1
0
mirror of https://github.com/django/django.git synced 2025-10-24 14:16:09 +00:00
Commit Graph

457 Commits

Author SHA1 Message Date
Sarah Boyce
d147a8ebbd [4.2.x] Fixed CVE-2024-45230 -- Mitigated potential DoS in urlize and urlizetrunc template filters.
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.
2024-09-03 09:42:15 -03:00
Natalia
be9c27c4d1 [4.2.x] Fixed CVE-2023-43665 -- Mitigated potential DoS in django.utils.text.Truncator when truncating HTML text.
Thanks Wenchao Li of Alibaba Group for the report.
2023-10-04 09:39:49 -03:00
Jon Ribbens
e54f711d42 [4.2.x] Fixed #33405, Refs #7177 -- Clarified docs for filter escapejs regarding safe and unsafe usages.
Backport of adfb3dfa89 from main
2023-07-03 13:55:31 +02:00
Akash Kumar Sen
dca5f5d58a [4.2.x] Fixed #34600 -- Removed references to bleach in docs.
Backport of b0a6cc7f57 from main
2023-05-31 10:23:37 +01:00
Natalia
25bd9faf32 [4.2.x] Fixed #34574 -- Noted unexpected outcomes in autoescape/escape docs.
Backport of 1a59a324ce from main.
2023-05-26 07:50:19 +02:00
Pan Dango
bcf66f1355 [4.2.x] Corrected code-block directive in docs/ref/templates/builtins.txt.
Backport of 12ec80726f from main
2023-05-07 14:52:16 +02:00
Jannis Vajen
4eaed191b6 [4.2.x] Corrected code-block directives in docs.
Backport of 024954aad4 from main
2023-05-04 19:34:19 +02:00
django-bot
62510f01e7 [4.2.x] Fixed #34140 -- Reformatted code blocks in docs with blacken-docs. 2023-03-01 13:39:03 +01:00
Joseph Victor Zammit
5bdd6223a2 [4.2.x] Refs #34140 -- Corrected rst code-block and various formatting issues in docs.
Backport of ba755ca131 from main
2023-02-28 12:54:33 +01:00
Carlton Gibson
b784768eef [4.2.x] Refs #34140 -- Applied rst code-block to non-Python examples.
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for
reviews.

Backport of 534ac48297 from main.
2023-02-10 21:12:06 +01:00
Jarosław Wygoda
32940d390a Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings. 2023-01-12 09:58:36 +01:00
Nick Pope
4d4bf55e0e Fixed #33864 -- Deprecated length_is template filter. 2022-07-23 12:36:21 +02:00
Victor
2fac0a1808 Fixed #33317 -- Added note about unconditional evaluation of {% block %} tags. 2022-07-22 10:09:29 +02:00
Mariusz Felisiak
ac90529cc5 Fixed docs build with sphinxcontrib-spelling 7.5.0+.
sphinxcontrib-spelling 7.5.0+ includes captions of figures in the set
of nodes for which the text is checked.
2022-05-31 11:17:01 +02:00
Carlton Gibson
ca1c3151c3 Removed versionadded/changed annotations for 4.0. 2022-05-17 14:22:06 +02:00
Carlton Gibson
bf7c51a5f4 Fixed #33639 -- Enabled cached template loader in development. 2022-04-19 12:13:27 +02:00
David Smith
67b5f506a6 Changed some words to use inline markup. 2022-03-10 10:18:31 +01:00
David Smith
71531cc32c Changed "bolded" to "in bold" in docs. 2022-03-09 08:03:14 +01:00
Andrey Otto
f70a875cc0 Fixed #33530 -- Fixed typo in docs/ref/templates/builtins.txt. 2022-02-21 06:13:36 +01:00
Markus Holtermann
394517f078 Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag.
Thanks Keryn Knight for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-02-01 07:40:51 +01:00
Claude Paroz
7c4f396509 Stopped including type="text/css" attributes for CSS link tags. 2022-01-22 16:38:14 +01:00
Mariusz Felisiak
178109c173 Corrected signatures of some functions in docs. 2022-01-10 13:30:24 +01:00
Florian Apolloner
761f449e0d Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter.
Thanks to Dennis Brinkrolf for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:03:56 +01:00
Baptiste Mispelon
e6e664a711 Fixed #33302 -- Made element_id optional argument for json_script template filter.
Added versionchanged note in documentation
2021-11-22 11:52:19 +01:00
Mariusz Felisiak
97237ad3fe Removed versionadded/changed annotations for 3.2. 2021-09-20 21:23:01 +02:00
Mariusz Felisiak
4a43335d30 Fixed #30086, Refs #32873 -- Made floatformat template filter independent of USE_L10N. 2021-09-08 08:37:27 +02:00
Muhammad Hammad
f1d2d2679b Fixed #33067 -- Improved templatetag docs. 2021-09-03 20:08:01 +02:00
David Smith
8208381ba6 Refs #32956 -- Corrected spelling of daylight saving time.
AP Stylebook: Saving not savings, no hyphen, and lowercase.
2021-08-06 13:00:24 +02:00
David Smith
1024b5e74a Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate. 2021-07-29 06:24:12 +02:00
Nick Pope
c156e36955 Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS. 2021-05-17 09:46:09 +02:00
Nick Pope
34363a391b Fixed #32735 -- Made DateFormat.Y() return a zero-padded year. 2021-05-12 08:17:06 +02:00
tim-mccurrach
7587139d35 Fixed #20423 -- Doc'd that DTL variable names may not be a number. 2021-02-26 21:02:37 +01:00
Adam Johnson
0963f184ab Documented an example custom context processor. 2021-02-11 14:36:32 +01:00
Mariusz Felisiak
e7208f13c0 Refs #25236 -- Removed {% ifequal %} and {% ifnotequal %} template tags per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak
b7dd89ed53 Removed versionadded/changed annotations for 3.1. 2021-01-14 17:50:04 +01:00
Roland Geider
3363cf4225 Fixed typo in docs/ref/templates/builtins.txt. 2021-01-04 07:34:53 +01:00
Sam
895f6e4992 Fixed #32149 -- Added support for years < 1000 to DateFormat.y(). 2020-11-12 12:43:06 +01:00
Nikita Sobolev
42f3fafdfa Updated {% static %} tag examples in docs to use single quotes where appropriate. 2020-11-02 10:34:24 +01:00
Jacob Walls
ac6c426007 Fixed #20601 -- Allowed forcing format with thousand separators in floatformat filter.
Thanks Claude Paroz and Nick Pope for reviews.
2020-10-13 10:36:46 +02:00
David Smith
2c2f4b3799 Fixed #29336 -- Doc'd circular template inheritance 2020-08-05 11:36:14 +02:00
Adam Johnson
2afa61e7d9 Refs #31493 -- Replaced var with const/let in documentation JS. 2020-06-24 12:20:57 +02:00
Chris May
ecaac9e42f Fixed typo in docs/ref/templates/language.txt. 2020-06-01 20:51:54 +02:00
Jon Dufresne
72a170b4c3 Fixed #25236 -- Deprecated {% ifequal %} and {% ifnotequal %} template tags.
The {% if %} tag provides all features of these tags.

Since Django 1.2 (May 17, 2010), the docs have hinted that
{% ifequal %} and {% ifnotequal %} will be deprecated in a future
Django version. Time to make it official.
2020-05-11 09:07:33 +02:00
Adam Johnson
d17b380653 Refs #30573 -- Rephrased "Of Course" and "Obvious(ly)" in documentation and comments. 2020-05-04 12:10:47 +02:00
David Smith
e0757c49ac Updated template language philosophy in DTL docs. 2020-04-23 20:42:55 +02:00
Mariusz Felisiak
fc0b48d2e7 Fixed typo in docs/ref/templates/builtins.txt. 2020-04-15 10:41:19 +02:00
Mariusz Felisiak
678f958ef9 Fixed highlightlang deprecation warning on Sphinx 1.8+. 2020-04-07 09:48:52 +02:00
Keshav Kumar
f37d548ede Fixed #20995 -- Added support for iterables of template names to {% include %} template tag.
Thanks Adam Johnson for the review.
2020-02-18 06:56:05 +01:00
Mariusz Felisiak
0ac8ac8b0d Refs #25778 -- Updated some links to HTTPS and new locations. 2020-01-29 09:34:37 +01:00
Mike Hansen
d291c72bf2 Fixed #30585 -- Added {% translate %} and {% blocktranslate %} template tags. 2019-12-18 13:15:38 +01:00