mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-03-13 02:40:47 +00:00
Code Issues 32 Releases Wiki Activity
33,328 Commits 29 Branches 437 Tags
Commit Graph

477 Commits

Author SHA1 Message Date
Sarah Boyce
d637e251b4 [5.2.x] Added security guideline on reasonable size limitations when rendering content via the DTL. 
This also removes the need to add warnings for every Django template filter.

Backport of 582ba18d56167587e290545f113d3956e73a5801 from main.
 2025-02-24 08:54:44 +01:00
Sarah Boyce
92d5b2f389 [5.2.x] Fixed #36182 -- Returned "?" if all parameters are removed in querystring template tag. 
Thank you to David Feeley for the report and Natalia Bidart for the review.

Backport of 05002c153c5018e4429a326a6699c7c45e5ea957 from main.
 2025-02-13 15:50:53 +01:00
ssanger
df6013b2b4 Added missing alt attribute to <img> tag in docs. 2024-10-22 14:18:20 +02:00
Marc Gibbons
6765b6adf9
Fixed #35797 -- Removed debug context processor from default project template. 2024-09-30 16:52:28 -03:00
Sarah Boyce
320dd27412 Fixed CVE-2024-45230 -- Mitigated potential DoS in urlize and urlizetrunc template filters. 
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.
 2024-09-03 09:22:32 -03:00
Matthew Somerville
fb7be022cb Updated example links in urlize docs. 
goo.gl links are being removed in 2025:
https://developers.googleblog.com/en/google-url-shortener-links-will-no-longer-be-available/
 2024-07-23 14:02:30 +02:00
nessita
cf03aa4e94
Refs #10941 -- Reorganized querystring template tag docs. 2024-07-22 10:31:54 -03:00
Sarah Boyce
27043bde5b
Refs #10941 -- Renamed query_string template tag to querystring. 2024-07-15 13:28:55 -03:00
John Higgins
60acad933d Fixed #35441 -- Documented Context and RequestContext keyword arguments. 2024-06-20 09:34:55 +02:00
Natalia
05cce083ad Removed versionadded/changed annotations for 5.0. 
This also removes remaining versionadded/changed annotations for older
versions.
 2024-05-22 15:44:07 -03:00
canhuynh1998
a7baa874d8 Fixed #35280 -- Improved iriencode filter example in docs. 2024-03-10 14:54:38 +01:00
Emmanuel Katchy
12ffcfc350 Updated "Dive Into Python" links. 2024-01-20 19:43:55 +01:00
Mariusz Felisiak
0be6dde817
Corrected code-block directives in docs. 2023-12-28 19:52:15 +01:00
Tom Carrick
e67d3580ed Fixed #10941 -- Added {% query_string %} template tag. 2023-10-26 09:57:21 +02:00
Mariusz Felisiak
718b32c691
Added missing pycon directives in various docs. 2023-10-25 12:27:27 +02:00
Natalia
17b51094d7 Fixed CVE-2023-43665 -- Mitigated potential DoS in django.utils.text.Truncator when truncating HTML text. 
Thanks Wenchao Li of Alibaba Group for the report.
 2023-10-04 09:22:26 -03:00
Mariusz Felisiak
14ef92fa9e Refs #33864 -- Removed length_is template filter per deprecation timeline. 2023-09-18 22:12:40 +02:00
Mariusz Felisiak
295467c04a Removed versionadded/changed annotations for 4.2. 
This also removes remaining versionadded/changed annotations for older
versions.
 2023-09-18 22:12:40 +02:00
Jon Ribbens
adfb3dfa89 Fixed #33405, Refs #7177 -- Clarified docs for filter escapejs regarding safe and unsafe usages. 2023-07-03 12:32:58 +02:00
Akash Kumar Sen
b0a6cc7f57 Fixed #34600 -- Removed references to bleach in docs. 2023-05-31 09:52:38 +01:00
Natalia
881cc139e2 Refs #34574, Refs #34577 -- Mentioned escapeseq filter in escape/autoescape docs. 2023-05-26 06:26:38 +02:00
Natalia
1a59a324ce Fixed #34574 -- Noted unexpected outcomes in autoescape/escape docs. 2023-05-26 06:21:46 +02:00
Arthur Moreira
061a8a1bd8 Fixed #34577 -- Added escapeseq template filter. 2023-05-22 09:58:03 +02:00
Pan Dango
12ec80726f
Corrected code-block directive in docs/ref/templates/builtins.txt. 2023-05-07 14:51:27 +02:00
Jannis Vajen
024954aad4 Corrected code-block directives in docs. 2023-05-04 14:10:11 +02:00
django-bot
14459f80ee Fixed #34140 -- Reformatted code blocks in docs with blacken-docs. 2023-03-01 13:03:56 +01:00
Joseph Victor Zammit
ba755ca131 Refs #34140 -- Corrected rst code-block and various formatting issues in docs. 2023-02-28 12:21:37 +01:00
Carlton Gibson
534ac48297 Refs #34140 -- Applied rst code-block to non-Python examples. 
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for
reviews.
 2023-02-10 19:19:13 +01:00
Mariusz Felisiak
8d98f99a4a Refs #32873 -- Removed settings.USE_L10N per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
490cccbe7e Removed versionadded/changed annotations for 4.1. 2023-01-17 11:49:15 +01:00
Jarosław Wygoda
32940d390a Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings. 2023-01-12 09:58:36 +01:00
Nick Pope
4d4bf55e0e Fixed #33864 -- Deprecated length_is template filter. 2022-07-23 12:36:21 +02:00
Victor
2fac0a1808
Fixed #33317 -- Added note about unconditional evaluation of {% block %} tags. 2022-07-22 10:09:29 +02:00
Mariusz Felisiak
ac90529cc5 Fixed docs build with sphinxcontrib-spelling 7.5.0+. 
sphinxcontrib-spelling 7.5.0+ includes captions of figures in the set
of nodes for which the text is checked.
 2022-05-31 11:17:01 +02:00
Carlton Gibson
ca1c3151c3 Removed versionadded/changed annotations for 4.0. 2022-05-17 14:22:06 +02:00
Carlton Gibson
bf7c51a5f4 Fixed #33639 -- Enabled cached template loader in development. 2022-04-19 12:13:27 +02:00
David Smith
67b5f506a6
Changed some words to use inline markup. 2022-03-10 10:18:31 +01:00
David Smith
71531cc32c
Changed "bolded" to "in bold" in docs. 2022-03-09 08:03:14 +01:00
Andrey Otto
f70a875cc0
Fixed #33530 -- Fixed typo in docs/ref/templates/builtins.txt. 2022-02-21 06:13:36 +01:00
Markus Holtermann
394517f078 Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag. 
Thanks Keryn Knight for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-02-01 07:40:51 +01:00
Claude Paroz
7c4f396509 Stopped including type="text/css" attributes for CSS link tags. 2022-01-22 16:38:14 +01:00
Mariusz Felisiak
178109c173 Corrected signatures of some functions in docs. 2022-01-10 13:30:24 +01:00
Florian Apolloner
761f449e0d Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter. 
Thanks to Dennis Brinkrolf for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-01-04 10:03:56 +01:00
Baptiste Mispelon
e6e664a711 Fixed #33302 -- Made element_id optional argument for json_script template filter. 
Added versionchanged note in documentation
 2021-11-22 11:52:19 +01:00
Mariusz Felisiak
97237ad3fe Removed versionadded/changed annotations for 3.2. 2021-09-20 21:23:01 +02:00
Mariusz Felisiak
4a43335d30
Fixed #30086, Refs #32873 -- Made floatformat template filter independent of USE_L10N. 2021-09-08 08:37:27 +02:00
Muhammad Hammad
f1d2d2679b Fixed #33067 -- Improved templatetag docs. 2021-09-03 20:08:01 +02:00
David Smith
8208381ba6 Refs #32956 -- Corrected spelling of daylight saving time. 
AP Stylebook: Saving not savings, no hyphen, and lowercase.
 2021-08-06 13:00:24 +02:00
David Smith
1024b5e74a Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate. 2021-07-29 06:24:12 +02:00
Nick Pope
c156e36955 Refs #32720 -- Updated various links in docs to avoid redirects and use HTTPS. 2021-05-17 09:46:09 +02:00