1
0
mirror of https://github.com/django/django.git synced 2025-10-26 15:16:09 +00:00
Commit Graph

743 Commits

Author SHA1 Message Date
Carl Meyer
0e03a504bf Refs #15855 -- Recommended the csrf_protect decorator rather than vary_on_cookie as workaround for cache_page caching the response before it gets to middleware.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16361 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-10 16:18:40 +00:00
Luke Plant
528157ce73 Fixed #14201 - Add a "security overview" page to the docs
Thanks to davidfischer for the initial patch!

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16360 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-10 15:14:36 +00:00
Ramiro Morales
dff31de20a Fixed #16155 -- Removed Python 2.4 compatibility constructs from code and mentions from docs. Thanks Aymeric Augustin for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16349 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-09 20:01:28 +00:00
Luke Plant
207e3ed9d5 Fixed #14206 - dynamic list_display support in admin
Thanks to gabejackson for the suggestion, and to cyrus for the patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16340 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-08 22:53:55 +00:00
Luke Plant
5434ce231d Fixed #11868 - Multiple sort in admin changelist.
Many thanks to bendavis78 for the initial patch, and for input from others.

Also fixed #7309. If people were relying on the undocumented default ordering
applied by the admin before, they will need to add 'ordering = ["-pk"]' to
their ModelAdmin.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16316 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-02 16:18:47 +00:00
Jannis Leidel
9abe734b83 Fixed #16141 -- Fixed typos in new form wizard.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16309 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-01 20:14:25 +00:00
Jannis Leidel
632dfa2338 Fixed #9200 -- Added new form wizard to formtools based on class based views. Many thanks to Stephan Jäkel, ddurham and ElliottM for their work.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16307 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-01 13:47:00 +00:00
Jannis Leidel
49f57a5d28 Fixed #15992 -- Added more references to settings. Thanks, aaugustin.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16290 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-29 17:41:04 +00:00
Jannis Leidel
61da3cc47a Fixed #16120 -- Updated a few reference links in the docs after the contributing reorganization. Thanks to Julien and Ramiro.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16289 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-29 12:47:30 +00:00
Ramiro Morales
50ad59527c Tweaked some render_to_response links in the documentation.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16255 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-21 18:36:01 +00:00
Jannis Leidel
091c9b530e Fixed #15983 and #16032 -- Another pass over the staticfiles docs. Many thanks to Frank Wiles and EvilDMP.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16235 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-18 09:51:24 +00:00
Jannis Leidel
578a31fea3 Fixed #15921 -- Refined naturaltime filter added in r16071 to use timesince and timeuntil filters as fallbacks instead of date filter.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16233 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-17 10:16:12 +00:00
Timo Graham
ce6072aa96 Fixed #15769 - Documented FormWizard's initial argument; thanks aimaz for the suggestion; jrothenbuhler for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16229 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-15 19:11:57 +00:00
Adrian Holovaty
c2ba96d8a9 Tweaked weird wording of docs/ref/contrib/humanize.txt 'naturaltime' section from [16071]
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16226 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-14 17:44:10 +00:00
Ramiro Morales
2b5730873b Added ability to describe grouping of form fields in the same row to the fields ModelAdmin attribute.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16225 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-14 16:29:39 +00:00
Simon Meers
5ecb88c146 Fixed #16014 -- numerous documentation typos -- thanks psmith.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16220 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-13 04:33:42 +00:00
Luke Plant
396bc58889 Updated AJAX example code in CSRF docs to be consistent regarding what are safe HTTP methods
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16202 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 23:46:02 +00:00
Luke Plant
cb060f0f34 Fixed #15258 - Ajax CSRF protection doesn't apply to PUT or DELETE requests
Thanks to brodie for the report, and further input from tow21

This is a potentially backwards incompatible change - if you were doing
PUT/DELETE requests and relying on the lack of protection, you will need to
update your code, as noted in the releaste notes.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16201 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 23:45:54 +00:00
Luke Plant
8cbcf1d3a6 Fixed #14134 - ability to set cookie 'path' and 'secure' attributes of CSRF cookie
Thanks to cfattarsi for the report and initial patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16200 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 23:00:22 +00:00
Luke Plant
a75120927e Added 'settings' section to CSRF docs, eliminating the unneeded 'Subdomains' section
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16199 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 23:00:10 +00:00
Luke Plant
d3641d889b Clarified wording about use of 2 decorators in CSRF docs
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16198 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 23:00:02 +00:00
Luke Plant
bf7af2be15 Added clarifying note to docs for CSRF_COOKIE_DOMAIN
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16197 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 22:59:52 +00:00
Luke Plant
b6c5f8060d Fixed #15354 - provide method to ensure CSRF token is always available for AJAX requests
Thanks to sayane for the report.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16192 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 21:35:24 +00:00
Luke Plant
e9342e9b32 Fixed #15469 - CSRF token is inserted on GET requests
Thanks to goran for report.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16191 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 19:06:57 +00:00
Luke Plant
7c648ea4aa Mentioned simplification of AJAX example code in CSRF docs.
Refs #15469. Thanks to aaugustin for the suggestion

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16190 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 19:06:49 +00:00
Luke Plant
5df93d529d Documented the edge case of needing a view that is partly CSRF protected
Refs #15518.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16189 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 18:27:52 +00:00
Luke Plant
b5da093fa9 In CSRF docs, moved 'Exceptions' section to 'Edge cases', and cleaned up some associated markup
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16188 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 18:27:45 +00:00
Luke Plant
eadcbcb131 Fixed #15518 - documented requires_csrf_token
Thanks to vzima for a report that raised the issue.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16187 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 18:27:36 +00:00
Luke Plant
1d350a6c51 Changed an example in CSRF docs to use new 'render' shortcut
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16186 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 18:27:28 +00:00
Luke Plant
ae1866ddef Fixed #15869 - example AJAX code in CSRF docs fails sometimes for IE7 or absolute same origin URLs
Thanks to nick for the report.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16183 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 15:40:01 +00:00
Jannis Leidel
8f3e1c1c63 Fixed #6392 -- Made django.contrib.humanize template tags locale aware. Thanks, Dave McLain.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16168 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-06 13:29:58 +00:00
Jannis Leidel
95dc7c7486 Fixed #15960 -- Extended list filer API added in r16144 slightly to pass the current model admin to the SimpleListFilter.lookups method to support finer grained control over what is filtered over. Many thanks to Carl Meyer and Julien Phalip for the suggestion and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16152 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-04 22:52:04 +00:00
Jannis Leidel
05b4f2ebc2 Corrected the behavior of the SimpleFilter.lookups method to also be able to return None. Also modified example in documentation to be a bite more realistic. Refs #5833. Thanks for the hint, Martin Mahner.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16150 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-03 13:52:39 +00:00
Jannis Leidel
f4860448dd Fixed #13729 -- Renamed UK localflavor to GB to correctly follow ISO 3166. Thanks, Claude Paroz.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16147 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-03 11:52:20 +00:00
Jannis Leidel
18d2f4a816 Fixed #5833 -- Modified the admin list filters to be easier to customize. Many thanks to Honza Král, Tom X. Tobin, gerdemb, eandre, sciyoshi, bendavis78 and Julien Phalip for working on this.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16144 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-03 10:44:23 +00:00
Jannis Leidel
07854d1c44 Fixed #15713 -- Added a form field for validating Polish National ID Card numbers. Thanks, xtrqt.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16116 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-28 13:20:33 +00:00
Simon Meers
013ce8aca2 Fixed #15865 -- correct class name for BaseGenericInlineFormset. Thanks leonelfreire for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16113 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-28 01:46:46 +00:00
Simon Meers
fe7695533d Fix heading formatting in localflavor docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16112 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-28 00:28:42 +00:00
Simon Meers
6d98cda03c Fixed #15830 -- Add documentation regarding localflavor i18n. Thanks framos.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16109 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-28 00:20:10 +00:00
Jannis Leidel
c8092b840b Fixed #15008 -- Replaced all calls in the admin to render_to_response with TemplateResponses for easier customization. Thanks to Chris Adams for the initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16087 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-22 18:17:16 +00:00
Ramiro Morales
13cfdb0d8b Fixed a couple of small documentation typos.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16086 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-22 14:08:31 +00:00
Jannis Leidel
7478aeb0a7 Fixed #15705 -- Added Croatian (hr) localflavor. Thanks, Zlatko Mašek and Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16077 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-22 12:03:42 +00:00
Jannis Leidel
e1f7bc0a41 Fixed #15013 -- Added Russian (ru) localflavor package. Thanks, blackraven and Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16076 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-22 12:03:30 +00:00
Jannis Leidel
ea248f0107 Fixed #12771 -- Added naturaltime filter to humanize contrib app. Thanks, phinpho, djansoft and xtrqt.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16071 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-22 12:02:47 +00:00
Jannis Leidel
8b588747ed Fixed #12379 -- Added Chinese (cn) localflavor package. Thanks, Xia Kai, Daniel Duan, DaNmarner and Łukasz Rekucki.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16070 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-22 12:02:38 +00:00
Jannis Leidel
6c17190bf8 Fixed #11639, #13618 -- Added get_prepopulated_fields method to ModelAdmin and InlineModelAdmin to be able to handle prepopulated fields on a case-by-case basis. Thanks, leanmeandonothingmachine.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16069 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-22 12:02:25 +00:00
Jannis Leidel
59d1f82634 Fixed #11251 -- Extended Australian localflavor to ship a few model fields additionally. Thanks, Simon Meers and Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16066 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-22 12:01:59 +00:00
Luke Plant
26cda43012 Switched to HTML5 doctype in all Django supplied templates.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16050 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-20 17:40:53 +00:00
Jannis Leidel
196ac8f8b3 Fixed #6213 -- Updated the flatpages app to only append a slash if the flatpage actually exist.
The FlatpageFallbackMiddleware (and the view) now only add a trailing slash and redirect if the resulting URL refers to an existing flatpage. Previously requesting /notaflatpageoravalidurl would redirect to /notaflatpageoravalidurl/, which would then raise a 404. Requesting /notaflatpageoravalidurl now will immediately raise a 404. Also, Redirects returned by flatpages are now permanent (301 status code) to match the behaviour of the CommonMiddleware.

Thanks to Steve Losh for the initial work on the patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16048 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-20 14:41:47 +00:00
Luke Plant
96520e87bd Corrected factual error regarding logging in the CSRF docs
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16047 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-20 11:39:10 +00:00