Commit Graph

23 Commits

Author SHA1 Message Date
Luke Plant 763bcf8472 Fixed paste-o in [13855]
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13857 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-14 21:40:23 +00:00
Luke Plant 34a4af50be Fixed #2283 (again) - comment form templates don't validate as XHTML
Thanks to hjoreteg/thejaswi_puthraya for the report and patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13855 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-14 14:22:35 +00:00
Jannis Leidel b9d698e9f2 Fixed #10285 - Added render_comment_list template tag to comments app. Thanks Kyle Fuller for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12082 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-04 02:29:12 +00:00
Luke Plant 8e70cef9b6 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
This is a large change to CSRF protection for Django.  It includes:

 * removing the dependency on the session framework.
 * deprecating CsrfResponseMiddleware, and replacing with a core template tag.
 * turning on CSRF protection by default by adding CsrfViewMiddleware to
   the default value of MIDDLEWARE_CLASSES.
 * protecting all contrib apps (whatever is in settings.py)
   using a decorator.

For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.

Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.

Details of the rationale for these changes is found here:

http://code.djangoproject.com/wiki/CsrfProtection

As of this commit, the CSRF code is mainly in 'contrib'.  The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Jacob Kaplan-Moss 8be1bb2268 Fixed #11625: added comment moderation via admin actions.
This is BACKWARDS INCOMPATIBLE if you were using the completely undocumented moderation view from 1.1. That view's been removed in favor of the admin actions.

Thanks, Thejaswi Puthraya.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11639 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-23 19:22:31 +00:00
Jacob Kaplan-Moss 752cc49a62 Fixed #10169: don't accidentally try to redirect to "None" after posting a comment.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10429 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-07 20:22:36 +00:00
Jacob Kaplan-Moss 92a38be9c6 Fixed #9792: corrected invalid HTML in the comment form and comment preview.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10420 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-07 19:34:21 +00:00
Jacob Kaplan-Moss f8adf99cdb Fixed #9268: pass the "next" param through in the comment preview/post view. Also updated the docs to make this a bit clearer.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10418 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-07 19:28:13 +00:00
Jacob Kaplan-Moss 4035ea3538 A few small fixes to django.contrib.comments (Comment.get_as_text for non-authenticated users; references to Comment.permalink; unused imports). Fixes #9143, #9429, and 9439. Thanks, Thejaswi Puthraya.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9730 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-01-12 17:27:41 +00:00
Malcolm Tredinnick 645029accb Fixed #9100 -- Added a missing CSS class to a submit button.
Thanks, mordyovits and thejaswi_puthraya.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9120 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-05 05:09:59 +00:00
Malcolm Tredinnick 8524089769 Add internationalisation support to the comment templates. Fixed #8868, #8905
Thanks to zgoda for a patch that did most of the internationalisation part.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9119 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-05 05:09:21 +00:00
Malcolm Tredinnick 16d0a615c4 Fixed #8869 -- Fixed comments templates to be well-formed XHTML.
Based on a patch from zgoda.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9117 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-05 05:06:26 +00:00
Malcolm Tredinnick cf34d1f687 Fixed #9141 -- Removed two templates from django.contrib.comments that were not being used.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9115 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-05 05:04:56 +00:00
Adrian Holovaty 8ec8e1a5e8 Fixed #8870 -- Changed django.contrib.comments templates to use lowercase 'post' for <form method> attributes, to be consistent with our other templates. Thanks, zgoda
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9050 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-16 06:15:26 +00:00
Adrian Holovaty 5cc93500e8 Fixed #8959 -- Removed redundant calls to the 'escape' template filter in the django.contrib.comments templates. Thanks, zgoda
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9000 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-10 05:14:59 +00:00
Malcolm Tredinnick 96a417f91d Fixed two XHTML errors pointed out by Jarek Zgoda. Refs #8855.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8958 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-03 22:46:39 +00:00
Jacob Kaplan-Moss 7b65302567 Fixed #8608: corrected doc link in comment 400 error page.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8677 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-28 19:46:33 +00:00
Jacob Kaplan-Moss cba91997a2 Refactored Django's comment system.
Much of this work was done by Thejaswi Puthraya as part of Google's Summer of Code project; much thanks to him for the work, and to them for the program.

This is a backwards-incompatible change; see the upgrading guide in docs/ref/contrib/comments/upgrade.txt for instructions if you were using the old comments system.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@8557 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-25 22:14:22 +00:00
Malcolm Tredinnick 5dfe74f221 Fixed #3185 -- Made values for login, logout and post-login redirect URLs
configurable. This is a combined patch from Vasily Sulatskov, Marc Fargas and
Collin Grady.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5072 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-04-25 08:49:57 +00:00
Malcolm Tredinnick 51705f60b1 Fixed #2332 -- Introduced is_authenticated() method on User and AnonymousUser classes. Recommended its use over is_anonymous in the docs. Changed internal Django use to match this recommendation. Thanks to SmileyChris and Gary Wilson for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3360 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-07-19 02:09:26 +00:00
Adrian Holovaty 4b11b43d0b Fixed #2283 -- Fixed XHTML-strict validation error in comment templates
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3283 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-07-07 03:57:50 +00:00
Adrian Holovaty 2837455878 Fixed #2168 -- Made comment templates more accessible
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3203 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-06-26 00:48:12 +00:00
Georg Bauer 1d6a56dae2 fixed #1287 - comment forms are now translateable and overrideable
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2230 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-02-02 10:25:15 +00:00