Hi all,
I have been contacted by Robert Collins, who is trying to get a working
group together to discuss HTTP/2 and WSGI.
Attached is the forwarded email from Robert with the kickoff details.
Historically, Django hasn't been deeply involved in process of developing
WSGI and related standards;
On Fri, Sep 19, 2014 at 5:13 AM, Tom Christie wrote:
> One point of clarity is that we ought to return the same type for each of
> `reverse`, `request.path`, `request.get_full_path`, `request.path_info`, and
> the values in the `request.GET` dictionary. Given that, the
Hello Carl, hello Florian,
thank you for your both replies, I feel confident that we'll sort it out
now.
On Friday, September 19, 2014 5:56:08 PM UTC+2, Carl Meyer wrote:
I can't say for sure without checking, but I would be very surprised if
> anything in Django's session code has a hard
Hi Nikolai,
On 09/19/2014 05:50 AM, Nikolai Prokoschenko wrote:
> the people responsible for the Apache part of our Django application
> have recently introduced a policy for mandatory use of mod_security with
> OWASP ruleset. The SQL injection rule [1], has raised their attention,
> because it
One point of clarity is that we ought to return the same type for each of
`reverse`, `request.path`, `request.get_full_path`, `request.path_info`,
and the values in the `request.GET` dictionary. Given that, the answer is
clearly "it should be a string".
It's also a little unclear to me what
Hi Nikolai,
On Friday, September 19, 2014 1:50:33 PM UTC+2, Nikolai Prokoschenko wrote:
>
> 1. Has there been some security audit in the past which confirmed that
> session ID handling inside Django is not vulnerable to SQL injection
> attacks?
>
Nothing public that I am aware of, no.
2. Can
Hello,
(disclaimer: it's a security question and I don't have any proper expertise
in this area, so please bear with me)
the people responsible for the Apache part of our Django application have
recently introduced a policy for mandatory use of mod_security with OWASP
ruleset. The SQL
2014-09-18 23:29 GMT+02:00 Wim Feijen :
> Timezones confuse me, maybe Aymeric can answer this one if he has time?
>
I've bookmarked this thread to answer at some point but I have some
work-related matters to deal with first.
--
Aymeric.
--
You received this message because