Hi,
one thing to consider might be that md5 is usually disabled for FIPS
enabled system (ie https://code.djangoproject.com/ticket/28401 ). So if we
are changing something here we might also consider this.
Cheers,
Florian
On Friday, September 11, 2020 at 9:41:51 AM UTC+2 gertb...@gmail.com wrot
Yes there's a risk of causing collisions if a user can control the
responses. But that doesn't mean there's really a security concern - since
the user creating the collision *can already upload arbitrary content to
the django site.* The collision wouldn't really do anything but cause a
stale asset
Hi Adam,
On Monday, September 14, 2020 at 2:00:06 PM UTC+2 Adam Johnson wrote:
> one thing to consider might be that md5 is usually disabled for FIPS
>> enabled system
>>
>
> This is true, but if no one has complained, why "fix" it? As covered above
> one can always implement custom ETag header
Hi All.
Thanks for this. I'd be happy to play *Shepherd *if you need someone to put
their hand up.
I think that means I need to nag about getting it done. So... 🙂
Who's going to be on the team to do the first review, and then subsequent
work? Answer that and you have the Implementation Team.
I have an issue in a django project please can you help me.?
On Sat, Sep 12, 2020 at 4:29 PM Tim Allen
wrote:
> I've seen recommendations to use this during conference talks by people
> with a fairly deep knowledge of the ORM as recently as 2019, so I do
> believe it can be made more blatantly c
Carlton, I think that would be useful, thanks.
Thibaud, shall I add you to the implementation team? It seems like you're
doing more work on this than I am lately. I think we could still use one or
perhaps two more people, but I think it's a good start.
On Mon, 14 Sep 2020 at 16:44, Carlton Gibson
Week ending September 13, 2020.
*Triaged:*
https://code.djangoproject.com/ticket/31985 - salted_hmac() docstring
shouldn't mention hashlib.new(). (accepted)
https://code.djangoproject.com/ticket/31986 - Django Admin filter
sidebar does not scroll. (accepted)
https://code.djangopr
Hi,
Today I had a small surprise with templates and the linebreakbr filter.
The "problem" (or root of the confusion) is that if None (of NoneType) is given
to linebreakbr it returns a SafeString 'None' instead of None (type NoneType).
The documentation says
(https://docs.djangoproject.com/en/
The filter states that it expects plain text. In Python, str(None) = "None". To
get the behavior you are seeking use the default_if_none filter, and chain your
other filters.
https://docs.djangoproject.com/en/dev/ref/templates/builtins/#default-if-none
{{ text|default_if_none:""|linebreaksbr }}
Yeah imo most filters should be worried about one type. We shouldn’t
consider very variable “None-able” because it’s so pervasive.
This is somewhere that type hints will eventually help clarify.
On Mon, 14 Sep 2020 at 20:47, Matthew Pava wrote:
> The filter states that it expects plain text. In
10 matches
Mail list logo
