Luke Plant
5a0aab41ee
Allow CsrfResponseMiddleware to be used if templates cannot be updated.
...
For the case where someone is using contrib views with custom templates that
they cannot update to use the template tag, it should be possible to use
CsrfResponseMiddleware. This requires that 'csrf_response_exempt' is not
used for the admin views.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11683 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-30 00:17:29 +00:00
Luke Plant
e6f0c10e77
Fixed typo in docs
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11677 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 22:26:54 +00:00
Luke Plant
9dc9770736
Documented the presence of {% csrf_token %} in Django 1.1.2 in trunk docs.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11675 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 21:52:25 +00:00
Luke Plant
b32a187296
Fixed some typos
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11668 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 13:13:40 +00:00
Luke Plant
f00ad4168e
Added explicit notes about the need to update any customised templates for contrib apps for CSRF changes
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11667 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 12:11:56 +00:00
Luke Plant
2ddf1364c4
Added 'version added' info to CSRF_* settings.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11665 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 01:10:20 +00:00
Luke Plant
64b4ab18b4
Use decorator syntax for csrf_exempt example.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11663 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:43:16 +00:00
Luke Plant
7230a995ce
Moved contrib.csrf.* to core code.
...
There is stub code for backwards compatiblity with Django 1.1 imports.
The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:36:34 +00:00
Luke Plant
8e70cef9b6
Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
...
This is a large change to CSRF protection for Django. It includes:
* removing the dependency on the session framework.
* deprecating CsrfResponseMiddleware, and replacing with a core template tag.
* turning on CSRF protection by default by adding CsrfViewMiddleware to
the default value of MIDDLEWARE_CLASSES.
* protecting all contrib apps (whatever is in settings.py)
using a decorator.
For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.
Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.
Details of the rationale for these changes is found here:
http://code.djangoproject.com/wiki/CsrfProtection
As of this commit, the CSRF code is mainly in 'contrib'. The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Luke Plant
a02a6fab66
Fixed #9163 - CsrfMiddleware needs to reset ETag header
...
Thanks to carljm for report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11650 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-24 10:45:58 +00:00
Jacob Kaplan-Moss
b79702b2de
Fixed #11402 : added a `QuerySet.exists()` method. Thanks, Alex Gaynor.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11646 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-24 00:28:39 +00:00
Luke Plant
055efb2530
Fixed #9674 - documented app_label.
...
Thanks to andymckay for the report and jpaulett for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11596 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-28 21:58:21 +00:00
James Bennett
4a2a0b0e21
Fixed #11931 : Removed mention of nonexistent get_sql() method for arguments to limit_choices_to. Since the correct reference involves undocumented ORM internals, this simply removes the reference entirely in favor of publicly-documented use of Q objects.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11591 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-23 23:40:12 +00:00
Luke Plant
f3af2d9883
Fixed some ReST markup in admin installation docs.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11580 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-14 22:49:03 +00:00
Luke Plant
95d5e450ec
Fixed counting error in admin installation overview docs.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11579 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-14 22:36:20 +00:00
Russell Keith-Magee
dbd6f512ee
Corrected spaces for tabs from r11540.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11554 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 06:18:16 +00:00
Russell Keith-Magee
ec6b9d6e63
Fixed #9236 -- Added documentation on the dependencies of the admin.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11543 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 23:56:45 +00:00
Russell Keith-Magee
423b5c1e14
Fixed #6047 -- Minor correction to the documentation regarding regex field lookups. Thanks to Richard D. Worth for the suggestion, and Steve Holden for the text.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11541 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 23:36:00 +00:00
Russell Keith-Magee
7cbc232909
Fixed #11359 -- Added a link to the signals topic guide in the signals reference. Thanks to tyson for the suggestion.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11540 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 23:06:22 +00:00
Russell Keith-Magee
9aef7dd9e7
Fixed #11592 -- Corrected the grammar in the queryset docs. Thanks to Shannon Bradshaw for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11539 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:59:41 +00:00
Russell Keith-Magee
baf7d3e074
Fixed #11728 -- Corrected a typo in a class name in the request/response docs. Thanks to Tommstein for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11536 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:51:16 +00:00
Russell Keith-Magee
94885bac7b
Fixed #11808 -- Corrected typo in admin docs. Thanks to kratorius for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11534 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:44:51 +00:00
Russell Keith-Magee
fc7ef1c86c
Fixed #11831 -- Corrected typo in comments docs. Thanks to gsf for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11533 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:43:20 +00:00
Luke Plant
49b9470dca
Fixed #11071 - update is_ajax() docs.
...
Thanks timo.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11490 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-10 16:17:56 +00:00
Luke Plant
1387b17026
Fixed #7437 : SelectDateWidget is not documented.
...
Thanks timo.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11488 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-10 15:45:15 +00:00
Karen Tracey
bb9cc01b13
Fixed #6674 : Documented a couple of widget arguments. Thanks timo.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11478 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-08-29 12:40:47 +00:00
Ian Kelly
dcf3be7a62
Fixed #10566 : Added support for cx_Oracle compiled with the WITH_UNICODE flag.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11477 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-08-24 15:45:48 +00:00
Karen Tracey
b82ad10f9d
Fixed #11508 : Adding missing word to form wizard doc. Thanks thepointer and timo.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11444 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-08-13 16:59:59 +00:00
Jacob Kaplan-Moss
d78cf61c99
BACKWARDS-INCOMPATIBLE CHANGE: Removed SetRemoteAddrFromForwardedFor middleware.
...
In a nutshell, it's been demonstrated that this middleware can never be made reliable enough for general-purpose use, and that (despite documentation to the contrary) its inclusion in Django may lead application developers to assume that the value of ``REMOTE_ADDR`` is "safe" or in some way reliable as a source of authentication. So it's gone.
See the Django 1.1 release notes for full details, as well as upgrade instructions.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11363 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-29 05:35:51 +00:00
Russell Keith-Magee
b2f72fc040
Fixed #11527 -- Added unit tests and documentation for the use of F() expressions in single object updates. Thanks to Zachary Voase for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11322 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-24 13:38:36 +00:00
Russell Keith-Magee
8d48eaa064
Fixed #10061 -- Added namespacing for named URLs - most importantly, for the admin site, where the absence of this facility was causing problems. Thanks to the many people who contributed to and helped review this patch.
...
This change is backwards incompatible for anyone that is using the named URLs
introduced in [9739]. Any usage of the old admin_XXX names need to be modified
to use the new namespaced format; in many cases this will be as simple as a
search & replace for "admin_" -> "admin:". See the docs for more details on
the new URL names, and the namespace resolution strategy.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11250 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-16 16:16:13 +00:00
Russell Keith-Magee
93d86479e3
Fixed #11480 -- Corrected markup error in admin docs. Thank to msgre for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11240 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-15 13:57:46 +00:00
Russell Keith-Magee
6f25903a89
Fixed #11235 -- Added a missing clause from some sample SQL in the queryset docs.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11239 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-15 13:56:50 +00:00
Russell Keith-Magee
5727374d95
Fixed #11348 -- Trimmed the width of a screenshot image in the admin docs. Thanks to smcoll for the new image.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11238 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-15 13:55:50 +00:00
Russell Keith-Magee
75514ab7bc
Fixed #11374 -- Modified the documentation for forms.BooleanField to allow for the fact that it can be rendered using widgets other than a checkbox. Thanks to lygaret for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11236 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-15 13:54:11 +00:00
Russell Keith-Magee
e992e57d3e
Fixed #11416 -- Restored use of the never_cache decorator on admin views. Thanks to Ramiro Morales and Michael Newmann for their work on the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11229 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-13 13:46:31 +00:00
Russell Keith-Magee
6bf55a1abf
Fixed #11450 -- Corrected markup problem in contenttype docs. Thanks to seveas for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11218 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-11 15:37:08 +00:00
Russell Keith-Magee
9515c008bb
Fixed #11454 -- Corrected mismatched parenthesis in admin docs. Thanks to seveas for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11217 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-11 15:36:31 +00:00
Russell Keith-Magee
b96e55e811
Fixed #11419 -- Corrected a minor typo in the admin docs. Thanks to jspeis for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11176 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-03 14:10:35 +00:00
Russell Keith-Magee
36954a04b7
Fixed #9669 -- Corrected an answer in the admin FAQ that is wrong in a post-newforms-admin world. Thanks to Alex for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11175 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-03 14:09:04 +00:00
Russell Keith-Magee
b73319ae7b
Fixed #11417 -- Corrected typo in MySQL collation notes. Thanks to vorushin for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11169 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-03 07:15:48 +00:00
Russell Keith-Magee
6ed0345092
Fixed #11413 -- Added notes on the cycle and firstof tag detailing that variables output by those tags will not be escaped by default. Thanks to krystal for the report and draft patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11163 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-03 05:41:36 +00:00
Russell Keith-Magee
970be97530
Fixed #8861 -- Added note on the availability of ModelForm.instance. Thanks to Ramiro Morales for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11097 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-24 14:04:18 +00:00
Russell Keith-Magee
4acf7f43e7
Fixed #10415 -- Added documentation for features added in r7627 and r7630; extensibility points for the ModelAdmin and AdminSite. Thanks to Ramiro Morales for the draft text.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11095 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-24 14:02:22 +00:00
Russell Keith-Magee
bbd7b64e76
Fixed #11354 -- Remove stray whitespace in queryset docs. Thanks to flebel for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11094 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-24 14:01:36 +00:00
Russell Keith-Magee
18b29c523b
Fixed #11356 -- Added links to the growing collection of 3rd party database backends that are available. Thank to Nathan Auch for the draft text.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11093 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-24 14:00:53 +00:00
Russell Keith-Magee
755762e5b9
Fixed #11221 -- Replaced a reference to a non-existent URL with an actual explanation of sequences. Thanks to Rob Hudson for the report, and SmileyChris for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11053 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 13:37:10 +00:00
Russell Keith-Magee
97fb6cf2b3
Fixed #11141 -- Corrected a code example in the admin docs. Thanks to jodal for the report, and SmileyChris for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11049 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 13:35:06 +00:00
Russell Keith-Magee
7c18404a24
Fixed #11312 -- Fixed the default value given for DEFAULT_FILE_STORAGE in the docs. THanks to x00nix@gmail.com for the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11046 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 13:33:18 +00:00
Russell Keith-Magee
457a1f9a03
Fixed #11272 -- Made some clarifications to the overview and tutorial. Thanks to jjinux for the review notes.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11044 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 13:32:12 +00:00