django

mirror of https://github.com/django/django.git synced 2024-11-28 10:48:32 +01:00

History

Russell Keith-Magee aae5a96d57 Ensure that passwords are never long enough for a DoS. * Limit the password length to 4096 bytes * Password hashers will raise a ValueError * django.contrib.auth forms will fail validation * Document in release notes that this is a backwards incompatible change Thanks to Josh Wright for the report, and Donald Stufft for the patch. This is a security fix; disclosure to follow shortly.		2013-09-15 13:42:23 +08:00
..
bin
conf	Revert "Fixed #12288 -- Validated that app names in INSTALLED_APPS are unique"	2013-09-14 07:19:32 -04:00
contrib	Ensure that passwords are never long enough for a DoS.	2013-09-15 13:42:23 +08:00
core	Fixed #21097 - Added DatabaseFeature.can_introspect_autofield	2013-09-14 09:48:59 +03:00
db	REmoved some unused imports	2013-09-14 12:34:57 -07:00
dispatch
forms	Improved deprecation warning for change in form boolean values.	2013-09-10 14:24:34 -04:00
http	Fixed #18403 -- Initialized bad_cookies in SimpleCookie	2013-09-10 08:26:54 -04:00
middleware
shortcuts
template	Prevented arbitrary file inclusion with {% ssi %} tag and relative paths.	2013-09-10 21:02:48 -04:00
templatetags	Took advantage of django.utils.six.moves.urllib.*.	2013-09-05 14:39:23 -05:00
test	REmoved some unused imports	2013-09-14 12:34:57 -07:00
utils	Fixed #21060 -- Refactored admin's autodiscover method to make it reusable.	2013-09-13 20:09:41 -04:00
views	Merge pull request #1580 from ianawilson/ticket_16502	2013-09-06 15:31:25 -07:00
__init__.py