1
0
mirror of https://github.com/django/django.git synced 2025-10-26 07:06:08 +00:00
Commit Graph

131 Commits

Author SHA1 Message Date
Jacob Kaplan-Moss
d78e08f4a0 Updated the contributing document to accurately reflect our security process.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16032 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-17 14:13:19 +00:00
Luke Plant
8d4b414760 Fixed #15757 - removed remaining instances of get_and_delete_messages
Thanks to void for the report, and julien for the bulk of the patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16022 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-07 22:01:23 +00:00
Russell Keith-Magee
576606a6f2 Advanced deprecations in core.cache.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15977 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-02 08:37:15 +00:00
Adrian Holovaty
94af19c43f Changed e-mail to email throughout documentation and codebase. The one exception is translation strings, which I didn't want to disrupt
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15967 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-01 16:10:22 +00:00
Luke Plant
16f6acdb89 Deprecated csrf_response_exempt and csrf_view_exempt decorators
With the removal of CsrfResponseMiddleware, csrf_response_exempt serves no
purposes, and csrf_exempt and csrf_view_exempt perform the same function.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15956 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-30 17:35:41 +00:00
Jannis Leidel
37ed6f2681 Re-added a few compatibility modules that were removed in r15927 to lower the impact on 3rd party apps.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15944 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-30 08:34:05 +00:00
James Bennett
a5d373a463 Update release notes and other docs for impending 1.3.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15892 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-22 06:57:12 +00:00
Idan Gazit
6d8853b7c8 Added Idan to committers.txt. Wahoo!
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15890 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-22 01:16:28 +00:00
Adrian Holovaty
12a2a23100 Reworded part of 'Running only some of the tests' in docs/internals/contributing.txt
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15799 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-14 05:34:28 +00:00
Russell Keith-Magee
d1290b5b43 Fixed #3094 -- Accelerated deprecation of XMLField, since it hasn't served any useful purpose since oldforms. Thanks to PaulM for driving the issue and providing the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15723 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-03 13:28:20 +00:00
Gabriel Hurley
2b7b468325 Fixed #14702 -- Added a "needsinfo" resolution to Trac, and added supporting documentation on the new resolution and closing tickets in general.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15665 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-27 22:13:07 +00:00
Gabriel Hurley
c250b8840b Fixed #14401 -- Added a contributing howto guide for new users. Thank you to everyone who added their advice, feedback, and wisdom to the wiki article while constructing this new guide.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15645 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-25 02:45:48 +00:00
Russell Keith-Magee
7aa84917a4 Fixed #15299 -- Started the process of migrating the auth context processor support classes into the auth context processor module. Thanks to shailesh for the report, and v1v3kn for the draft patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15635 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-23 13:36:58 +00:00
Gabriel Hurley
8ee9a4627e Fixed #15341 -- Clarified where translation problems should be reported in the contributing docs. Thanks to bpeschier for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15590 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-19 23:59:59 +00:00
Russell Keith-Magee
a5cac772b6 Fixed #13662 -- Added an entry in the README to direct people to the instructions for running the test suite, and cleaned up that section of the docs. Thanks to mir for the report, and to cogat and gg for the draft text.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15342 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-27 03:14:49 +00:00
Luke Plant
42c31f6bf0 Rationalised CompatCookie/SimpleCookie into single SimpleCookie class with all fixes.
Since upstream Python has fixed the encoding bug (see
http://bugs.python.org/issue9824), we don't want a separate class for this
bug fix, or several layers for the different fixes.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15298 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-24 20:35:46 +00:00
Jannis Leidel
70a2a71c9b Update contributing documentation for changed translation policy.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15275 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-21 19:37:16 +00:00
Carl Meyer
f399f8bd71 Corrected an outdated reference to cmemcache in contributing docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15247 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-19 20:37:58 +00:00
Jannis Leidel
544ab30ed7 Fixed #6218 -- Made MEDIA_URL and STATIC_URL require a trailing slash to ensure there is a consistent way to combine paths in templates. Thanks to Michael Toomim, Chris Heisel and Chris Beaven.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15130 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-02 01:33:11 +00:00
Justin Bronn
5fddfda559 Fixed #13788 -- GEOSGeometry.transform no longer silently no-ops when GDAL isn't available. Thanks, Rob Coup.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15025 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-22 17:43:30 +00:00
Justin Bronn
b6ab88c34a Fixed #14439 -- Improved documentation for running the GeoDjango test suite.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15015 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-22 00:21:35 +00:00
Jannis Leidel
745c255a19 Fixed #14249 -- Added support for inactive users to the auth backend system. Thanks, Harro van der Klauw.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15010 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-21 19:18:12 +00:00
Russell Keith-Magee
673e6fc7fb Fixed #11675 -- Added support for the PyLibMC cache library. In order to support this, and clean up some other 1.3 caching additions, this patch also includes some changes to the way caches are defined. This means you can now have multiple caches, in the same way you have multiple databases. A huge thanks to Jacob Burch for the work on the PyLibMC backend, and to Jannis for his work on the cache definition changes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15005 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-21 15:19:19 +00:00
Jannis Leidel
a03a8adb3e Fixed #14268 -- Start the deprecation of the reset and sqlreset management command. Thanks, Carl.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14888 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-12 22:58:25 +00:00
Timo Graham
37d50ac12f Add myself to committers
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14701 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-26 12:30:25 +00:00
Russell Keith-Magee
7ff5580d95 Fixed #14389, #9666 -- Started the migration path to make the first argument to url and ssi template tags syntactically consistent with other tags. Thanks to Sean Brant for the draft patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14643 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-20 06:22:28 +00:00
Carl Meyer
59c84b4391 Bumped documentation-building requirements to Sphinx 1.0.2 and Pygments 1.1. The use of 'console' highlight in staticfiles docs requires Pygments 1.1.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14624 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-19 16:10:23 +00:00
Alex Gaynor
49d831380f Corrected the way databases were compared. This allows running the test suite with two in memory SQLite databases.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14619 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-19 08:08:08 +00:00
Jannis Leidel
1ed62706e7 Fixed a few typos introduced in r14533.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14552 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-13 18:41:24 +00:00
Jannis Leidel
63023e6ad9 Added AdminMediaHandler to deprecation docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14534 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-11 21:44:05 +00:00
Jacob Kaplan-Moss
d30fe03e6b Fixed #14641 - a handful of grammer/typo fixes.
Thanks, programmerq.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14497 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-08 20:37:52 +00:00
Russell Keith-Magee
0fcb094557 Fixed #6735 -- Added class-based views.
This patch is the result of the work of many people, over many years.
To try and thank individuals would inevitably lead to many people
being left out or forgotten -- so rather than try to give a list that
will inevitably be incomplete, I'd like to thank *everybody* who
contributed in any way, big or small, with coding, testing, feedback
and/or documentation over the multi-year process of getting this into
trunk.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14254 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-18 13:34:47 +00:00
Luke Plant
45c7f427ce Fixed #14445 - Use HMAC and constant-time comparison functions where needed.
All adhoc MAC applications have been updated to use HMAC, using SHA1 to
generate unique keys for each application based on the SECRET_KEY, which is
common practice for this situation. In all cases, backwards compatibility
with existing hashes has been maintained, aiming to phase this out as per
the normal deprecation process. In this way, under most normal
circumstances the old hashes will have expired (e.g. by session expiration
etc.) before they become invalid.

In the case of the messages framework and the cookie backend, which was
already using HMAC, there is the possibility of a backwards incompatibility
if the SECRET_KEY is shorter than the default 50 bytes, but the low
likelihood and low impact meant compatibility code was not worth it.

All known instances where tokens/hashes were compared using simple string
equality, which could potentially open timing based attacks, have also been
fixed using a constant-time comparison function.

There are no known practical attacks against the existing implementations,
so these security improvements will not be backported.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14218 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-14 20:54:30 +00:00
Chris Beaven
b37327caae Fix a typo in my bio
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14200 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-13 06:59:45 +00:00
Honza Král
9235d24d3f Added myself to committers
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14176 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-12 01:48:21 +00:00
Gabriel Hurley
2ed554bd92 Fixed #14227 -- Added information about the "easy-pickings" keyword to the contributing docs. Thanks to Russ for the report and cmheisel for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14154 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-11 21:57:25 +00:00
Russell Keith-Magee
5e319f5194 Refs #12991 -- Added extra docs for the unittest2 changes made in r14139.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14140 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-11 13:18:00 +00:00
Chris Beaven
fc4ed4fafd Add myself to committers
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14118 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-10 09:35:06 +00:00
Carl Meyer
501546df6f Fixed #12226 -- Deprecated test client Response.template attribute in favor of templates attribute, which is always a list. Thanks Russell for patch review.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14106 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-10 02:16:33 +00:00
Russell Keith-Magee
a904e55859 Fixed #11509 -- Modified usage of "Web" to match our style guide in various documentation, comments and code. Thanks to timo and Simon Meers for the work on the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14069 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-09 08:12:50 +00:00
Gabriel Hurley
816c7d1e64 Adding myself to the specialists section (and fixing a typo in Jeremy's bio).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14056 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-09 04:01:37 +00:00
Ramiro Morales
71a4c472ab Added myself to the committers list.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14051 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-09 03:16:22 +00:00
Carl Meyer
5b155e2a87 Added myself to contributors.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14047 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-09 01:47:42 +00:00
Andrew Godwin
37023bc0bc Adding my bio. Andrew enjoys writing about himself in the third person.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14039 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-08 22:55:46 +00:00
Simon Meers
52f763d935 Added my bio to committers.txt
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14037 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-08 22:49:46 +00:00
Alex Gaynor
cdc6b0eb98 Correct a rather embarrassing typo in my bio.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14035 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-08 21:10:57 +00:00
Alex Gaynor
5c01585450 Added myself to the committers docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14034 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-08 21:05:39 +00:00
Russell Keith-Magee
127a25ac27 Fixed #14383 -- Corrected the capitalization of reStructuredText. Thanks to timo for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14017 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-08 15:37:16 +00:00
Adrian Holovaty
d405ec9b4d Fixed #14409 -- Fixed typo in docs/internals/documentation.txt. Thanks, kurtmckee
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13991 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-06 17:32:25 +00:00
Jacob Kaplan-Moss
136bf00615 Additions to the contributing document explaining our new decision-making process.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13962 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-29 17:56:27 +00:00