Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-django-tastypie for
openSUSE:Factory checked in at 2022-10-06 07:41:48
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-django-tastypie (Old)
and /work/SRC/openSUSE:Factory/.python-django-tastypie.new.2275 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-django-tastypie"
Thu Oct 6 07:41:48 2022 rev:19 rq:1008059 version:0.14.4
Changes:
--------
---
/work/SRC/openSUSE:Factory/python-django-tastypie/python-django-tastypie.changes
2022-05-12 23:00:25.612802162 +0200
+++
/work/SRC/openSUSE:Factory/.python-django-tastypie.new.2275/python-django-tastypie.changes
2022-10-06 07:41:59.556659056 +0200
@@ -1,0 +2,5 @@
+Wed Oct 5 00:06:55 UTC 2022 - John Vandenberg <[email protected]>
+
+- Add pr_1642_chunk.patch for Django 4.1 support
+
+-------------------------------------------------------------------
New:
----
pr_1642_chunk.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-django-tastypie.spec ++++++
--- /var/tmp/diff_new_pack.VOcS7w/_old 2022-10-06 07:41:59.952659937 +0200
+++ /var/tmp/diff_new_pack.VOcS7w/_new 2022-10-06 07:41:59.956659946 +0200
@@ -26,6 +26,8 @@
Source:
https://github.com/django-tastypie/django-tastypie/archive/v%{version}.tar.gz
# https://github.com/django-tastypie/django-tastypie/issues/1635
Patch0: python-django-tastypie-no-mock.patch
+# PATCH-FIX-UPSTREAM pr_1642_chunk.patch -- based on PR 1642
+Patch1: pr_1642_chunk.patch
BuildRequires: %{python_module Django >= 1.11.0}
BuildRequires: %{python_module PyYAML}
BuildRequires: %{python_module biplist}
++++++ pr_1642_chunk.patch ++++++
Index: django-tastypie-0.14.4/tastypie/authentication.py
===================================================================
--- django-tastypie-0.14.4.orig/tastypie/authentication.py
+++ django-tastypie-0.14.4/tastypie/authentication.py
@@ -9,7 +9,15 @@ import warnings
from django.conf import settings
from django.contrib.auth import authenticate
from django.core.exceptions import ImproperlyConfigured
-from django.middleware.csrf import _sanitize_token
+
+try:
+ from django.middleware.csrf import _check_token_format
+
+ _sanitize_token = None
+except ImportError:
+ from django.middleware.csrf import _sanitize_token
+
+ _check_token_format = None
from django.utils.translation import gettext as _
from six.moves.urllib.parse import urlparse
@@ -310,8 +318,11 @@ class SessionAuthentication(Authenticati
if getattr(request, '_dont_enforce_csrf_checks', False):
return request.user.is_authenticated
-
- csrf_token =
_sanitize_token(request.COOKIES.get(settings.CSRF_COOKIE_NAME, ''))
+ csrf_token = request.COOKIES.get(settings.CSRF_COOKIE_NAME, '')
+ if _sanitize_token:
+ csrf_token = _sanitize_token(csrf_token)
+ else:
+ _check_token_format(csrf_token)
if request.is_secure():
referer = request.META.get('HTTP_REFERER')
@@ -326,11 +337,17 @@ class SessionAuthentication(Authenticati
request_csrf_token = request.META.get('HTTP_X_CSRFTOKEN', '')
try:
- request_csrf_token = _sanitize_token(request_csrf_token)
+ if _sanitize_token:
+ request_csrf_token = _sanitize_token(request_csrf_token)
+ else:
+ _check_token_format(csrf_token)
except InvalidTokenFormat:
return False
- if not compare_sanitized_tokens(request_csrf_token, csrf_token):
+ try:
+ if not compare_sanitized_tokens(request_csrf_token, csrf_token):
+ return False
+ except AssertionError:
return False
return request.user.is_authenticated
