mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-10 22:08:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

[1.7.x] Prevented data leakage in contrib.admin via query string manipulation.

Browse source 
This is a security fix. Disclosure following shortly.
This commit is contained in:
Simon Charette 2014-08-07 00:18:10 -04:00 committed by Tim Graham
parent 1a45d059c7
commit 2b31342cdf
8 changed files with 115 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

1
docs/ref/exceptions.txt
View file

@ -56,6 +56,7 @@ SuspiciousOperation
* DisallowedHost
* DisallowedModelAdminLookup
* DisallowedModelAdminToField
* DisallowedRedirect
* InvalidSessionKey
* SuspiciousFileOperation