Tim Baxter
f6b5cecc71
Refs #28457 -- Updated the colors of the 'Congrats' page for WCAG AA compliance.
2017-10-28 07:57:27 -04:00
Scot Hacker
6642a646f0
Fixed #28735 -- Fixed typo in django/views/templates/default_urlconf.html.
2017-10-24 11:17:47 -04:00
Stefan Sinca
347551c2a1
Fixed #28508 -- Set the foreground color to black in CSRF and 404 error templates.
2017-09-21 10:23:23 -04:00
Sjoerd Job Postmus
df41b5a05d
Fixed #28593 -- Added a simplified URL routing syntax per DEP 0201.
...
Thanks Aymeric Augustin for shepherding the DEP and patch review.
Thanks Marten Kenbeek and Tim Graham for contributing to the code.
Thanks Tom Christie, Shai Berger, and Tim Graham for the docs.
2017-09-20 18:04:42 -04:00
Tim Graham
6e4c6281db
Reverted "Fixed #27818 -- Replaced try/except/pass with contextlib.suppress()."
...
This reverts commit 550cb3a365
because try/except performs better.
2017-09-07 08:16:21 -04:00
Tim Graham
46e2b9e059
Fixed CVE-2017-12794 -- Fixed XSS possibility in traceback section of technical 500 debug page.
...
This is a security fix.
2017-09-05 10:58:38 -04:00
Sebastian Sassi
5848305218
Fixed #28082 -- Made BaseDateListView pass context from get_dated_items() to subclasses.
...
Thanks leon-matthews for the report and fix.
2017-09-04 10:55:18 -04:00
Sergey Fedoseev
f2b93b509c
Removed unneeded iter() calls.
...
A few of these were unnecessarily added in 2b281cc35e
.
2017-08-23 16:48:29 -04:00
Allen, Timothy
9229e005aa
Django -> django when styled as a logo with font. This was pointed out at DjangoCon US.
2017-08-21 08:00:54 +02:00
Martin von Gagern
71d39571f4
Fixed #28485 -- Made ExceptionReporter.get_traceback_frames() include frames without source code.
2017-08-12 20:32:39 -04:00
Timothy Allen
5fe9b7b40a
Fixed #28457 -- Updated the design of the 'Congrats' page for new Django projects.
...
Developed by Timothy Allen and Chad Whitman of The Wharton School with
shepherding from Aymeric Augustin and Collin Anderson.
2017-08-07 10:33:55 -04:00
Tim Graham
293608a2e0
Refs #7697 -- Removed unnecessary force_escape of technical 500 debug view "unicode hint".
...
The test passes before and after the removal. unicode_hint will never
be SafeText, so normal autoescaping is sufficient.
2017-08-02 15:16:22 -04:00
Tim Graham
8df7681d0e
Removed unneeded escape filter in templates where autoescaping is enabled.
2017-08-01 10:52:29 -04:00
Bruno Alla
604341c85f
Fixed #28331 -- Added ContextMixin.extra_context to allowing passing context in as_view().
2017-07-06 10:34:54 -04:00
Mads Jensen
550cb3a365
Fixed #27818 -- Replaced try/except/pass with contextlib.suppress().
2017-06-28 14:07:55 -04:00
Flávio Juvenal
0af14b2eaa
Refs #16870 -- Doc'd that CSRF protection requires the Referer header.
2017-06-22 11:50:00 -04:00
Josh Schneier
37c9b81ebc
Fixed #28104 -- Prevented condition decorator from setting ETag/Last-Modified headers for non-safe requests.
2017-06-06 15:37:14 -04:00
Claude Paroz
23142eea85
Fixed #18394 -- Added error for invalid JavaScriptCatalog packages
...
Thanks Tim Graham for the review.
2017-06-06 18:02:22 +02:00
partizan
ff099f9db8
Fixed #28271 -- Added charset to technical_500_response() AJAX response.
2017-06-05 14:43:40 -04:00
Jon Dufresne
2c69824e5a
Refs #23968 -- Removed unnecessary lists, generators, and tuple calls.
2017-06-01 19:08:59 -04:00
Adit Biswas
c2eea61dff
Fixed #28209 -- Made date-based generic views return a 404 rather than crash when given an out of range date.
2017-05-30 13:20:35 -04:00
Tom
7afb476469
Fixed #28226 -- Replaced use of str.join() with concatenation.
2017-05-27 13:59:05 -04:00
Claude Paroz
2cbb095bec
Fixed #28221 -- Fixed plural fallback translations in JavaScriptCatalog view
...
Thanks Waldemar Kornewald for the report and initial patch.
2017-05-25 22:47:21 +02:00
Claude Paroz
eb66057c1e
Refs #28221 -- Honor plural number in JavaScriptCatalog
2017-05-20 13:23:54 +02:00
Claude Paroz
d842ada305
Refs #27795 -- Stopped converting integer format settings to str in JS/JSON i18n views
...
Thanks Tim Graham for the review.
2017-05-08 19:32:03 +02:00
Claude Paroz
301de774c2
Refs #27795 -- Replaced many force_text() with str()
...
Thanks Tim Graham for the review.
2017-04-27 09:10:02 +02:00
Tim Graham
56970c5b61
Fixed #28122 -- Fixed crash when overriding views.static.directory_index()'s template.
2017-04-25 11:01:21 -04:00
Tim Graham
8c6a3062dd
Fixed #28079 -- Restored "No POST data" (rather than an empty table) in HTML debug page.
...
Regression in 7b6dccc82f
2017-04-15 09:21:35 -04:00
Abhishek Gautam
941b869135
Fixed #28008 -- Replaced getElementsByClassName() JavaScript in debug view template.
2017-04-14 08:12:14 -04:00
Claude Paroz
ea542a9c72
Fixed #28007 -- Moved debug templates to the filesystem
...
Thanks Tim Graham for the review.
2017-04-12 11:36:47 -04:00
Tim Graham
a1f948b468
Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve().
...
This is a security fix.
2017-04-04 10:42:06 -04:00
Ionuț Ciocîrlan
78619bcb0a
Fixed #27987 -- Added default colors in debug view CSS.
2017-03-28 08:55:16 -04:00
Tim Graham
b536dcf656
Fixed #27948 -- Removed incorrect unquote() in static serving views.
2017-03-17 07:55:00 -04:00
Claude Paroz
8346680e1c
Refs #27795 -- Removed unneeded force_text calls
...
Thanks Tim Graham for the review.
2017-03-04 18:18:21 +01:00
Anton Samarchyan
711123e1cd
Refs #27656 -- Updated django.views docstring verbs according to PEP 257.
2017-03-03 17:05:42 -05:00
Grzegorz Tężycki
fede65260a
Fixed #26911 -- Removed NoReverseMatch silencing in RedirectView.
2017-03-01 15:56:39 -05:00
Asif Saifuddin Auvi
5f3a689f71
Imported django.http classes instead of django.http.
2017-02-27 14:47:11 -05:00
Tim Graham
21f13ff5b3
Refs #23919 -- Removed an used block in ExceptionReporter.get_traceback_data().
...
The test from refs #20368 only runs this block on Python 2.
2017-02-09 09:03:28 -05:00
Claude Paroz
c651331b34
Converted usage of ugettext* functions to their gettext* aliases
...
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
Tim Graham
597bfcbf8b
Removed unused ExceptionReporter.format_exception() method.
...
Unused since its introduction in e7e4b8b0f7
.
2017-02-01 19:55:31 -05:00
Tim Graham
0205e04ce7
Removed ExceptionReporter support for string exceptions.
...
Reverted refs #6423 since raising string exceptions is prohibited
since Python 2.5.
2017-02-01 19:47:39 -05:00
Vytis Banaitis
8838d4dd49
Refs #23919 -- Replaced kwargs.pop() with keyword-only arguments.
2017-02-01 11:41:56 -05:00
Claude Paroz
fee42fd99e
Refs #23919 -- Replaced usage of django.utils.http utilities with Python equivalents
...
Thanks Tim Graham for the review.
2017-01-26 19:49:03 +01:00
Vytis Banaitis
d1bab24e01
Refs #23919 , #27778 -- Removed obsolete mentions of unicode.
2017-01-26 08:19:27 -05:00
chillaranand
d6eaf7c018
Refs #23919 -- Replaced super(ClassName, self) with super().
2017-01-25 12:23:46 -05:00
Tim Graham
9e6e32bf5d
Refs #23919 -- Removed django.utils.decorators.available_attrs() usage.
...
It's only needed to workaround a bug on Python 2.
2017-01-21 13:20:17 -05:00
Claude Paroz
dc8834cad4
Refs #23919 -- Removed unneeded force_str calls
2017-01-20 08:44:31 +01:00
Simon Charette
cecc079168
Refs #23919 -- Stopped inheriting from object to define new style classes.
2017-01-19 08:39:46 +01:00
Aymeric Augustin
3cc5f01d9b
Refs #23919 -- Stopped using django.utils.lru_cache().
2017-01-18 21:42:40 -05:00
Claude Paroz
2b281cc35e
Refs #23919 -- Removed most of remaining six usage
...
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
Claude Paroz
7b2f2e74ad
Refs #23919 -- Removed six.<various>_types usage
...
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
Claude Paroz
c716fe8782
Refs #23919 -- Removed six.PY2/PY3 usage
...
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
Tim Graham
d334f46b7a
Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES.
2017-01-17 20:52:04 -05:00
Tim Graham
2b20e4148f
Refs #19567 -- Removed deprecated javascript_catalog() and json_catalog() views.
2017-01-17 20:52:03 -05:00
Shivang Bharadwaj
6a74950513
Fixed #27258 -- Prohibited django.Template.render() with non-dict context.
...
Thanks Shivang Bharadwaj for the initial patch.
2016-12-28 16:03:20 -05:00
Waldemar Kornewald
b24af2f405
Fixed #27418 -- Fixed occasional missing plural forms in JavaScriptCatalog.
2016-12-14 18:20:30 -05:00
Merrin Macleod
eb7fb565e6
Removed an unnecessary, discouraging sentence on the "It worked!" page.
2016-12-13 13:45:09 -05:00
Collederas
07ac5d830a
Added period in BaseFormView docstring.
2016-12-08 07:39:15 -05:00
Andreas Pelme
373140b07a
Fixed #27567 -- Fixed crash in the debug view when request.user errors.
2016-12-06 12:28:00 -05:00
Ramin Farajpour Cami
967be82443
Fixed E305 flake8 warnings.
2016-11-14 12:30:46 -05:00
Mariusz Felisiak
c7f86d3eec
Fixed #27373 -- Corrected 404 debug page message for an empty request path.
2016-10-27 16:58:41 -04:00
Alvin Lindstam
6b5106b1ce
Fixed #27374 -- Made JavaScriptCatalog respect the packages argument.
2016-10-22 19:26:08 -04:00
Tim Graham
8119b679eb
Refs #27025 -- Fixed "invalid escape sequence" warnings in Python 3.6.
...
http://bugs.python.org/issue27364
2016-09-17 15:44:06 -04:00
Kevin Christopher Henry
4ef0e019b7
Fixed #27083 -- Added support for weak ETags.
2016-09-10 08:14:52 -04:00
Tim Graham
ef021412d5
Normalized spelling of ETag.
2016-09-09 11:00:21 -04:00
Jon Dufresne
f227b8d15d
Refs #26956 -- Allowed is_safe_url() to validate against multiple hosts
2016-09-07 19:56:25 -07:00
Anatoly Burov
7b6dccc82f
Fixed #27191 -- Fixed debug view crash for requests with 'items' in GET/POST/COOKIES/FILES.
2016-09-07 13:47:09 -04:00
Claude Paroz
2ced2f785d
Replaced smart_* by force_* calls whenever possible
...
The smart_* version should only be used when a lazy string should keep
its lazy status.
2016-09-03 13:46:41 +02:00
Jon Dufresne
ff1e7b4eb4
Fixed #25181 -- Added localdate() function to get date in a different time zone.
...
Thanks Konrad Świat for the original patch.
2016-08-31 17:19:33 -07:00
Przemysław Suliga
1f68bb5683
Refs #26902 -- Protected against insecure redirects in set_language().
2016-08-19 19:16:00 -04:00
Tim Graham
1e32e1cc95
Fixed #26973 -- Fixed views.static.serve() crash with show_indexes enabled.
2016-08-10 11:27:03 -04:00
Jon Dufresne
348cfccd90
Fixed #26938 -- Fixed invalid HTML in template postmortem on the debug page.
2016-07-24 18:18:57 +02:00
Tim Graham
93c538694e
Fixed XSS in admin's add/change related popup.
...
This is a security fix.
2016-07-18 11:17:01 -04:00
Florian Apolloner
9baf692a58
Fixed #26601 -- Improved middleware per DEP 0005.
...
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Vasiliy Faronov
ac77c55bc5
Fixed #26567 -- Updated references to obsolete RFC2616.
...
Didn't touch comments where it wasn't obvious that the code adhered to
the newer standard.
2016-05-03 11:14:40 -04:00
Anssi Kääriäinen
7f51876f99
Fixed #26207 -- Replaced dynamic classes with non-data descriptors for deferred instance loading.
2016-04-29 13:06:32 -04:00
Tim Graham
0d8b523422
Fixed #26553 -- Removed unneeded loop in views/i18n.py
2016-04-28 09:15:34 -04:00
Claude Paroz
de40cfbe74
Fixed #19567 -- Added JavaScriptCatalog and JSONCatalog class-based views
...
Thanks Cristiano Coelho and Tim Graham for the reviews.
2016-04-15 17:28:54 +02:00
Miikka Salminen
9e3f141701
Fixed #26466 -- Added HTTP_REFERER decoding to i18n set_language() view.
2016-04-09 10:57:43 -04:00
Tim Graham
df8d8d4292
Fixed E128 flake8 warnings in django/.
2016-04-08 09:51:06 -04:00
Vaclav Ehrlich
369fa471f4
Fixed #26201 -- Documented the consequences of rotating the CSRF token on login.
2016-04-05 11:02:38 -04:00
Tim Graham
2cd2d18851
Fixed W503 flake8 warnings.
2016-04-04 17:14:26 -04:00
Krzysztof Jurewicz
940b7fd5cb
Fixed #21446 -- Allowed not performing redirect in set_language view
...
Thanks Claude Paroz and Tim Graham for polishing the patch.
2016-03-29 22:15:14 +02:00
Claude Paroz
11c60b5298
Reused the DjangoTranslation class for the javascript_catalog view
...
Thanks Tim Graham and Cristiano Coelho for the reviews.
Refs #26328 , #26319 .
2016-03-08 21:39:59 +01:00
Andrew Kuchev
e81d1c995c
Fixed #25670 -- Allowed dictsort to sort a list of lists.
...
Thanks Tim Graham for the review.
2016-02-23 12:15:08 -05:00
François Freitag
16a88b4429
Fixed #26209 -- Masked sensitive settings in debug reports regardless of case.
2016-02-11 18:13:03 -05:00
Tim Graham
406675b1a0
Fixed #26176 -- Fixed E123 flake8 warnings.
2016-02-05 15:11:07 -05:00
userimack
60586dd737
Fixed #26125 -- Fixed E731 flake warnings.
2016-01-25 14:23:43 -05:00
Iacopo Spalletti
21bf685f5e
Fixed #25697 -- Made default error views error when passed a nonexistent template_name.
2016-01-14 07:05:38 -05:00
Varun Sharma
3d6474e1a5
Fixed #25385 -- Allowed importing views.generic.View from views.View.
2016-01-11 08:18:44 -05:00
pp
c8d970a548
Refs #25755 -- Unified a couple more spellings of 'website'.
2016-01-11 06:13:16 -05:00
Tim Graham
98839e9066
Removed British/Austrialian word: whilist.
2015-12-31 14:29:52 -05:00
Marten Kenbeek
16411b8400
Fixed #26013 -- Moved django.core.urlresolvers to django.urls.
...
Thanks to Tim Graham for the review.
2015-12-31 14:21:29 -05:00
Chris Cogdon
e429c5186c
Fixed #26018 -- Prevented unecessary get_form() call in FormMixin.get_context_data().
...
Changed "dict.setdefault" to "if x in dict" pattern so that get_form() would not
be called unnecessarily, specifically in the case where FormMixin.form_invalid()
calls get_context_data() with the current form.
2015-12-30 17:29:39 -05:00
Chris Cogdon
4b2dcfe04f
Fixed #26006 -- Fixed incorrect object reference in SingleObjectMixin.get_context_object_name().
2015-12-30 09:56:45 -05:00
Tim Graham
acd3606049
Removed blank line to appease isort.
2015-11-17 19:01:06 -05:00
Raphael Michel
16945f0e9c
Fixed #25695 -- Added template_name parameter to csrf_failure() view.
2015-11-17 14:28:18 -05:00
Alex Morozov
e171a83b15
Fixed #25548 -- Prevented FormView.form_invalid() from discarding its form argument.
2015-11-11 13:28:34 -05:00
Tim Graham
37ea3cb03e
Fixed "URLconf" spelling in code comments.
2015-10-22 14:46:42 -04:00