mirror of
https://github.com/pretix/pretix.git
synced 2026-04-09 21:02:27 +00:00
Compare commits
merge into: CGM_Public:order-api-voucher-race
CGM_Public:master
CGM_Public:pajowu/ssrf_smtp
CGM_Public:dependabot/pip/fakeredis-eq-2.35.star
CGM_Public:customeraccounts_filter
CGM_Public:fix-delete-cookies-partitioned
CGM_Public:filter-nullbytes
CGM_Public:dependabot/pip/stripe-eq-15.0.star
CGM_Public:luelista/event-list-type
CGM_Public:pajowu/mixed_csrf_middlewares
CGM_Public:order-api-voucher-race
CGM_Public:release/2026.1.x
CGM_Public:release/2026.2.x
CGM_Public:release/2026.3.x
CGM_Public:stable
CGM_Public:fix-csv-import
CGM_Public:pajowu/test_cleanup
CGM_Public:exporter-auth-infos
CGM_Public:dependabot/npm_and_yarn/src/pretix/static/npm_dir/babel/preset-env-7.29.2
CGM_Public:pajowu/sendmail_status_filter
CGM_Public:position-add-multi
CGM_Public:pajowu/button-reuse-cart
CGM_Public:less-cart-sessions
CGM_Public:payment-details-fallback
CGM_Public:pajowu/mail_guid
CGM_Public:pajowu/eventlist_filter
CGM_Public:questions-vue3
CGM_Public:ai-policy
CGM_Public:2fa-bigradio
CGM_Public:ssrf-protect-by-default
CGM_Public:2fa-flowtoken
CGM_Public:dependabot/pip/requests-eq-2.33.star
CGM_Public:calendar-nav-icon
CGM_Public:cleanup-dead-widgets
CGM_Public:self-service-storno
CGM_Public:dependabot/pip/djangorestframework-eq-3.17.star
CGM_Public:fix-no-orgs
CGM_Public:pajowu/pagination_one
CGM_Public:fix-missing-exporters
CGM_Public:dependabot/pip/pypdf-eq-6.9.star
CGM_Public:file-disposition-inline
CGM_Public:use_gift_cards-docs-cleanup
CGM_Public:reusablemedium-multiop
CGM_Public:lbo-api-giftcard-payment
CGM_Public:fix-log-display-team-invite-delete
CGM_Public:plugin-avail-per-event
CGM_Public:db-ro-user
CGM_Public:peppol-be-autofill-fix
CGM_Public:peppol-be-id-validation
CGM_Public:error-pages-theme
CGM_Public:voucher-csv-vol
CGM_Public:timemachine-limits
CGM_Public:lbo-add-organizer-op-endpoint
CGM_Public:vat-validate-log
CGM_Public:recalculate-zero
CGM_Public:ppv2_created_payments
CGM_Public:datasync-logging
CGM_Public:webhook-acceptor-slugs
CGM_Public:lbo-waitinglist-edit
CGM_Public:fix-mails-stuck
CGM_Public:fix-safari-cookie-partitioned
CGM_Public:pp_pending_captures
CGM_Public:add-acceptor-slug
CGM_Public:hardening-2fa
CGM_Public:pajowu/plainhtmlalternative_placeholder
CGM_Public:voucher-field-label
CGM_Public:error-back-remove
CGM_Public:mail-html-templates
CGM_Public:mail-perf
CGM_Public:release/2025.9.x
CGM_Public:release/2025.10.x
CGM_Public:move-request-get-items-to-ctx
CGM_Public:fix-order-company-display
CGM_Public:fix-mail-headers-none
CGM_Public:dependabot/npm_and_yarn/src/pretix/static/npm_dir/babel/core-7.29.0
CGM_Public:outgoingmail-from-header
CGM_Public:order-change-out-of-timeframe-fix
CGM_Public:lbo-giftcard-webhooks
CGM_Public:apidoc-device-cleanup
CGM_Public:fix-escape-braces
CGM_Public:payment-unlock-fixes
CGM_Public:invoices-only-b2b
CGM_Public:lbo-fix-filter
CGM_Public:programtime-locations
CGM_Public:export-overview-skip-empty
CGM_Public:fix-programtime-queries
CGM_Public:fix-api-expand
CGM_Public:dependabot/pip/django-oauth-toolkit-eq-3.2.star
CGM_Public:rounding-down-consumer-friendly
CGM_Public:release/2025.8.x
CGM_Public:Add-Promptpay-for-stripe
CGM_Public:answer-export
CGM_Public:release/2025.7.x
CGM_Public:logentrytype-schema
CGM_Public:dependent-on-cc
CGM_Public:attendee-mails-default
CGM_Public:fix-rrule
CGM_Public:exports-repeatable-read
CGM_Public:order-import-logentries-bulk
CGM_Public:notification-bulk-check
CGM_Public:revert-5452-invoice-plugin-data
CGM_Public:img-srcset
CGM_Public:add-category-btn
CGM_Public:org-level-plugin
CGM_Public:plugins-page-fix
CGM_Public:release/2025.6.x
CGM_Public:pdf-editor-areyousure
CGM_Public:api-expand-generic
CGM_Public:event-title-everywhere
CGM_Public:a11y-improve-renew-feedback
CGM_Public:release/2025.5.x
CGM_Public:stripe_12x
CGM_Public:dialog-backdrop-click-close
CGM_Public:a11y-fix-waitinglist-link
CGM_Public:a11y-placeolder-contrast
CGM_Public:cart-renewal-ui-html5dialog
CGM_Public:cart-renewal-ui
CGM_Public:tooltip-a11y
CGM_Public:a11y-widget-fix-filter-dropdown
CGM_Public:a11y-common-modal-dialogs
CGM_Public:a11y-fix-datepicker-error
CGM_Public:release/2025.4.x
CGM_Public:release/2025.3.x
CGM_Public:fix-customer-create-race-condition
CGM_Public:scheduledmail-subevent-missing
CGM_Public:fix-widget-data-3rdparty
CGM_Public:release/2025.2.x
CGM_Public:lists-for-failed-checkin
CGM_Public:fix-widget-data-overwrite
CGM_Public:fix-copy-to-first-matching
CGM_Public:headless
CGM_Public:release/2025.1.x
CGM_Public:a11y-autofocus-tabindex
CGM_Public:widget-cookiebot
CGM_Public:fix-shipping-form
CGM_Public:addressform-err-handling
CGM_Public:release/2024.11.x
CGM_Public:quota-lock-log
CGM_Public:checkin-present-filter-perf
CGM_Public:fix-cond-display
CGM_Public:release/2024.10.x
CGM_Public:hacky-debug-output
CGM_Public:hacky-debug-output-reruns
CGM_Public:ci-more-threads
CGM_Public:before-fakeredis-update
CGM_Public:actions-debug-postgres-1
CGM_Public:actions-fix-postgres
CGM_Public:manual-installation
CGM_Public:subevent-empty-avoid
CGM_Public:release/2024.9.x
CGM_Public:release/2024.8.x
CGM_Public:release/2024.7.x
CGM_Public:release/2024.6.x
CGM_Public:release/2024.5.x
CGM_Public:fix-stripe-sca-sandbox
CGM_Public:order-nullability
CGM_Public:pytest-no-pending
CGM_Public:daterange-test-foo
CGM_Public:fix-checkbox-disabled-label-refactor
CGM_Public:fix-mail-preview-brackets-mismatch
CGM_Public:multi-subevent-cart-add
CGM_Public:release/2024.4.x
CGM_Public:release/2024.3.x
CGM_Public:back-to-the-future
CGM_Public:release/2024.2.x
CGM_Public:release/2023.10.x
CGM_Public:release/2023.8.x
CGM_Public:release/2023.9.x
CGM_Public:release/2024.1.x
CGM_Public:event-dashboard
CGM_Public:scan-debug-data
CGM_Public:pdf-fix-rotate
CGM_Public:payment-available-from2
CGM_Public:release/4.20.x
CGM_Public:release/2023.6.x
CGM_Public:release/2023.7.x
CGM_Public:new-checkin-type
CGM_Public:fix-pdf-image-multi-export
CGM_Public:fix-pdf-bg-offset
CGM_Public:fix-lazy-translation-settings
CGM_Public:add-order-min
CGM_Public:release/4.19.x
CGM_Public:idna
CGM_Public:release/4.18.x
CGM_Public:release/4.15.x
CGM_Public:release/4.16.x
CGM_Public:release/4.17.x
CGM_Public:compact-cart
CGM_Public:harmonize-checkin-export-date
CGM_Public:ocm-no-canceled
CGM_Public:widget-seating-embed
CGM_Public:guest-handling
CGM_Public:dnspython2
CGM_Public:invoice-to-other-email
CGM_Public:answer-options-csv
CGM_Public:release/4.14.x
CGM_Public:transaction-source
CGM_Public:release/4.13.x
CGM_Public:common-country-names
CGM_Public:release/4.12.x
CGM_Public:release/4.9.x
CGM_Public:release/4.11.x
CGM_Public:release/4.10.x
CGM_Public:product-list-export
CGM_Public:fix-api-operations-refresh
CGM_Public:remove-promise-from-paypal2
CGM_Public:aws_ses_454
CGM_Public:release/4.8.x
CGM_Public:release/4.5.x
CGM_Public:release/4.6.x
CGM_Public:release/4.7.x
CGM_Public:db-conn-tz
CGM_Public:hotfix
CGM_Public:release/4.3.x
CGM_Public:release/4.4.x
CGM_Public:consistency-check
CGM_Public:sticky-add-to-basket
CGM_Public:release/4.2.x
CGM_Public:release/4.1.x
CGM_Public:release/4.0.x
CGM_Public:release/3.18.x
CGM_Public:release/3.17.x
CGM_Public:waitlist_subeventpicker
CGM_Public:hotfix20210323
CGM_Public:hotfix20210325
CGM_Public:django31
CGM_Public:flaky-test
CGM_Public:release/3.16.x
CGM_Public:cancel-no-invoice
CGM_Public:release/3.15.x
CGM_Public:release/3.14.x
CGM_Public:validate-dns
CGM_Public:release/3.13.x
CGM_Public:release/3.12.x
CGM_Public:release/3.11.x
CGM_Public:docker-nginx-logs
CGM_Public:remove-reversecharge
CGM_Public:stripe-connect-2
CGM_Public:copy-from-matching-product
CGM_Public:release/3.10.x
CGM_Public:release/3.9.x
CGM_Public:gha-migrations
CGM_Public:release/3.8.x
CGM_Public:issue1575
CGM_Public:release/3.7.x
CGM_Public:release/3.6.x
CGM_Public:release/3.5.x
CGM_Public:release/3.4.x
CGM_Public:release/3.3.x
CGM_Public:stripe-connect-fees
CGM_Public:release/3.2.x
CGM_Public:release/3.1.x
CGM_Public:release/3.0.x
CGM_Public:pretixscan
CGM_Public:release/2.8.x
CGM_Public:release/2.7.x
CGM_Public:loadtest2
CGM_Public:release/2.6.x
CGM_Public:794-questions-default-value
CGM_Public:dekodi
CGM_Public:release/2.5.x
CGM_Public:loadtest
CGM_Public:selfcancel-positions
CGM_Public:searchindex
CGM_Public:release/2.4.x
CGM_Public:release/2.3.x
CGM_Public:release/2.2.x
CGM_Public:release/2.1.x
CGM_Public:transfer-ticket
CGM_Public:release/2.0.x
CGM_Public:release/1.17.x
CGM_Public:design2.0
CGM_Public:release/1.16.x
CGM_Public:release/1.15.x
CGM_Public:release/1.14.x
CGM_Public:release/1.13.x
CGM_Public:release/1.12.x
CGM_Public:release/1.11.x
CGM_Public:release/1.10.x
CGM_Public:release/1.9.x
CGM_Public:release/1.8.x
CGM_Public:release/1.7.x
CGM_Public:new-placeholders
CGM_Public:release/1.4.x
CGM_Public:release/1.5.x
CGM_Public:release/1.6.x
CGM_Public:custom-manager
CGM_Public:release/1.1.x
CGM_Public:release/1.2.x
CGM_Public:release/1.3.x
CGM_Public:release/1.0.x
CGM_Public:voucher-wizard
CGM_Public:shorter-locking
CGM_Public:v2026.1.2
CGM_Public:v2026.2.1
CGM_Public:v2026.3.1
CGM_Public:v2026.3.0
CGM_Public:v2026.2.0
CGM_Public:v2025.9.4
CGM_Public:v2025.10.2
CGM_Public:v2026.1.1
CGM_Public:v2026.1.0
CGM_Public:v2025.10.1
CGM_Public:v2025.9.3
CGM_Public:v2025.8.3
CGM_Public:v2025.10.0
CGM_Public:v2025.7.3
CGM_Public:v2025.9.2
CGM_Public:v2025.8.2
CGM_Public:v2025.8.1
CGM_Public:v2025.9.1
CGM_Public:v2025.7.2
CGM_Public:v2025.9.0
CGM_Public:v2025.8.0
CGM_Public:v2025.7.1
CGM_Public:v2025.7.0
CGM_Public:v2025.6.0
CGM_Public:v2025.5.0
CGM_Public:v2025.4.0
CGM_Public:v2025.3.0
CGM_Public:v2025.2.0
CGM_Public:v2025.1.0
CGM_Public:v2024.11.0
CGM_Public:v2024.10.0
CGM_Public:v2024.9.0
CGM_Public:v2024.8.0
CGM_Public:v2024.7.1
CGM_Public:v2024.6.1
CGM_Public:v2024.5.1
CGM_Public:v2024.7.0
CGM_Public:v2024.6.0
CGM_Public:v2024.5.0
CGM_Public:v2024.4.0
CGM_Public:v2024.3.0
CGM_Public:v2024.2.0
CGM_Public:v2023.10.2
CGM_Public:v2023.8.1.post1
CGM_Public:v2023.9.1.post1
CGM_Public:v2023.8.1
CGM_Public:v2023.9.1
CGM_Public:v2024.1.1
CGM_Public:v2024.1.0
CGM_Public:v2023.10.1.post1
CGM_Public:v2023.10.1
CGM_Public:v2023.10.0
CGM_Public:v2023.9.0
CGM_Public:v2023.8.0
CGM_Public:v2023.6.3
CGM_Public:v4.20.4
CGM_Public:v2023.7.3
CGM_Public:v4.20.3
CGM_Public:v2023.6.2
CGM_Public:v2023.7.2
CGM_Public:v4.20.2.post1
CGM_Public:v4.20.2
CGM_Public:v2023.6.1
CGM_Public:v2023.7.1
CGM_Public:v2023.7.0
CGM_Public:v2023.6.0
CGM_Public:v4.20.1
CGM_Public:v4.20.0
CGM_Public:v4.19.0.post1
CGM_Public:v4.19.0
CGM_Public:v4.18.2.post1
CGM_Public:v4.18.2
CGM_Public:v4.18.1
CGM_Public:v4.18.0
CGM_Public:v4.15.1
CGM_Public:v4.16.1
CGM_Public:v4.17.1
CGM_Public:v4.17.0
CGM_Public:v4.16.0
CGM_Public:v4.15.0
CGM_Public:v4.14.0
CGM_Public:v4.13.1
CGM_Public:v4.13.0
CGM_Public:v4.12.0
CGM_Public:v4.9.1
CGM_Public:v4.10.1
CGM_Public:v4.11.1
CGM_Public:v4.11.0
CGM_Public:v4.10.0
CGM_Public:v4.9.0
CGM_Public:v4.8.0
CGM_Public:v4.5.2
CGM_Public:v4.6.1
CGM_Public:v4.7.1
CGM_Public:v4.7.0
CGM_Public:v4.6.0
CGM_Public:v4.3.1
CGM_Public:v4.4.1
CGM_Public:v4.5.1
CGM_Public:v4.5.0
CGM_Public:a
CGM_Public:v4.4.0
CGM_Public:v4.3.0
CGM_Public:v4.2.0
CGM_Public:v4.1.0.post1
CGM_Public:v4.1.0
CGM_Public:v4.0.0
CGM_Public:v3.18.0
CGM_Public:v3.17.2
CGM_Public:v3.17.1
CGM_Public:v3.17.0
CGM_Public:v3.16.0
CGM_Public:v3.15.0
CGM_Public:v3.14.2
CGM_Public:v3.14.1
CGM_Public:v3.14.0
CGM_Public:v3.13.1
CGM_Public:v3.12.1
CGM_Public:v3.11.1
CGM_Public:v3.13.0
CGM_Public:v3.12.0
CGM_Public:v3.11.0
CGM_Public:v3.10.0
CGM_Public:v3.9.0
CGM_Public:v3.8.0
CGM_Public:v3.7.0
CGM_Public:v3.6.0
CGM_Public:v3.5.0
CGM_Public:v3.4.0
CGM_Public:v3.3.0
CGM_Public:v3.2.0
CGM_Public:v3.1.0
CGM_Public:v3.0.1
CGM_Public:v3.0.0
CGM_Public:v2.8.2
CGM_Public:v2.8.1
CGM_Public:v2.8.0
CGM_Public:v2.7.2
CGM_Public:v2.7.1
CGM_Public:v2.7.0
CGM_Public:s
CGM_Public:v2.6.0
CGM_Public:v2.5.0
CGM_Public:v2.4.0
CGM_Public:v2.3.0
CGM_Public:v2.2.0
CGM_Public:v2.1.0
CGM_Public:v2.0.0
CGM_Public:v1.17.1
CGM_Public:v1.17.0
CGM_Public:v1.16.0
CGM_Public:v1.15.2
CGM_Public:v1.15.1
CGM_Public:v1.15.0
CGM_Public:v1.14.0
CGM_Public:v1.13.1
CGM_Public:v1.13.0
CGM_Public:v1.12.1
CGM_Public:v1.12.0
CGM_Public:v1.11.1
CGM_Public:v1.11.0
CGM_Public:v1.10.1
CGM_Public:v1.10.0
CGM_Public:v1.9.1
CGM_Public:v1.8.1
CGM_Public:v1.7.2
CGM_Public:v1.9.0
CGM_Public:v1.8.0
CGM_Public:v1.7.1
CGM_Public:v1.7.0
CGM_Public:v1.4.1
CGM_Public:v1.5.2
CGM_Public:v1.6.2
CGM_Public:v1.6.1
CGM_Public:v1.6.0
CGM_Public:v1.5.1
CGM_Public:v1.5.0
CGM_Public:v1.4.0
CGM_Public:v1.1.3
CGM_Public:v1.2.2
CGM_Public:v1.3.1
CGM_Public:v1.3.0
CGM_Public:v1.2.1
CGM_Public:v1.2.0
CGM_Public:v1.1.2
CGM_Public:v1.1.1
CGM_Public:v1.1.0
CGM_Public:1.0.0
CGM_Public:1.0.0b2
CGM_Public:1.0.0b1
...
pull from: CGM_Public:filter-nullbytes
CGM_Public:pajowu/ssrf_smtp
CGM_Public:dependabot/pip/fakeredis-eq-2.35.star
CGM_Public:customeraccounts_filter
CGM_Public:fix-delete-cookies-partitioned
CGM_Public:master
CGM_Public:filter-nullbytes
CGM_Public:dependabot/pip/stripe-eq-15.0.star
CGM_Public:luelista/event-list-type
CGM_Public:pajowu/mixed_csrf_middlewares
CGM_Public:order-api-voucher-race
CGM_Public:release/2026.1.x
CGM_Public:release/2026.2.x
CGM_Public:release/2026.3.x
CGM_Public:stable
CGM_Public:fix-csv-import
CGM_Public:pajowu/test_cleanup
CGM_Public:exporter-auth-infos
CGM_Public:dependabot/npm_and_yarn/src/pretix/static/npm_dir/babel/preset-env-7.29.2
CGM_Public:pajowu/sendmail_status_filter
CGM_Public:position-add-multi
CGM_Public:pajowu/button-reuse-cart
CGM_Public:less-cart-sessions
CGM_Public:payment-details-fallback
CGM_Public:pajowu/mail_guid
CGM_Public:pajowu/eventlist_filter
CGM_Public:questions-vue3
CGM_Public:ai-policy
CGM_Public:2fa-bigradio
CGM_Public:ssrf-protect-by-default
CGM_Public:2fa-flowtoken
CGM_Public:dependabot/pip/requests-eq-2.33.star
CGM_Public:calendar-nav-icon
CGM_Public:cleanup-dead-widgets
CGM_Public:self-service-storno
CGM_Public:dependabot/pip/djangorestframework-eq-3.17.star
CGM_Public:fix-no-orgs
CGM_Public:pajowu/pagination_one
CGM_Public:fix-missing-exporters
CGM_Public:dependabot/pip/pypdf-eq-6.9.star
CGM_Public:file-disposition-inline
CGM_Public:use_gift_cards-docs-cleanup
CGM_Public:reusablemedium-multiop
CGM_Public:lbo-api-giftcard-payment
CGM_Public:fix-log-display-team-invite-delete
CGM_Public:plugin-avail-per-event
CGM_Public:db-ro-user
CGM_Public:peppol-be-autofill-fix
CGM_Public:peppol-be-id-validation
CGM_Public:error-pages-theme
CGM_Public:voucher-csv-vol
CGM_Public:timemachine-limits
CGM_Public:lbo-add-organizer-op-endpoint
CGM_Public:vat-validate-log
CGM_Public:recalculate-zero
CGM_Public:ppv2_created_payments
CGM_Public:datasync-logging
CGM_Public:webhook-acceptor-slugs
CGM_Public:lbo-waitinglist-edit
CGM_Public:fix-mails-stuck
CGM_Public:fix-safari-cookie-partitioned
CGM_Public:pp_pending_captures
CGM_Public:add-acceptor-slug
CGM_Public:hardening-2fa
CGM_Public:pajowu/plainhtmlalternative_placeholder
CGM_Public:voucher-field-label
CGM_Public:error-back-remove
CGM_Public:mail-html-templates
CGM_Public:mail-perf
CGM_Public:release/2025.9.x
CGM_Public:release/2025.10.x
CGM_Public:move-request-get-items-to-ctx
CGM_Public:fix-order-company-display
CGM_Public:fix-mail-headers-none
CGM_Public:dependabot/npm_and_yarn/src/pretix/static/npm_dir/babel/core-7.29.0
CGM_Public:outgoingmail-from-header
CGM_Public:order-change-out-of-timeframe-fix
CGM_Public:lbo-giftcard-webhooks
CGM_Public:apidoc-device-cleanup
CGM_Public:fix-escape-braces
CGM_Public:payment-unlock-fixes
CGM_Public:invoices-only-b2b
CGM_Public:lbo-fix-filter
CGM_Public:programtime-locations
CGM_Public:export-overview-skip-empty
CGM_Public:fix-programtime-queries
CGM_Public:fix-api-expand
CGM_Public:dependabot/pip/django-oauth-toolkit-eq-3.2.star
CGM_Public:rounding-down-consumer-friendly
CGM_Public:release/2025.8.x
CGM_Public:Add-Promptpay-for-stripe
CGM_Public:answer-export
CGM_Public:release/2025.7.x
CGM_Public:logentrytype-schema
CGM_Public:dependent-on-cc
CGM_Public:attendee-mails-default
CGM_Public:fix-rrule
CGM_Public:exports-repeatable-read
CGM_Public:order-import-logentries-bulk
CGM_Public:notification-bulk-check
CGM_Public:revert-5452-invoice-plugin-data
CGM_Public:img-srcset
CGM_Public:add-category-btn
CGM_Public:org-level-plugin
CGM_Public:plugins-page-fix
CGM_Public:release/2025.6.x
CGM_Public:pdf-editor-areyousure
CGM_Public:api-expand-generic
CGM_Public:event-title-everywhere
CGM_Public:a11y-improve-renew-feedback
CGM_Public:release/2025.5.x
CGM_Public:stripe_12x
CGM_Public:dialog-backdrop-click-close
CGM_Public:a11y-fix-waitinglist-link
CGM_Public:a11y-placeolder-contrast
CGM_Public:cart-renewal-ui-html5dialog
CGM_Public:cart-renewal-ui
CGM_Public:tooltip-a11y
CGM_Public:a11y-widget-fix-filter-dropdown
CGM_Public:a11y-common-modal-dialogs
CGM_Public:a11y-fix-datepicker-error
CGM_Public:release/2025.4.x
CGM_Public:release/2025.3.x
CGM_Public:fix-customer-create-race-condition
CGM_Public:scheduledmail-subevent-missing
CGM_Public:fix-widget-data-3rdparty
CGM_Public:release/2025.2.x
CGM_Public:lists-for-failed-checkin
CGM_Public:fix-widget-data-overwrite
CGM_Public:fix-copy-to-first-matching
CGM_Public:headless
CGM_Public:release/2025.1.x
CGM_Public:a11y-autofocus-tabindex
CGM_Public:widget-cookiebot
CGM_Public:fix-shipping-form
CGM_Public:addressform-err-handling
CGM_Public:release/2024.11.x
CGM_Public:quota-lock-log
CGM_Public:checkin-present-filter-perf
CGM_Public:fix-cond-display
CGM_Public:release/2024.10.x
CGM_Public:hacky-debug-output
CGM_Public:hacky-debug-output-reruns
CGM_Public:ci-more-threads
CGM_Public:before-fakeredis-update
CGM_Public:actions-debug-postgres-1
CGM_Public:actions-fix-postgres
CGM_Public:manual-installation
CGM_Public:subevent-empty-avoid
CGM_Public:release/2024.9.x
CGM_Public:release/2024.8.x
CGM_Public:release/2024.7.x
CGM_Public:release/2024.6.x
CGM_Public:release/2024.5.x
CGM_Public:fix-stripe-sca-sandbox
CGM_Public:order-nullability
CGM_Public:pytest-no-pending
CGM_Public:daterange-test-foo
CGM_Public:fix-checkbox-disabled-label-refactor
CGM_Public:fix-mail-preview-brackets-mismatch
CGM_Public:multi-subevent-cart-add
CGM_Public:release/2024.4.x
CGM_Public:release/2024.3.x
CGM_Public:back-to-the-future
CGM_Public:release/2024.2.x
CGM_Public:release/2023.10.x
CGM_Public:release/2023.8.x
CGM_Public:release/2023.9.x
CGM_Public:release/2024.1.x
CGM_Public:event-dashboard
CGM_Public:scan-debug-data
CGM_Public:pdf-fix-rotate
CGM_Public:payment-available-from2
CGM_Public:release/4.20.x
CGM_Public:release/2023.6.x
CGM_Public:release/2023.7.x
CGM_Public:new-checkin-type
CGM_Public:fix-pdf-image-multi-export
CGM_Public:fix-pdf-bg-offset
CGM_Public:fix-lazy-translation-settings
CGM_Public:add-order-min
CGM_Public:release/4.19.x
CGM_Public:idna
CGM_Public:release/4.18.x
CGM_Public:release/4.15.x
CGM_Public:release/4.16.x
CGM_Public:release/4.17.x
CGM_Public:compact-cart
CGM_Public:harmonize-checkin-export-date
CGM_Public:ocm-no-canceled
CGM_Public:widget-seating-embed
CGM_Public:guest-handling
CGM_Public:dnspython2
CGM_Public:invoice-to-other-email
CGM_Public:answer-options-csv
CGM_Public:release/4.14.x
CGM_Public:transaction-source
CGM_Public:release/4.13.x
CGM_Public:common-country-names
CGM_Public:release/4.12.x
CGM_Public:release/4.9.x
CGM_Public:release/4.11.x
CGM_Public:release/4.10.x
CGM_Public:product-list-export
CGM_Public:fix-api-operations-refresh
CGM_Public:remove-promise-from-paypal2
CGM_Public:aws_ses_454
CGM_Public:release/4.8.x
CGM_Public:release/4.5.x
CGM_Public:release/4.6.x
CGM_Public:release/4.7.x
CGM_Public:db-conn-tz
CGM_Public:hotfix
CGM_Public:release/4.3.x
CGM_Public:release/4.4.x
CGM_Public:consistency-check
CGM_Public:sticky-add-to-basket
CGM_Public:release/4.2.x
CGM_Public:release/4.1.x
CGM_Public:release/4.0.x
CGM_Public:release/3.18.x
CGM_Public:release/3.17.x
CGM_Public:waitlist_subeventpicker
CGM_Public:hotfix20210323
CGM_Public:hotfix20210325
CGM_Public:django31
CGM_Public:flaky-test
CGM_Public:release/3.16.x
CGM_Public:cancel-no-invoice
CGM_Public:release/3.15.x
CGM_Public:release/3.14.x
CGM_Public:validate-dns
CGM_Public:release/3.13.x
CGM_Public:release/3.12.x
CGM_Public:release/3.11.x
CGM_Public:docker-nginx-logs
CGM_Public:remove-reversecharge
CGM_Public:stripe-connect-2
CGM_Public:copy-from-matching-product
CGM_Public:release/3.10.x
CGM_Public:release/3.9.x
CGM_Public:gha-migrations
CGM_Public:release/3.8.x
CGM_Public:issue1575
CGM_Public:release/3.7.x
CGM_Public:release/3.6.x
CGM_Public:release/3.5.x
CGM_Public:release/3.4.x
CGM_Public:release/3.3.x
CGM_Public:stripe-connect-fees
CGM_Public:release/3.2.x
CGM_Public:release/3.1.x
CGM_Public:release/3.0.x
CGM_Public:pretixscan
CGM_Public:release/2.8.x
CGM_Public:release/2.7.x
CGM_Public:loadtest2
CGM_Public:release/2.6.x
CGM_Public:794-questions-default-value
CGM_Public:dekodi
CGM_Public:release/2.5.x
CGM_Public:loadtest
CGM_Public:selfcancel-positions
CGM_Public:searchindex
CGM_Public:release/2.4.x
CGM_Public:release/2.3.x
CGM_Public:release/2.2.x
CGM_Public:release/2.1.x
CGM_Public:transfer-ticket
CGM_Public:release/2.0.x
CGM_Public:release/1.17.x
CGM_Public:design2.0
CGM_Public:release/1.16.x
CGM_Public:release/1.15.x
CGM_Public:release/1.14.x
CGM_Public:release/1.13.x
CGM_Public:release/1.12.x
CGM_Public:release/1.11.x
CGM_Public:release/1.10.x
CGM_Public:release/1.9.x
CGM_Public:release/1.8.x
CGM_Public:release/1.7.x
CGM_Public:new-placeholders
CGM_Public:release/1.4.x
CGM_Public:release/1.5.x
CGM_Public:release/1.6.x
CGM_Public:custom-manager
CGM_Public:release/1.1.x
CGM_Public:release/1.2.x
CGM_Public:release/1.3.x
CGM_Public:release/1.0.x
CGM_Public:voucher-wizard
CGM_Public:shorter-locking
CGM_Public:v2026.1.2
CGM_Public:v2026.2.1
CGM_Public:v2026.3.1
CGM_Public:v2026.3.0
CGM_Public:v2026.2.0
CGM_Public:v2025.9.4
CGM_Public:v2025.10.2
CGM_Public:v2026.1.1
CGM_Public:v2026.1.0
CGM_Public:v2025.10.1
CGM_Public:v2025.9.3
CGM_Public:v2025.8.3
CGM_Public:v2025.10.0
CGM_Public:v2025.7.3
CGM_Public:v2025.9.2
CGM_Public:v2025.8.2
CGM_Public:v2025.8.1
CGM_Public:v2025.9.1
CGM_Public:v2025.7.2
CGM_Public:v2025.9.0
CGM_Public:v2025.8.0
CGM_Public:v2025.7.1
CGM_Public:v2025.7.0
CGM_Public:v2025.6.0
CGM_Public:v2025.5.0
CGM_Public:v2025.4.0
CGM_Public:v2025.3.0
CGM_Public:v2025.2.0
CGM_Public:v2025.1.0
CGM_Public:v2024.11.0
CGM_Public:v2024.10.0
CGM_Public:v2024.9.0
CGM_Public:v2024.8.0
CGM_Public:v2024.7.1
CGM_Public:v2024.6.1
CGM_Public:v2024.5.1
CGM_Public:v2024.7.0
CGM_Public:v2024.6.0
CGM_Public:v2024.5.0
CGM_Public:v2024.4.0
CGM_Public:v2024.3.0
CGM_Public:v2024.2.0
CGM_Public:v2023.10.2
CGM_Public:v2023.8.1.post1
CGM_Public:v2023.9.1.post1
CGM_Public:v2023.8.1
CGM_Public:v2023.9.1
CGM_Public:v2024.1.1
CGM_Public:v2024.1.0
CGM_Public:v2023.10.1.post1
CGM_Public:v2023.10.1
CGM_Public:v2023.10.0
CGM_Public:v2023.9.0
CGM_Public:v2023.8.0
CGM_Public:v2023.6.3
CGM_Public:v4.20.4
CGM_Public:v2023.7.3
CGM_Public:v4.20.3
CGM_Public:v2023.6.2
CGM_Public:v2023.7.2
CGM_Public:v4.20.2.post1
CGM_Public:v4.20.2
CGM_Public:v2023.6.1
CGM_Public:v2023.7.1
CGM_Public:v2023.7.0
CGM_Public:v2023.6.0
CGM_Public:v4.20.1
CGM_Public:v4.20.0
CGM_Public:v4.19.0.post1
CGM_Public:v4.19.0
CGM_Public:v4.18.2.post1
CGM_Public:v4.18.2
CGM_Public:v4.18.1
CGM_Public:v4.18.0
CGM_Public:v4.15.1
CGM_Public:v4.16.1
CGM_Public:v4.17.1
CGM_Public:v4.17.0
CGM_Public:v4.16.0
CGM_Public:v4.15.0
CGM_Public:v4.14.0
CGM_Public:v4.13.1
CGM_Public:v4.13.0
CGM_Public:v4.12.0
CGM_Public:v4.9.1
CGM_Public:v4.10.1
CGM_Public:v4.11.1
CGM_Public:v4.11.0
CGM_Public:v4.10.0
CGM_Public:v4.9.0
CGM_Public:v4.8.0
CGM_Public:v4.5.2
CGM_Public:v4.6.1
CGM_Public:v4.7.1
CGM_Public:v4.7.0
CGM_Public:v4.6.0
CGM_Public:v4.3.1
CGM_Public:v4.4.1
CGM_Public:v4.5.1
CGM_Public:v4.5.0
CGM_Public:a
CGM_Public:v4.4.0
CGM_Public:v4.3.0
CGM_Public:v4.2.0
CGM_Public:v4.1.0.post1
CGM_Public:v4.1.0
CGM_Public:v4.0.0
CGM_Public:v3.18.0
CGM_Public:v3.17.2
CGM_Public:v3.17.1
CGM_Public:v3.17.0
CGM_Public:v3.16.0
CGM_Public:v3.15.0
CGM_Public:v3.14.2
CGM_Public:v3.14.1
CGM_Public:v3.14.0
CGM_Public:v3.13.1
CGM_Public:v3.12.1
CGM_Public:v3.11.1
CGM_Public:v3.13.0
CGM_Public:v3.12.0
CGM_Public:v3.11.0
CGM_Public:v3.10.0
CGM_Public:v3.9.0
CGM_Public:v3.8.0
CGM_Public:v3.7.0
CGM_Public:v3.6.0
CGM_Public:v3.5.0
CGM_Public:v3.4.0
CGM_Public:v3.3.0
CGM_Public:v3.2.0
CGM_Public:v3.1.0
CGM_Public:v3.0.1
CGM_Public:v3.0.0
CGM_Public:v2.8.2
CGM_Public:v2.8.1
CGM_Public:v2.8.0
CGM_Public:v2.7.2
CGM_Public:v2.7.1
CGM_Public:v2.7.0
CGM_Public:s
CGM_Public:v2.6.0
CGM_Public:v2.5.0
CGM_Public:v2.4.0
CGM_Public:v2.3.0
CGM_Public:v2.2.0
CGM_Public:v2.1.0
CGM_Public:v2.0.0
CGM_Public:v1.17.1
CGM_Public:v1.17.0
CGM_Public:v1.16.0
CGM_Public:v1.15.2
CGM_Public:v1.15.1
CGM_Public:v1.15.0
CGM_Public:v1.14.0
CGM_Public:v1.13.1
CGM_Public:v1.13.0
CGM_Public:v1.12.1
CGM_Public:v1.12.0
CGM_Public:v1.11.1
CGM_Public:v1.11.0
CGM_Public:v1.10.1
CGM_Public:v1.10.0
CGM_Public:v1.9.1
CGM_Public:v1.8.1
CGM_Public:v1.7.2
CGM_Public:v1.9.0
CGM_Public:v1.8.0
CGM_Public:v1.7.1
CGM_Public:v1.7.0
CGM_Public:v1.4.1
CGM_Public:v1.5.2
CGM_Public:v1.6.2
CGM_Public:v1.6.1
CGM_Public:v1.6.0
CGM_Public:v1.5.1
CGM_Public:v1.5.0
CGM_Public:v1.4.0
CGM_Public:v1.1.3
CGM_Public:v1.2.2
CGM_Public:v1.3.1
CGM_Public:v1.3.0
CGM_Public:v1.2.1
CGM_Public:v1.2.0
CGM_Public:v1.1.2
CGM_Public:v1.1.1
CGM_Public:v1.1.0
CGM_Public:1.0.0
CGM_Public:1.0.0b2
CGM_Public:1.0.0b1
1 Commits
order-api-
...
filter-nul
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Raphael Michel
|
8a88af3fca | Prevent nullbytes in input data globally |
1 changed files with 10 additions and 0 deletions
|
|
@@ -24,6 +24,7 @@ from urllib.parse import urlparse, urlsplit
|
|||
from zoneinfo import ZoneInfo, ZoneInfoNotFoundError
|
||||
|
||||
from django.conf import settings
|
||||
from django.core.exceptions import BadRequest
|
||||
from django.http import Http404, HttpRequest, HttpResponse
|
||||
from django.middleware.common import CommonMiddleware
|
||||
from django.urls import get_script_prefix, resolve
|
||||
|
|
@@ -346,6 +347,15 @@ class SecurityMiddleware(MiddlewareMixin):
|
|||
|
||||
return resp
|
||||
|
||||
def process_request(self, request):
|
||||
# Nullbytes in GET/POST parameters are mostly harmless, as they will later fail on database insertion, but it
|
||||
# keeps spamming our error logs whenever someone tries to run a vulnerability scanner.
|
||||
if "\x00" in request.META['QUERY_STRING'] or "%00" in request.META['QUERY_STRING']:
|
||||
raise BadRequest("Invalid characters in input.")
|
||||
if request.method in ('POST', 'PUT', 'PATCH') and request.POST:
|
||||
if any("\x00" in value for key, value_list in request.POST.lists() for value in value_list):
|
||||
raise BadRequest("Invalid characters in input.")
|
||||
|
||||
|
||||
class CustomCommonMiddleware(CommonMiddleware):
|
||||
|
||||
|
|
|
|||
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.