innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
18,739 Commits 25 Branches 361 Tags 501 MiB
Commit Graph

11217 Commits

Author SHA1 Message Date
Tim Graham 2d66d04e73 [1.7.x] Bumped version for 1.7.11 release. 2015-11-24 11:30:11 -05:00
Florian Apolloner 8a01c6b531 [1.7.x] Fixed a settings leak possibility in the date template filter. 
This is a security fix.
 2015-11-16 21:06:32 -05:00
Simon Charette fd1426570e [1.7.x] Refs #25693 -- Added a regression test for `to_attr` validation on forward m2m. 
Backport of cc8c02fa0f from master
 2015-11-11 12:42:53 -05:00
Simon Charette 3d037b9f68 [1.7.x] Refs #25693 -- Avoided redundant calls to get_fields() in `to_attr` validation. 
Conflicts:
	django/db/models/query.py

Backport of cc8c02fa0f from master
 2015-11-11 12:36:59 -05:00
Ian Foote 6184cb9baa [1.7.x] Fixed #25693 -- Prevented data loss with Prefetch and ManyToManyField. 
Thanks to Jamie Matthews for finding and explaining the bug.

Backport of 4608573788 from master
 2015-11-11 00:58:53 -05:00
Tim Graham 665b9eb5e2 [1.7.x] Post-release version bump. 2015-08-18 13:30:35 -04:00
Tim Graham abb8dda6c9 [1.7.x] Bumped version for 1.7.10 release. 2015-08-18 08:38:33 -04:00
Tim Graham 2f5485346e [1.7.x] Fixed DoS possiblity in contrib.auth.views.logout() 
Refs #20936 -- When logging out/ending a session, don't create a new, empty session.

Previously, when logging out, the existing session was overwritten by a
new sessionid instead of deleting the session altogether.

This behavior added overhead by creating a new session record in
whichever backend was in use: db, cache, etc.

This extra session is unnecessary at the time since no session data is
meant to be preserved when explicitly logging out.

Backport of 393c0e2422,
088579638b, and
2dee853ed4 from master

Thanks Florian Apolloner and Carl Meyer for review.

This is a security fix.
 2015-08-18 08:24:51 -04:00
Claude Paroz 9efddb7f3e [1.7.x] Updated GeoIP test for newer versions 
Backport of 3f9dca62cb from master
 2015-07-30 18:17:13 -04:00
Tim Graham 4fc5b487a8 [1.7.x] Fixed #25183 -- Fixed non-deterministic GeoIP test. 
google.com doesn't always resolve to an IP inside the United States.

Backport of 5b6ca15073 from master
 2015-07-30 18:12:42 -04:00
Tim Graham baebfe6860 [1.7.x] Post-release version bump. 2015-07-08 16:01:31 -04:00
Tim Graham 0cbe3c63af [1.7.x] Bumped version for 1.7.9 release. 2015-07-08 07:36:17 -04:00
Tim Graham ae49b4d994 [1.7.x] Prevented newlines from being accepted in some validators. 
This is a security fix; disclosure to follow shortly.

Thanks to Sjoerd Job Postmus for the report and draft patch.
 2015-07-08 07:35:43 -04:00
Carl Meyer 1828f4341e [1.7.x] Fixed #19324 -- Avoided creating a session record when loading the session. 
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.

This is a security fix; disclosure to follow shortly.
 2015-07-08 07:35:39 -04:00
Marten Kenbeek 9bd3a2325e [1.7.x] Refs #23621 -- Fixed warning message when reloading models. 
Backport of aabb58428b from master
 2015-06-30 15:01:28 -04:00
Tim Graham 207da07d59 [1.7.x] Fixed #24903 -- Fixed assertRaisesMessage on Python 2.7.10. 
A regression found in in Python 2.7.10 rc1 wasn't reverted for the final
release: https://bugs.python.org/issue24134

Backport of two commits from master:
* c2bc1cefdc
* e89c3a4603
 2015-06-09 16:14:49 -04:00
Andriy Sokolovskiy 927d90ee1e [1.7.x] Fixed #24817 -- Prevented loss of null info in MySQL field renaming. 
Backport of 80ad5472ce from master
 2015-05-28 10:26:27 -04:00
Tim Graham 3d625cfc20 [1.7.x] Post-release version bump. 2015-05-01 16:46:11 -04:00
Tim Graham 8830c05c26 Bumped version for 1.7.8 release. 2015-05-01 16:37:45 -04:00
Claude Paroz ada0845dda [1.7.x] Fixed #24595 -- Prevented loss of null info in MySQL field alteration 
Thanks Simon Percivall for the report, and Simon Charette and Tim
Graham for the reviews.
Backport of 02260ea3f6 from master.
 2015-04-17 10:48:13 +02:00
Anssi Kääriäinen c3a9820251 [1.7.x] Fixed #24605 -- Fixed incorrect reference to alias in subquery. 
Thanks to charettes and priidukull for investigating the issue, and to
kurevin for the report.

Backport of 355c5edd93 from master
 2015-04-16 09:32:23 -04:00
peterfarrell d74903e4fb [1.7.x] Fixed #24637 -- Fixed database introspection with SQLite 3.8.9. 
Backport of f8e8853b51 from master
 2015-04-14 11:30:38 -04:00
Tim Graham a81c224ad1 [1.7.x] Post-release version bump. 2015-03-18 20:17:41 -04:00
Tim Graham 159f3bfafc [1.7.x] Bumped version for 1.7.7 release. 2015-03-18 08:52:17 -04:00
Tim Graham 2a4113dbd5 [1.7.x] Made is_safe_url() reject URLs that start with control characters. 
This is a security fix; disclosure to follow shortly.
 2015-03-18 08:51:51 -04:00
Tim Graham e63363f8e0 [1.7.x] Fixed an infinite loop possibility in strip_tags(). 
This is a security fix; disclosure to follow shortly.
 2015-03-18 08:51:21 -04:00
John Giannelos cb48e192fb [1.7.x] Fixed #24427 -- Stopped writing migration files in dry run mode when merging. 
Also added display of migration to stdout when verbosity=3.

Backport of 8758a63ddb from master
 2015-03-16 19:58:08 -04:00
Matthew Wilkes d0607a7eee [1.7.x] Fixed #24354 -- Prevented repointing of relations on superclasses when migrating a subclass's name change 2015-03-14 15:35:16 -04:00
Tim Graham 084c97c29b [1.7.x] Post-release version bump. 2015-03-09 11:57:04 -04:00
Tim Graham 40fb8f4ecd [1.7.x] Bumped version for 1.7.6 release. 2015-03-09 10:18:18 -04:00
Baptiste Mispelon 2654e1b939 [1.7.x] Fixed #24461 -- Fixed XSS issue in ModelAdmin.readonly_fields 2015-03-09 10:17:54 -04:00
Jean-Louis Fuchs 283b630d63 Fixed #24447 -- Made migrations add FK constraints for existing columns 
When altering from e.g. an IntegerField to a ForeignKey, Django didn't
add a constraint.

Backport of f4f0060fea from master
 2015-03-07 14:30:28 +01:00
Gabriel Muñumel 0831a43c3a [1.7.x] Fixed #24352 -- Fixed crash when coercing ``ManyRelatedManager`` to a string. 2015-02-26 11:00:52 -05:00
Tim Graham 2972fd2353 [1.7.x] Post-release version bump. 2015-02-25 09:07:25 -05:00
Tim Graham 634f4229c5 [1.7.x] Bumped version for 1.7.5 release. 2015-02-25 08:49:48 -05:00
Emin Mastizada 61705f0091 [1.7.x] Added formats for the Azerbaijani locale. 
Backport of dda2a3cf4c from master
 2015-02-23 07:37:46 -05:00
Aymeric Augustin 9b7d512d5f [1.7.x] Fixed #24318 -- Set the transaction isolation level with psycopg >= 2.4.2. 
Backport of 76356d96 from master
 2015-02-14 18:52:53 +01:00
Tim Graham 1b93b0977d [1.7.x] Fixed #24332 -- Fixed contrib.sites create_default_site() when 'default' DATABASES is empty. 
Backport of e8cf4f8abe from master
 2015-02-13 07:08:49 -05:00
Tim Graham 0c9e006d5f [1.7.x] Fixed #24293 -- Skipped a contrib.sites test if multiple databases aren't setup. 2015-02-12 07:56:49 -05:00
Markus Holtermann f8c040e167 [1.7.x] Fixed #24236 -- Treated inherited m2m fields as such if they don't define get_internal_type() 
Regression introduced in 3d4a826174

Thanks IRC user ris for the report, Loïc Bistuer, Anssi Kääriäinen and
Andriy Sokolovskiy for the discussion and Tim Graham for the review.
 2015-02-09 16:48:51 +01:00
Markus Holtermann 208d5c42e7 [1.7.x] Revert "[1.7.x] Fixed #24075 -- Prevented running post_migrate signals when unapplying initial migrations of contenttypes and auth" 
This reverts commit 478546fcef.

Backport of 2832a9b028 from master
 2015-02-07 20:50:15 +01:00
Markus Holtermann e6ffe43b67 [1.7.x] Revert "[1.7.x] Refs #24075 -- Silenced needless call_command output while running tests" 
This reverts commit b419bd3843.

Backport of bd3d796ecd from master
 2015-02-07 19:57:50 +01:00
Tim Graham b25101a0d0 [1.7.x] Post-release version bump. 2015-01-27 12:27:03 -05:00
Tim Graham b626c289cc [1.7.x] Bumped version for 1.7.4 release. 2015-01-27 12:10:08 -05:00
Andriy Sokolovskiy 3d4a826174 [1.7.x] Fixed #24104 -- Fixed check to look on field.get_internal_type() instead of class instance 2015-01-27 14:40:39 +01:00
Claude Paroz b1bf8d64fb [1.7.x] Fixed #24193 -- Prevented unclosed file warnings in static.serve() 
This regression was caused by 818e59a3f0. The patch is a partial
backport of the new FileResponse class available in later Django
versions.
Thanks Raphaël Hertzog for the report, and Tim Graham and Collin
Anderson for the reviews.
 2015-01-23 08:58:34 +01:00
Tim Graham 7a1ccc0699 [1.7.x] Fixed #24153 -- Fixed cookie test compatibility with Python 3.4.3+ 
Backport of b19b81b396 from master
 2015-01-19 15:41:29 -05:00
Markus Holtermann db2a97870d [1.7.x] Fixed #24163 -- Removed unique constraint after index on MySQL 
Thanks Łukasz Harasimowicz for the report.

Backport of 5792e6a88c from master
 2015-01-19 17:25:05 +01:00
Tim Graham 065b2a82f6 [1.7.x] Fixed #24135 -- Made RenameModel rename many-to-many tables. 
Thanks Simon and Markus for reviews.

Backport of 28db4af80a from master
 2015-01-15 20:43:49 -05:00
Markus Holtermann b419bd3843 [1.7.x] Refs #24075 -- Silenced needless call_command output while running tests 
Thanks Tim Graham for the report

Backport of 51dc617b21 from master
 2015-01-15 21:13:27 +01:00