mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-31 09:41:08 +00:00
Code Issues 32 Releases Wiki Activity
20,591 Commits 30 Branches 460 Tags
e2a652fac1ce9af51e2dfdfb4e26a1c94cf3189c
Commit Graph

20591 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Tim Graham
1913c1ac21 Added today's security issues to the archive. 2015-01-13 14:44:08 -05:00
Tim Graham
7ecd654497 Removed blank lines from docs/releases/security.txt 2015-01-13 14:37:30 -05:00
Tim Graham
cbbe6a6abb Added dates to release notes. 2015-01-13 13:08:57 -05:00
Tim Graham
baf2542c4f Fixed DoS possibility in ModelMultipleChoiceField. 
This is a security fix. Disclosure following shortly.

Thanks Keryn Knight for the report and initial patch.
 2015-01-13 13:03:06 -05:00
Tim Graham
a3bebfdc34 Ensured views.static.serve() doesn't use large memory on large files. 
This issue was fixed in master by refs #24072.
 2015-01-13 13:03:06 -05:00
Tim Graham
69b5e66738 Fixed is_safe_url() to handle leading whitespace. 
This is a security fix. Disclosure following shortly.
 2015-01-13 13:03:06 -05:00
Carl Meyer
316b8d4974 Stripped headers containing underscores to prevent spoofing in WSGI environ. 
This is a security fix. Disclosure following shortly.

Thanks to Jedediah Smith for the report.
 2015-01-13 13:03:05 -05:00
Tim Graham
958aeda4b5 Added stub release notes for security releases. 2015-01-13 13:03:05 -05:00
Collin Anderson
e7771ec380 Fixed bad model example in admin docs. 2015-01-13 11:53:03 -05:00
Claude Paroz
e084ff01f2 Fixed #24136 -- Prevented crash when convert_extent input is None 
Thanks Max Demars for the report.
 2015-01-13 17:27:11 +01:00
Michał Modzelewski
65246de7b1 Fixed #24031 -- Added CASE expressions to the ORM. 2015-01-12 18:15:34 -05:00
Shai Berger
aa8ee6a573 Fixed test failures in Oracle introspection 
Refs #17785
 2015-01-13 01:00:09 +02:00
Tim Graham
5d7217dce3 Fixed typo in docs/release/1.8.txt & added word for spelling check. 2015-01-12 17:53:32 -05:00
Josh Schneier
3844ccc958 Fixed #24138 -- Added modelform_factory to __all__. 2015-01-12 17:44:06 -05:00
Josh Smeaton
21b858cb67 Fixed #24060 -- Added OrderBy Expressions 2015-01-13 09:39:55 +11:00
Claude Paroz
f48e2258a9 Fixed #24133 -- Replaced formatting syntax in success_url placeholders 
Thanks Laurent Payot for the report, and Markus Holtermann, Tim Graham
for the reviews.
 2015-01-12 22:51:22 +01:00
Aymeric Augustin
5f7230e12f Fixed #24124 (again) -- Updated tests with new default context_processors. 
Thanks Collin for the review.
 2015-01-12 22:31:44 +01:00
Aymeric Augustin
511a53b314 Avoided exceptions in admindocs' template detail view. 
This is marginally better than crashing when several Django template
engines are configured in a project.

Refs #24125.
 2015-01-12 21:01:34 +01:00
Aymeric Augustin
3bba4b420e Avoided exceptions in a non-critical check in the admin. 
This change makes it possible to configure several Django template
engines in a project and still use the admin. On the flip side the
check is silently skipped when no Django template engine is configured.
 2015-01-12 21:01:34 +01:00
Aymeric Augustin
6b5113ec94 Made debug views not crash when there isn't a default template engine. 2015-01-12 21:01:34 +01:00
Aymeric Augustin
79deb6a071 Accounted for multiple template engines in template responses. 2015-01-12 21:01:34 +01:00
Aymeric Augustin
a3e783fe11 Deprecated passing a Context to a generic Template.render. 
A deprecation path is required because the return type of
django.template.loader.get_template changed during the
multiple template engines refactor.

test_csrf_token_in_404 was incorrect: it tested the case when the
hardcoded template was rendered, and that template doesn't depend on the
CSRF token. This commit makes it test the case when a custom template is
rendered.
 2015-01-12 21:01:34 +01:00
Aymeric Augustin
71b7668b75 Rewrapped TemplateSyntaxError in Jinja2 backend. 
Changed import style to avoid confusion between Django's and Jinja2's
APIs.
 2015-01-12 21:01:34 +01:00
Claude Paroz
4c413e231c Fixed #17785 -- Preferred column names in get_relations introspection 
Thanks Thomas Güttler for the report and the initial patch, and
Tim Graham for the review.
 2015-01-12 19:58:47 +01:00
Muthiah Annamalai
b75c707943 Fixed #24089 -- Added check for when ModelAdmin.fieldsets[1]['fields'] isn't a list/tuple. 2015-01-12 13:47:58 -05:00
Markus Holtermann
eeb88123e7 Fixed #24129 -- Added indicator that migrations are rendering the initial state 
Thanks Tim Graham for the review.
 2015-01-12 19:23:46 +01:00
Tim Graham
9f51d0c86d Fixed test from refs #23913 when running tests in reverse. 2015-01-12 13:20:44 -05:00
Collin Anderson
26a92619f6 Fixed #24124 -- Changed context_processors in the default settings.py 2015-01-12 13:17:44 -05:00
Markus Holtermann
bbbed99f62 Fixed #24123 -- Used all available migrations to generate the initial migration state 
Thanks Collin Anderson for the input when creating the patch and Tim Graham for the review.
 2015-01-12 18:39:18 +01:00
Ng Zhi An
8f5d6c77b6 Fixed #23878 -- Moved Query and Prefetch documentation 2015-01-12 11:35:20 -05:00
Collin Anderson
58833f5197 Made Django's templates get their own LANGUAGE_* variables. 
Refs #24117
 2015-01-12 10:54:59 -05:00
Pavel Shpilev
a7c256cb54 Fixed #9893 -- Allowed using a field's max_length in the Storage. 2015-01-12 09:09:18 -05:00
Marc Tamlyn
b5c1a85b50 Fixed #24118 -- Added --debug-sql option for tests. 
Added a --debug-sql option for tests and runtests.py which outputs the
SQL logger for failing tests. When combined with --verbosity=2, it also
outputs the SQL for passing tests.

Thanks to Berker, Tim, Markus, Shai, Josh and Anssi for review and
discussion.
 2015-01-12 08:16:08 +00:00
Claude Paroz
68a439a18d Removed supports_binary_field flag as all backends support them 
It was mainly for MySQL on Python 3, but now the current
recommended MySQL driver for Python 3 (mysqlclient) does support
binary fields, it is unneeded. Refs #20377.
 2015-01-11 23:34:47 +01:00
Ola Sitarska
d563e3be68 Fixed #23913 -- Deprecated the = comparison in if template tag. 2015-01-11 15:21:01 -05:00
Claude Paroz
412066e71e Revert "Marked a test as an expected failure on MySQL and Python 3.2." 
This reverts commit 832b4a5722.
We officially don't support MySQL on Python 3.2. Refs #20380.
 2015-01-11 20:59:07 +01:00
Tim Graham
28de5cd4de Fixed spelling errors in docs. 2015-01-11 13:24:13 -05:00
Markus Holtermann
be158e3625 Refs #24110 -- Added a more descriptive release note and fixed a spelling mistake. 2015-01-11 00:30:47 +01:00
Markus Holtermann
fdc2cc9487 Fixed #24110 -- Rewrote migration unapply to preserve intermediate states 2015-01-10 23:14:15 +01:00
Aymeric Augustin
d89019a84d Improved template ugrading docs. 
Recommending Template(template_code) was dumb. Described alternatives.
 2015-01-10 21:11:58 +01:00
Aymeric Augustin
f01306a6d8 Updated templates API reference. 
Accounted for multiple template engines and made a few small fixes.
 2015-01-10 20:17:22 +01:00
Aymeric Augustin
4797af2bb8 Updated custom template tags how-to. 
Accounted for multiple template engines and made a few small fixes.
 2015-01-10 20:17:22 +01:00
Aymeric Augustin
3d495cfd77 Added release notes and upgrade instructions for templates. 2015-01-10 20:17:20 +01:00
Aymeric Augustin
ee8d5b91e9 Wrote main documentation for templates. 2015-01-10 20:16:19 +01:00
Aymeric Augustin
6c392bb2c0 Moved doc on the DTL's syntax to the ref/ section. 
This makes room for a more general introduction about templating.

Updated some links to point to the new location, but kept those that
didn't talk specifically about the DTL.
 2015-01-10 19:41:14 +01:00
Claude Paroz
b86107ced1 Fixed #24114 -- Improved error message in GEOSGeometry constructor 2015-01-10 18:53:55 +01:00
Simon Charette
07988744b3 Fixed #13165 -- Added edit and delete links to admin foreign key widgets. 
Thanks to Collin Anderson for the review and suggestions and Tim for the
final review.
 2015-01-10 12:24:52 -05:00
Marc Tamlyn
48ad288679 Fixed #24001 -- Added range fields for PostgreSQL. 
Added support for PostgreSQL range types to contrib.postgres.

- 5 new model fields
- 4 new form fields
- New validators
- Uses psycopg2's range type implementation in python
 2015-01-10 16:18:19 +00:00
Marc Tamlyn
916e38802f Move % addition to lookups, refactor postgres lookups. 
These refactorings making overriding some text based lookup names on
other fields (specifically `contains`) much cleaner. It also removes a
bunch of duplication in the contrib.postgres lookups.
 2015-01-10 16:18:19 +00:00
Serafeim Papastefanos
74f02557e0 Fixed #23967 -- Added formats for Greek 2015-01-10 11:10:26 -05:00