.com:web2py/web2py 2016-07-11 03:04:08 -05:00
mdipierro 350dc4ed8b partially addressed scheduler in widget 2016-07-11 03:03:55 -05:00
mdipierro 170ca0eb12 Merge pull request #1390 from BuhtigithuB/improve/jquery-attr-prop-web2py-js 
.att() -> .prop() for setting autocomplete off
 2016-07-11 02:52:24 -05:00
Richard Vézina bd47b7f80a .att() -> .prop() for setting autocomplete off 2016-07-10 12:30:22 -04:00
mdipierro ccd807503a Merge pull request #1387 from ilvalle/appveyor_py35 
enabled py35 unittests on win
 2016-07-07 01:48:38 -05:00
mdipierro d067897cef json(indent=...) parameter 2016-07-07 01:47:59 -05:00
ilvalle 967b2e27a7 added global_settings.is_py2 2016-07-06 17:25:26 +02:00
ilvalle 5e94c11e40 Enabled py35 on appveyor 2016-07-06 17:25:22 +02:00
mdipierro d2aa83c8a7 Merge branch 'master' of github.com:web2py/web2py 2016-07-05 08:35:58 -05:00
mdipierro c5bd7ca25d look for dal in packages by default 2016-07-05 08:35:42 -05:00
ilvalle 61c9b7991e py35 fix cacheOnDisk on win 2016-07-04 20:30:50 +02:00
mdipierro b5ea78e5d6 Merge pull request #1385 from jnbrex/master 
Changed tuple to list
 2016-07-02 01:04:04 -05:00
Jason Bohrer 0c4d254a9c Changed tuple to list 
The comparison between parts[1:3] and ('', host) would return false because a list and a tuple were being compared.
 2016-07-01 13:26:23 -04:00
mdipierro d9c2f778ee fixed auth next open redirect 2016-07-01 02:22:15 -05:00
mdipierro 409cfda1f6 Merge pull request #1382 from apa-1/master 
Fix next redirect if only one / exists
 2016-07-01 02:00:58 -05:00
mdipierro 229da5847b Merge pull request #1381 from niphlod/fix/1363 
corner case - fixes #1363
 2016-07-01 02:00:18 -05:00
mdipierro c7eb1c1eae Merge branch 'niphlod-remove/webshell' 2016-07-01 01:59:42 -05:00
mdipierro 67b27f4daf removed webshell 2016-07-01 01:59:12 -05:00
mdipierro 9837aae642 Merge pull request #1378 from niphlod/fix/1331 
fixes #1331 (just rocket, really)
 2016-07-01 01:56:56 -05:00
mdipierro 5413b95320 Merge pull request #1377 from niphlod/fix/1347 
fixes #1347
 2016-07-01 01:56:37 -05:00
mdipierro 5d13e56dc5 Merge pull request #1376 from niphlod/fix/1354 
fixes #1354
 2016-07-01 01:56:21 -05:00
mdipierro 5a5c2b500a Merge pull request #1375 from niphlod/fix/1355 
fixes #1355
 2016-07-01 01:56:02 -05:00
mdipierro 46d02a3448 Merge pull request #1374 from niphlod/fix/1364 
fixes #1364
 2016-07-01 01:55:41 -05:00
mdipierro a99096d6b3 Merge pull request #1373 from ilvalle/py3_fixes_6 
Py3 fixes
 2016-07-01 01:55:24 -05:00
Th3R3p0 d95acb6897 Fixed open redirect security vulnerability. The previous filter searched for two forward slashes "//" in the "_next” parameter and if the two forward slashes were found it would check the URI and determine if the hostname matched the hostname of the web server. If not, it would change the next variable to the None. However, browsers don't require two forward slashes. As a feature, browsers accept typos such as http:google.com or http:/google.com and redirect to http://google.com. This can be used to leverage an open redirect attack even with the current filter. This commit fixes the open redirect vulnerability in the _next get parameter. Thanks to jnbrex for helping debug/write the patch for this vulnerability. 2016-06-30 17:24:47 -04:00
Alex Artigues f87c3e260c Fix next redirect if only one / exists 2016-06-29 20:54:13 -04:00
niphlod 9c8db3f65a corner case - fixes #1363 2016-06-28 23:52:28 +02:00
niphlod 595e37c2de removed web shell 2016-06-28 23:34:41 +02:00
niphlod 0708dd36e7 fixes #1331 (just rocket, really) 2016-06-28 22:00:57 +02:00
niphlod 5e0a53f4c2 fixes #1347 2016-06-28 21:49:23 +02:00
niphlod 4966466509 fixes #1354 2016-06-28 21:46:07 +02:00
niphlod a96f137e03 fixes #1355 2016-06-28 21:43:31 +02:00
niphlod 955b30a871 fixes #1364 2016-06-28 21:36:59 +02:00
ilvalle 4cdcf8eae0 Since py2.7 compile() supports Win and Mac newlines. Also input in 'exec' mode does not have to end in a newline anymore. 2016-06-28 19:58:25 +02:00
ilvalle ea337e07d0 p3 fixes in applications 2016-06-28 19:58:20 +02:00
mdipierro 5f80300c5d Merge pull request #1371 from ilvalle/py3_fixes_5 
PY3 fixes
 2016-06-26 00:32:09 -05:00
mdipierro 0b4b71ea09 Merge branch 'master' of github.com:web2py/web2py 2016-06-26 00:30:42 -05:00
mdipierro f8f471f51f new cheatsheet 2016-06-26 00:30:25 -05:00