django-rest-framework/rest_framework
Luka Jeran 6ec6ddea9b
Avoid inline script execution for injecting CSRF token (#7016)
Scripts with type="application/json" or "text/plain" are not executed, so we can
use them to inject dynamic CSRF data, without allowing inline-script execution
in Content-Security-Policy.
2022-11-29 16:10:32 +00:00
..
authtoken Implemented Verbose Name Translation for TokenProxy (#8713) 2022-11-27 16:45:54 +06:00
locale Translations updated from transifex and compiled 2020-10-13 22:05:24 +02:00
management Add --api-version CLI option to generateschema (#8663) 2022-09-22 10:36:01 +01:00
schemas mitigate global dependency on inflection #8017 (#8781) 2022-11-28 09:11:10 +06:00
static/rest_framework Avoid inline script execution for injecting CSRF token (#7016) 2022-11-29 16:10:32 +00:00
templates/rest_framework Avoid inline script execution for injecting CSRF token (#7016) 2022-11-29 16:10:32 +00:00
templatetags Made relative URLs clickable as well. (#8464) 2022-06-08 15:03:00 +01:00
utils Refactor: Replace try/except with contextlib.suppress() (#8676) 2022-10-05 11:02:00 +01:00
__init__.py Use correct class to indicate present deprecation (#8665) 2022-09-22 14:07:43 -04:00
apps.py Make DEFAULT_PAGINATION_CLASS None by default. (#5170) 2017-09-25 15:36:30 +02:00
authentication.py #7157: Fix RemoteUserAuthentication calling django authenticate with request argument (#7158) 2021-09-03 14:37:03 +01:00
checks.py Fix punctuation in system check (#7281) 2020-04-20 16:40:05 -07:00
compat.py Replaced parse_header with parse_header_parameters. (#8556) 2022-07-14 14:20:36 +02:00
decorators.py if else optimization (#8340) 2022-01-27 15:02:20 +00:00
documentation.py Updated url()'s with path() and re_path() (#7492) 2020-08-25 13:50:02 +02:00
exceptions.py Refactor short names in exceptions (#8585) 2022-08-01 16:28:05 +01:00
fields.py Properly handle OverflowError in DurationField deserialization (#8042) 2022-11-24 17:27:45 +06:00
filters.py Ordering filter bug with model property serializer field (#7609) 2021-03-16 12:53:39 +00:00
generics.py Allow context to be provided to get_serializer (#7298) 2020-04-29 11:19:44 +01:00
metadata.py [FIX] add missing DurationField to SimpleMetada label_lookup (#8702) 2022-11-21 20:33:19 +06:00
mixins.py Dropped Python 2 compatibility. (#6615) 2019-04-30 17:53:44 +02:00
negotiation.py Replaced parse_header with parse_header_parameters. (#8556) 2022-07-14 14:20:36 +02:00
pagination.py fix 404 when page query parameter is empty string (#8578) 2022-11-22 12:37:31 +06:00
parsers.py Refactor: Replace try/except with contextlib.suppress() (#8676) 2022-10-05 11:02:00 +01:00
permissions.py Fix #8771 - Checking for authentication even if _ignore_model_permissions = True (#8772) 2022-11-22 20:21:16 +06:00
relations.py Refactor: Replace try/except with contextlib.suppress() (#8676) 2022-10-05 11:02:00 +01:00
renderers.py Represent SafeString as plain string on schema rendering. (#8429) 2022-11-23 20:42:06 +06:00
request.py Fix infinite recursion with deepcopy on Request (#8684) 2022-10-07 11:58:38 +01:00
response.py Remove unnecessary bytes() calls (#6626) 2019-05-30 15:05:27 -07:00
reverse.py Dropped Python 2 compatibility. (#6615) 2019-04-30 17:53:44 +02:00
routers.py Linting fixes (#7874) 2021-03-26 12:27:10 +00:00
serializers.py Fixes instance check in ListSerializer.to_representation (#8726) (#8727) 2022-11-22 12:01:01 +06:00
settings.py Avoid importing django.test package when not testing (#8699) 2022-10-14 16:30:26 +01:00
status.py Added http 102, 103, 421, and 425 status codes (#8350) 2022-02-03 11:57:47 +00:00
test.py Make APIClient.force_authenticate() work with user=None (#8212) 2022-09-15 09:35:48 +01:00
throttling.py Fix error in throttling when request.user is None (#8370) 2022-06-24 13:02:11 +01:00
urlpatterns.py Updated url()'s with path() and re_path() (#7492) 2020-08-25 13:50:02 +02:00
urls.py Replace all url() calls with path() or re_path() (#7512) 2020-09-08 15:32:27 +01:00
validators.py Make CharField prohibit surrogate characters (#7026) (#7067) 2020-01-06 14:12:21 +00:00
versioning.py Replace all url() calls with path() or re_path() (#7512) 2020-09-08 15:32:27 +01:00
views.py Preserve exception messages for wrapped Django exceptions (#8051) 2022-10-11 12:48:57 +00:00
viewsets.py Fixes that namespaced views now also appear in the extra actions (#8598) 2022-08-31 11:17:19 +01:00