Commit Graph

279 Commits

Author SHA1 Message Date
Aymeric Augustin f1255a3c09 Fixed #18144 -- Restored compatibility with SHA1 hashes with empty salt.
Thanks dahool for the report and initial version of the patch.
2013-02-25 20:21:58 +01:00
Carl Meyer d51fb74360 Added a new required ALLOWED_HOSTS setting for HTTP host header validation.
This is a security fix; disclosure and advisory coming shortly.
2013-02-19 11:23:29 -07:00
Aymeric Augustin 720888a146 Fixed #15808 -- Added optional HttpOnly flag to the CSRF Cookie.
Thanks Samuel Lavitt for the report and Sascha Peilicke for the patch.
2013-02-07 09:48:08 +01:00
Aymeric Augustin 50a985b09b Fixed #19099 -- Split broken link emails out of common middleware. 2013-01-15 17:41:45 +01:00
Carl Meyer efa3f71cc4 Remove inaccurate comment regarding language names. 2013-01-09 11:55:58 -07:00
Aymeric Augustin 146ed13a11 Fixed #17083 -- Allowed sessions to use non-default cache. 2012-10-31 09:46:16 +01:00
Claude Paroz f1cc2be0c5 Fixed #18575 -- Empty DATABASES should default to dummy backend
Thanks delormemarco@gmail.com for the report.
2012-10-28 23:44:03 +01:00
Aymeric Augustin 785bf0d5a0 Reverted unintentional change in aff9b2f. 2012-10-28 12:33:38 +01:00
Aymeric Augustin aff9b2f566 Fixed #19203 -- Added isolation to a humanize test
Thanks lrekucki for the report.
2012-10-28 09:34:05 +01:00
Claude Paroz a014ddfef2 Combined Django DEFAULT_LOGGING with user LOGGING config
Refs #18993.
2012-09-29 22:56:18 +02:00
Adrien Lemaire 2c8267bf3d Fixed #17899 -- Rewrote [Ee]-mail to [Ee]mail 2012-09-26 14:14:51 +02:00
Russell Keith-Magee 70a0de37d1 Fixed #3011 -- Added swappable auth.User models.
Thanks to the many people that contributed to the development and review of
this patch, including (but not limited to) Jacob Kaplan-Moss, Anssi
Kääriäinen, Ramiro Morales, Preston Holmes, Josh Ourisman, Thomas Sutton,
and Roger Barnes, as well as the many, many people who have contributed to
the design discussion around this ticket over many years.

Squashed commit of the following:

commit d84749a0f0
Merge: 531e771 7c11b1a
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Wed Sep 26 18:37:04 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 531e7715da
Merge: 29d1abb 1f84b04
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Wed Sep 26 07:09:23 2012 +0800

    Merged recent trunk changes.

commit 29d1abbe35
Merge: 8a527dd 54c81a1
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 24 07:49:46 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 8a527dda13
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 24 07:48:05 2012 +0800

    Ensure sequences are reset correctly in the presence of swapped models.

commit e2b6e22f29
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 23 17:53:05 2012 +0800

    Modifications to the handling and docs for auth forms.

commit 98aba856b5
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 23 15:28:57 2012 +0800

    Improved error handling and docs for get_user_model()

commit 0229209c84
Merge: 6494bf9 8599f64
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 23 14:50:11 2012 +0800

    Merged recent Django trunk changes.

commit 6494bf91f2
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 17 21:38:44 2012 +0800

    Improved validation of swappable model settings.

commit 5a04cde342
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Sep 17 07:15:14 2012 +0800

    Removed some unused imports.

commit ffd535e413
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 20:31:28 2012 +0800

    Corrected attribute access on for get_by_natural_key

commit 913e1ac84c
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 20:12:34 2012 +0800

    Added test for proxy model safeguards on swappable models.

commit 280bf19e94
Merge: dbb3900 935a863
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 18:16:49 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit dbb3900775
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 18:09:27 2012 +0800

    Fixes for Python 3 compatibility.

commit dfd72131d8
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 15:54:30 2012 +0800

    Added protection against proxying swapped models.

commit abcb027190
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 15:11:10 2012 +0800

    Cleanup and documentation of AbstractUser base class.

commit a9491a8776
Merge: fd8bb4e 08bcb4a
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 14:46:49 2012 +0800

    Merge commit '08bcb4aec1ed154cefc631b8510ee13e9af0c19d' into t3011

commit fd8bb4e3e4
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 14:20:14 2012 +0800

    Documentation improvements coming from community review.

commit b550a6d06d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 13:52:47 2012 +0800

    Refactored skipIfCustomUser into the contrib.auth tests.

commit 52a02f1110
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 13:46:10 2012 +0800

    Refactored common 'get' pattern into manager method.

commit b441a6bbc7
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 16 13:41:33 2012 +0800

    Added note about backwards incompatible change to admin login messages.

commit 08bcb4aec1
Author: Anssi Kääriäinen <akaariai@gmail.com>
Date:   Sat Sep 15 18:30:33 2012 +0300

    Splitted User to AbstractUser and User

commit d9f5e5addb
Author: Anssi Kääriäinen <akaariai@gmail.com>
Date:   Sat Sep 15 18:30:02 2012 +0300

    Reworked REQUIRED_FIELDS + create_user() interaction

commit 579f152e4a
Merge: 9184972 93e6733
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 20:18:37 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 918497218c
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 20:18:19 2012 +0800

    Deprecate AUTH_PROFILE_MODULE and get_profile().

commit 334cdfc1bb
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 20:00:12 2012 +0800

    Added release notes for new swappable User feature.

commit 5d7bb22e8d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 19:59:49 2012 +0800

    Ensure swapped models can't be queried.

commit 57ac6e3d32
Merge: f2ec915 abfba3b
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 15 14:31:54 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit f2ec915b20
Merge: 1952656 5e99a3d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 08:29:51 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 19526563b5
Merge: 2c5e833 c4aa26a
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 08:22:26 2012 +0800

    Merge recent changes from master.

commit 2c5e833a30
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 07:53:46 2012 +0800

    Corrected admin_views tests following removal of the email fallback on admin logins.

commit 20d1892491
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sun Sep 9 01:00:37 2012 +0800

    Added conditional skips for all tests dependent on the default User model

commit 40ea8b8882
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 8 23:47:02 2012 +0800

    Added documentation for REQUIRED_FIELDS in custom auth.

commit e6aaf65970
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Sat Sep 8 23:20:02 2012 +0800

    Added first draft of custom User docs.

    Thanks to Greg Turner for the initial text.

commit 75118bd242
Author: Thomas Sutton <me@thomas-sutton.id.au>
Date:   Mon Aug 20 11:17:26 2012 +0800

    Admin app should not allow username discovery

    The admin app login form should not allow users to discover the username
    associated with an email address.

commit d088b3af58
Author: Thomas Sutton <me@thomas-sutton.id.au>
Date:   Mon Aug 20 10:32:13 2012 +0800

    Admin app login form should use swapped user model

commit 7e82e83d67
Merge: e29c010 39aa890
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Fri Sep 7 23:45:03 2012 +0800

    Merged master changes.

commit e29c010beb
Merge: 8e3fd70 30bdf22
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Aug 20 13:12:57 2012 +0800

    Merge remote-tracking branch 'django/master' into t3011

commit 8e3fd703d0
Merge: 507bb50 26e0ba0
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Aug 20 13:09:09 2012 +0800

    Merged recent changes from trunk.

commit 507bb50a92
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Jun 4 20:41:37 2012 +0800

    Modified auth app so that login with alternate auth app is possible.

commit dabe362836
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Jun 4 20:10:51 2012 +0800

    Modified auth management commands to handle custom user definitions.

commit 7cc0baf89d
Author: Russell Keith-Magee <russell@keith-magee.com>
Date:   Mon Jun 4 14:17:28 2012 +0800

    Added model Meta option for swappable models, and made auth.User a swappable model
2012-09-26 18:48:09 +08:00
Aymeric Augustin 17f3e9258e Fixed #18397 -- Avoided referencing lawrence.com.
This commit includes multiple small related changes, see the ticket
for a full discussion.
2012-06-07 11:50:20 +02:00
Claude Paroz eefb00f301 Fixed #18220 -- Removed the CACHE_BACKEND setting, as per official deprecation timeline.
Thanks Ramiro Morales for the review.
2012-04-29 20:47:36 +02:00
Aymeric Augustin 9ed6e08ff9 Removed deprecated URLField.verify_exists.
The deprecation schedule was slightly accelerated because of possible security ramifications.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@17847 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-31 13:55:03 +00:00
Jannis Leidel 9d1d1f06db Added Tatar translation. Refs #17822.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17732 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-14 09:15:31 +00:00
Jannis Leidel e540f27475 Added Swahili translation. Refs #17822.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17731 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-14 09:14:48 +00:00
Jannis Leidel 830900c24a Added Nepali translation. Refs #17822.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17730 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-14 09:14:07 +00:00
Jannis Leidel 661139a29e Added Kazakh translation. Refs #17822.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17729 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-14 09:13:24 +00:00
Jannis Leidel e47b92dad7 Added Esperanto to the list of languages. Refs #17822.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17728 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-14 09:12:43 +00:00
Claude Paroz 78638a9a51 Replaced http by https in djangoproject.com links
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17703 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-03-13 17:53:31 +00:00
Paul McMillan 413e37481d Fixes #17777 and makes tests run again.
Adds a salted MD5 hasher for backwards compatibility.
Thanks gunnar@g10f.de for the report.

Also fixes a bug preventing the hasher tests from being run during
contrib tests.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@17604 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-02-29 20:12:16 +00:00
Paul McMillan dce820ff70 Renovated password hashing. Many thanks to Justine Tunney for help with the initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17253 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-23 03:46:06 +00:00
Adrian Holovaty 20c8aa2a20 Fixed various dodgy behaviours
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17226 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-17 17:37:24 +00:00
Adrian Holovaty 61f0aff811 Fixed #14597 -- Added a SECURE_PROXY_SSL_HEADER setting for cases when you're behind a proxy that 'swallows' the fact that a request is HTTPS
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17209 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-16 22:06:06 +00:00
Paul McMillan 4d975b4f88 Fixed #16847. Session Cookies now default to httponly = True.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17135 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-21 22:03:03 +00:00
Aymeric Augustin 9b1cb755a2 Added support for time zones. Thanks Luke Plant for the review. Fixed #2626.
For more information on this project, see this thread:
http://groups.google.com/group/django-developers/browse_thread/thread/cf0423bbb85b1bbf



git-svn-id: http://code.djangoproject.com/svn/django/trunk@17106 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-18 13:01:06 +00:00
Carl Meyer 145a77edc9 Fixed #16360 -- Added WSGI entrypoint to startproject layout, and enabled internal servers (runserver and runfcgi) to use an externally-defined WSGI application. Thanks to Armin Ronacher, Jannis Leidel, Alex Gaynor, ptone, and Jacob Kaplan-Moss.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17022 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-22 04:30:10 +00:00
Carl Meyer 29def3e52c Fixed #16873 - Added dummy database backend in default settings, so that just importing django.db doesn't trigger ImproperlyConfigured if there is no DATABASES setting.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16946 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-08 19:23:37 +00:00
Aymeric Augustin 510ea906f7 Fixed #17012 - Removed references to the 'hasNoProfanities' validator. Refs #8794.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16935 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-07 08:35:20 +00:00
Carl Meyer 343004c4de Fixed #16568 -- Added RequireDebugFalse filter to prevent sending 500 error emails when DEBUG is True in projects with no explicit LOGGING setting. Thanks to Andreas Pelme for report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16840 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-16 16:41:38 +00:00
Russell Keith-Magee 893cea211a Added protection against spoofing of X_FORWARDED_HOST headers. A security announcement will be made shortly.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16758 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-10 00:46:38 +00:00
Alex Gaynor d036b87126 Remove no-longer-valid references to the DATABASE_* settings, the legacy code for them was already removed.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16733 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-09 17:14:47 +00:00
Jannis Leidel bce890ace4 Fixed #16584 -- Fixed a bunch of typos in code comments. Thanks, Bernhard Essl.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16598 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-12 14:14:15 +00:00
Jannis Leidel 38a2444277 Fixed #16050 -- BACKWARDS-INCOMPATIBLE CHANGE: Moved static files of the admin to conventional file system location.
This also removes the need for ADMIN_MEDIA_PREFIX and replaces it with the convention to find admin's static files at STATIC_URL + 'admin/'.

Thanks to Jacob for the review and general help.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16487 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-30 09:06:19 +00:00
Carl Meyer 43503b093a Fixed #16288 -- Enabled django.request exception logger regardless of DEBUG setting.
Thanks Matt Bennett for report and draft patch; Vinay Sajip and Russell Keith-Magee for review.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16444 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-22 06:01:44 +00:00
Andrew Godwin dce278673a Fixed #9459: forms.HiddenInput and DateTime field loses microseconds. Thanks to mt.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16347 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-09 17:03:45 +00:00
Luke Plant 45e55b9143 Fixed #14614 - filtering of sensitive information in 500 error reports.
This adds a flexible mechanism for filtering what request/traceback
information is shown in 500 error emails and logs. It also applies
screening to some views known to be sensitive e.g. views that handle
passwords.

Thanks to oaylanc for the report and many thanks to Julien Phalip for the
patch and the rest of the work on this.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16339 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-08 22:18:46 +00:00
Luke Plant 524c5fa07a Fixed #14261 - Added clickjacking protection (X-Frame-Options header)
Many thanks to rniemeyer for the patch!

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16298 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-30 22:27:47 +00:00
Jannis Leidel f60d428463 Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-21 14:41:14 +00:00
Luke Plant 8cbcf1d3a6 Fixed #14134 - ability to set cookie 'path' and 'secure' attributes of CSRF cookie
Thanks to cfattarsi for the report and initial patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16200 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 23:00:22 +00:00
Luke Plant 171df93170 Fixed #15954 - New IGNORABLE_404_URLS setting that allows more powerful filtering of 404s to ignore
Thanks to aaugustin for implementing this.

(Technically this doesn't fix the original report, as we've decided against
having *any* default values, but the new feature makes it possible, and the
docs have an example addressing #15954).

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16160 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-05 20:49:26 +00:00
Jannis Leidel 0fa8bd3d92 Fixed #15920 -- Removed COMMENTS_BANNED_USERS_GROUP setting in favor of the established comments app customization. Thanks, Daniel Lindsley.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16124 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-29 15:11:17 +00:00
Jannis Leidel 22892c31f6 Removed superfluous settings that were forgotten when the comments app was refactored.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16123 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-29 15:11:08 +00:00
Adrian Holovaty f8495d2371 Fixed #15822 -- Removed references to the v1 postgresql backend (which has been removed). Thanks for the patch, aaugustin
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16034 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-17 20:45:06 +00:00
Russell Keith-Magee d60ae0b721 Removed deprecated 'no' translation
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15988 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-02 08:43:43 +00:00
Russell Keith-Magee 5d5149cd18 Advanced deprecation of user-based messages and the LegacyFallbackStorage in contrib.messages.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15975 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-02 08:36:04 +00:00
Adrian Holovaty 94af19c43f Changed e-mail to email throughout documentation and codebase. The one exception is translation strings, which I didn't want to disrupt
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15967 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-01 16:10:22 +00:00
Luke Plant 6a25d90e49 Removed totally unused setting.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15941 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-28 22:19:14 +00:00
Jannis Leidel b46cbc49c2 Fixed #15608 -- Added Nicaraguan Spanish locale (format file only). Thanks, fitoria.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15841 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-15 22:13:24 +00:00
Jannis Leidel 4eb060516c Added Azerbaijani and Urdu to list of supported languages and added initial core translations. Refs #15300.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15681 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-01 08:50:18 +00:00
Jannis Leidel ff4a24af51 Fixed whitespace errors in settings modules.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15501 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-12 19:11:42 +00:00
Russell Keith-Magee 7536f63b32 Fixed #14768 -- Added an es_MX locale and initial translation. Thanks to Alonso Bautista Villalobos and the rest of the Mexican translation team.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15433 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-06 06:06:29 +00:00
Russell Keith-Magee 4306501da7 Fixed #15217 -- Made the CACHE_BACKEND deprecation warning more selective, so it doesn't catch the default case. Thanks to adamv for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15406 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-04 14:27:43 +00:00
Russell Keith-Magee 673e6fc7fb Fixed #11675 -- Added support for the PyLibMC cache library. In order to support this, and clean up some other 1.3 caching additions, this patch also includes some changes to the way caches are defined. This means you can now have multiple caches, in the same way you have multiple databases. A huge thanks to Jacob Burch for the work on the PyLibMC backend, and to Jannis for his work on the cache definition changes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15005 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-21 15:19:19 +00:00
Russell Keith-Magee 78be884ea7 Fixed #3304 -- Added support for HTTPOnly cookies. Thanks to arvin for the suggestion, and rodolfo for the draft patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14707 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-26 13:30:50 +00:00
Russell Keith-Magee 99d247f4cb Fixed #13795 -- Added a site-wide cache prefix and cache versioning. Thanks to bruth for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14623 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-19 15:39:35 +00:00
Jannis Leidel 33d8fcde8a Fixed #14693, #14709 -- Backwards incompatible change to rectify the confusion around the STATICFILES_URL and STATICFILES_ROOT settings.
* Two new global settings that will be used by -- **but are not limited to** -- the staticfiles app: STATIC_ROOT and STATIC_URL.

  * Moving the 'django.contrib.staticfiles.templatetags.staticfiles' template tag to the core ('django.templatetags.static') and renaming it to 'get_static_prefix'.

  * Moving the context processor 'django.contrib.staticfiles.context_processors.staticfiles' to the core ('django.core.context_processors.static') and renaming it to 'static'.

  * Paths in media definitions will use STATIC_URL as the prefix if the value is not None, and falls back to the previously used MEDIA_URL.

Thanks again to the community for constructive criticism and Carl and Russ for sanity-inducing discussions on IRC.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14592 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-17 15:36:26 +00:00
Adrian Holovaty 5844cdca38 Small grammar fix in 'user-uploaded files' comment from [14560]
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14582 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-16 23:48:08 +00:00
Ramiro Morales 74f46c0ae2 Fixed #10650 -- Clarified description of MEDIA_ROOT in setting files. Thanks jjconti, tvon, vak, Muhammad Alkarouri and thiggins for their work.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14560 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-14 15:42:54 +00:00
Jannis Leidel 70edd4e103 Reverted deprecation of media context processor (from r14293) to separate static files and media files a bit more.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14535 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-11 21:44:33 +00:00
Carl Meyer 4ba6348a00 Fixed #14598 -- Changed some 'domain.com' uses to 'example.com'
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14440 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-02 16:19:17 +00:00
Jannis Leidel cfc19f84de Fixed #12323 and #11582 -- Extended the ability to handle static files. Thanks to all for helping with the original app, the patch, documentation and general support.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14293 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-20 01:33:24 +00:00
Jannis Leidel fa2159f85b Fixed #14479 -- Added initial Punjabi (pa) translation. Thanks, A S Alam.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14253 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-18 11:23:07 +00:00
Jannis Leidel bca8aed419 Fixed links to the date formats choices in the global settings. Thanks, Russell.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14032 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-08 18:26:12 +00:00
Adrian Holovaty edd767d261 Set default PROFANITIES_LIST setting to an empty tuple. This is technically backwards-compatible if you rely on a Web framework providing you with a woefully incomplete list of naughty words. Fixes #8794
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13996 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-07 15:13:00 +00:00
Russell Keith-Magee 24acca4139 Fixed #12012 -- Added support for logging. Thanks to Vinay Sajip for his draft patch, and to the many people who gave feedback during development of the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13981 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-04 15:12:39 +00:00
Jannis Leidel 7bb6abed12 Fixed #13702 -- Made sure to actually fall back to the l10n format strings provided in the settings, when disabled.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13770 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-12 19:40:44 +00:00
Russell Keith-Magee 75ac6c26da Fixed #14064 -- Corrected spelling of Argentinian. There are arguments that it can be spelled both ways (and arguments that the right phrase is Argentine), but we're going with the OED on this one.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13492 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-06 02:10:45 +00:00
Russell Keith-Magee aa4061dbc0 Fixed #13651 -- Added Malayalam (ml) translation. Thanks to rajeesh.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13491 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-06 02:10:21 +00:00
Jannis Leidel b5a628bf15 Fixed #13496 - Added Indonesian translation (id). Thanks, Selwin Ong.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13186 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-09 18:54:22 +00:00
Russell Keith-Magee 7202eb8e31 Fixed #13094 -- Added Mongolian translation. Thanks to Urangua.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13092 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-04 11:10:36 +00:00
Jannis Leidel 1ff7ed2e69 Added British English translation. Refs #11637.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13053 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-29 14:38:50 +00:00
Jannis Leidel 77c13844ae Fixed #11068 - Introduced new language code "nb" for Norwegian Bokmål as a replacement of the current "no".
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13047 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-29 14:36:09 +00:00
Jannis Leidel df44485c40 Fixed #13096 - Added Norwegian Nynorsk translation. Thanks, Håvard Grimelid.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13046 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-29 14:35:25 +00:00
Jannis Leidel 53eeab64e4 Fixed Bosnian language code introduced in r12322.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12657 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-02 15:42:32 +00:00
Jannis Leidel a8b975e4a9 Fixed #11463 - Added Vietnamese translation. Thanks Erik Unger, clouserw and Nguyễn Mạnh Hùng.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12468 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-21 23:41:37 +00:00
Jannis Leidel 67d4289c2e Fixed #12066 - Moved auth context processor from core to the auth app. Thanks, Rob Hudson.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12466 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-21 23:40:47 +00:00
Jannis Leidel f93f056c32 Fixed #10260 - Refactored internationalization documentation. Thanks, Ramiro Morales.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12440 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-16 12:12:53 +00:00
Russell Keith-Magee 33f4473648 Fixed #12719 -- Added initial Albanian translation. Thanks to Besnik Bleta.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12341 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-28 14:17:15 +00:00
Russell Keith-Magee 70aee5b48f Fixed some problems with the Frisian translation added in r12324.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12333 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-28 02:16:34 +00:00
Russell Keith-Magee ab638181ae Fixed #12711 -- Added the start of a Frisian locale. Thanks to Wim Benes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12324 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-28 02:01:28 +00:00
Russell Keith-Magee cca3862fad Fixed #12357 -- Added a start of a Bosian translation. Thanks to Tim Langeman.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12322 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-28 02:00:08 +00:00
Russell Keith-Magee 1b3dc8ad9a Fixed #12540, #12541 -- Added database routers, allowing for configurable database use behavior in a multi-db setup, and improved error checking for cross-database joins.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12272 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-22 14:30:06 +00:00
Russell Keith-Magee 53b61d9c02 Fixed #12624 -- Modified test runners to be class based.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12255 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-18 15:11:01 +00:00
Russell Keith-Magee e07560a88e Modified the way EMAIL_BACKEND is specified to make it consistent with the new "use the class name" policy for backends.
This is a BACKWARDS-INCOMPATIBLE CHANGE for anyone using a manually
specified EMAIL_BACKEND setting. If you have manually specified
EMAIL_BACKEND, you will need to append ".EmailBackend" to your
existing EMAIL_BACKEND setting. See the django-dev mailing list for
details.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12084 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-04 12:05:04 +00:00
Jannis Leidel 18c31f608f Fixed #12220 - Added Serbian Latin to list of languages in global settings. Thanks, Janos Guljas.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12055 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-01 21:38:11 +00:00
Jannis Leidel 9233d04265 Fixed #7980 - Improved i18n framework to support locale aware formatting (dates and numbers) and form processing.
Thanks to Marc Garcia for working on this during his Google Summer of Code 2009!

Additionally fixes #1061, #2203, #3940, #5526, #6449, #6231, #6693, #6783, #9366 and #10891.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11964 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-22 17:58:49 +00:00
Russell Keith-Magee ff60c5f9de Fixed #1142 -- Added multiple database support.
This monster of a patch is the result of Alex Gaynor's 2009 Google Summer of Code project.
Congratulations to Alex for a job well done.

Big thanks also go to:
 * Justin Bronn for keeping GIS in line with the changes,
 * Karen Tracey and Jani Tiainen for their help testing Oracle support
 * Brett Hoerner, Jon Loyens, and Craig Kimmerer for their feedback.
 * Malcolm Treddinick for his guidance during the GSoC submission process.
 * Simon Willison for driving the original design process
 * Cal Henderson for complaining about ponies he wanted.

... and everyone else too numerous to mention that helped to bring this feature into fruition.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11952 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-22 15:18:51 +00:00
Russell Keith-Magee 44b9076bbe Fixed #6262 -- Added a cached template loader, and modified existing template loaders and tag to be cacheable. Thanks to Mike Malone for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11862 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-14 12:08:23 +00:00
Luke Plant 25020ddb05 Fixed #4604 - Configurable message passing system, supporting anonymous users
This deprecates User.message_set in favour of a configurable messaging
system, with backends provided for cookie storage, session storage and
backward compatibility.

Many thanks to Tobias McNulty for the bulk of the work here, with
contributions from Chris Beaven (SmileyChris) and lots of code review from
Russell Keith-Magee, and input from many others.  Also credit to the authors
of various messaging systems for Django whose ideas may have been pinched
:-)



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11804 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-09 16:57:23 +00:00
Russell Keith-Magee aba5389326 Fixed #10355 -- Added an API for pluggable e-mail backends.
Thanks to Andi Albrecht for his work on this patch, and to everyone else that contributed during design and development.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11709 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-03 12:53:26 +00:00
Luke Plant 7230a995ce Moved contrib.csrf.* to core code.
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:36:34 +00:00
Luke Plant 8e70cef9b6 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
This is a large change to CSRF protection for Django.  It includes:

 * removing the dependency on the session framework.
 * deprecating CsrfResponseMiddleware, and replacing with a core template tag.
 * turning on CSRF protection by default by adding CsrfViewMiddleware to
   the default value of MIDDLEWARE_CLASSES.
 * protecting all contrib apps (whatever is in settings.py)
   using a decorator.

For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.

Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.

Details of the rationale for these changes is found here:

http://code.djangoproject.com/wiki/CsrfProtection

As of this commit, the CSRF code is mainly in 'contrib'.  The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Adrian Holovaty a251e0ab7e Fixed #11070 -- Removed JING_PATH setting, which was no longer used. Thanks for the patch, seanl
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10840 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-26 05:32:52 +00:00
Luke Plant cdc8c61bc3 Made default MIDDLEWARE_CLASSES same as in project_template.
And updated docs, and also corrected them about middleware by removing
'XViewMiddleware'



git-svn-id: http://code.djangoproject.com/svn/django/trunk@10129 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-23 23:20:40 +00:00
Luke Plant 20f7e51493 Reverted 10094 and 10095 (in favour of solution that will hopefully land for beta 2)
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10128 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-23 23:02:46 +00:00
Luke Plant 2d28724730 Added CSRF middleware to default settings and updated docs.
Updated docs to reflect the change, and the fact that using the
two separate middleware is preferred to using the combined one.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@10094 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-19 23:14:20 +00:00
Malcolm Tredinnick e31ed8f2b1 Fixed #9574 -- Hindi translation from Thejaswi Puthraya.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9422 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-14 07:11:34 +00:00
Malcolm Tredinnick b69182fcc3 Added a couple of missed pieces from r9376. Refs #9542.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9380 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-10 10:24:51 +00:00