Hi all,
I have been contacted by Robert Collins, who is trying to get a working
group together to discuss HTTP/2 and WSGI.
Attached is the forwarded email from Robert with the kickoff details.
Historically, Django hasn't been deeply involved in process of developing
WSGI and related standards; t
Hi all,
Ok - the technical board has discussed the matter, and settled on:
Django Developers (Contributions to Django itself)
as a new title for the group.
The board rejected the idea of "Django X" (for any value of X) on the basis
that asking someone to sign up to "Django X" by sending mai
On Fri, Sep 19, 2014 at 5:13 AM, Tom Christie wrote:
> One point of clarity is that we ought to return the same type for each of
> `reverse`, `request.path`, `request.get_full_path`, `request.path_info`, and
> the values in the `request.GET` dictionary. Given that, the answer is
> clearly "it shou
Hello Carl, hello Florian,
thank you for your both replies, I feel confident that we'll sort it out
now.
On Friday, September 19, 2014 5:56:08 PM UTC+2, Carl Meyer wrote:
I can't say for sure without checking, but I would be very surprised if
> anything in Django's session code has a hard rest
Hi Nikolai,
On 09/19/2014 05:50 AM, Nikolai Prokoschenko wrote:
> the people responsible for the Apache part of our Django application
> have recently introduced a policy for mandatory use of mod_security with
> OWASP ruleset. The SQL injection rule [1], has raised their attention,
> because it ha
One point of clarity is that we ought to return the same type for each of
`reverse`, `request.path`, `request.get_full_path`, `request.path_info`,
and the values in the `request.GET` dictionary. Given that, the answer is
clearly "it should be a string".
It's also a little unclear to me what typ
Hi Nikolai,
On Friday, September 19, 2014 1:50:33 PM UTC+2, Nikolai Prokoschenko wrote:
>
> 1. Has there been some security audit in the past which confirmed that
> session ID handling inside Django is not vulnerable to SQL injection
> attacks?
>
Nothing public that I am aware of, no.
2. Can I
Hello,
(disclaimer: it's a security question and I don't have any proper expertise
in this area, so please bear with me)
the people responsible for the Apache part of our Django application have
recently introduced a policy for mandatory use of mod_security with OWASP
ruleset. The SQL injectio
2014-09-18 23:29 GMT+02:00 Wim Feijen :
> Timezones confuse me, maybe Aymeric can answer this one if he has time?
>
I've bookmarked this thread to answer at some point but I have some
work-related matters to deal with first.
--
Aymeric.
--
You received this message because you are subscribed
