1f4b9f4f1f
Removed unused ExceptionReporterFilter class.
...
Unused since 8f8c54f70b
2020-01-11 20:18:38 +01:00
e2d9d66a22
Fixed #23004 -- Added request.META filtering to SafeExceptionReporterFilter.
...
Co-authored-by: Ryan Castner <castner.rr@gmail.com>
2020-01-10 11:35:41 +01:00
581ba5a948
Refs #23004 -- Allowed exception reporter filters to customize settings filtering.
...
Thanks to Tim Graham for the original implementation idea.
Co-authored-by: Daniel Maxson <dmaxson@ccpgames.com>
2020-01-10 11:21:23 +01:00
0707ff6d36
Renamed set_language()'s next variable to avoid clash with builtin.
2020-01-09 07:54:18 +01:00
2ea3fb3e63
Removed "Don't do that" from docs and error messages.
...
It's slightly aggressive and doesn't explain itself.
2020-01-06 13:50:43 +01:00
35d36d9462
Refs #30585 -- Updated project templates and tests to use (block)translate tags.
2019-12-18 13:15:38 +01:00
e703b93a65
Fixed #31080 -- Removed redundant type="text/javascript" attribute from <script> tags.
2019-12-11 09:49:54 +01:00
d8e2333528
Fixed #31077 -- Made debug decorators raise TypeError if they're not called.
...
Django will raise an error if you forget to call the decorator.
2019-12-10 13:34:28 +01:00
4b78546ef1
Fixed #30405 -- Fixed source code mismatch crash in ExceptionReporter.
2019-11-12 11:31:12 +01:00
e8de188c06
Refs #30405 -- Added ExceptionReporter._get_source().
2019-11-12 09:44:23 +01:00
c2c27867ef
Refs #20456 -- Moved initialization of HEAD method based on GET to the View.setup() for generic views.
...
This will ease unit testing of views since setup will essentially do
everything needed to set the view instance up (other than instantiating
it). Credit for idea goes to Vincent Prouillet.
2019-10-30 14:43:52 +01:00
e3d0b4d550
Fixed #30899 -- Lazily compiled import time regular expressions.
2019-10-29 09:22:26 +01:00
4f61810751
Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme().
2019-09-02 15:32:23 +02:00
503f60ff57
Fixed #29008 -- Fixed crash of 404 debug page when URL path converter raises Http404.
2019-08-09 22:48:08 +02:00
c7bef16a74
Fixed #30411 -- Improved formatting of text tracebacks in technical 500 templates.
...
Co-Authored-By: Daniel Hahler <git@thequod.de>
2019-07-29 11:09:54 +02:00
42b9a23267
Fixed #30400 -- Improved typography of user facing strings.
...
Thanks Claude Paroz for assistance with translations.
2019-06-28 16:46:18 +02:00
c498f088c5
Fixed #30521 -- Fixed invalid HTML in default error pages.
2019-06-07 07:51:45 +02:00
7619a33665
Refs #28593 -- Changed url() to path() in comments following URL routing changes.
2019-05-13 18:30:51 +02:00
19fc6376ce
Fixed #30304 -- Added support for the HttpOnly, SameSite, and Secure flags on language cookies.
2019-04-08 11:26:06 +02:00
6b4e57d79f
Refs #30324 -- Forced utf-8 encoding when loading templates for the technical 404 debug and congrats page.
2019-04-05 16:35:01 +02:00
efb257a017
Fixed #30324 -- Forced utf-8 encoding when loading the template for the technical 500 debug page.
...
Regression in 50b8493ea542a9
2019-04-05 16:35:01 +02:00
9012033138
Fixed bidirectionality on the congrats page.
2019-04-05 14:20:01 +02:00
a8e2a9bac6
Refs #15902 -- Deprecated storing user's language in the session.
2019-02-14 10:23:02 -05:00
3bb6a4390c
Refs #27753 -- Favored force/smart_str() over force/smart_text().
2019-02-06 14:12:06 -05:00
3634560fa9
Fixed #29393 -- Prevented infinite loop in ExceptionReporter.get_traceback_frames().
2019-02-02 16:39:36 -05:00
16454ac35f
Fixed #29825 -- Fixed JS ngettext if the string is a non-plural msgid in the catalog.
2019-01-28 21:04:36 +01:00
7785e03ba8
Fixed #30137 -- Replaced OSError aliases with the canonical OSError.
...
Used more specific errors (e.g. FileExistsError) as appropriate.
2019-01-28 11:15:06 -05:00
8045dff98c
Refs #27829 -- Removed settings.DEFAULT_CONTENT_TYPE per deprecation timeline.
2019-01-17 10:50:25 -05:00
876dc306cd
Refs #30102 -- Added comment on use of Template without placeholders in page_not_found() view.
2019-01-16 16:19:56 +01:00
1ecc0a395b
Fixed #30070 , CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page.
...
Co-Authored-By: Tim Graham <timograham@gmail.com>
2019-01-03 21:21:55 -05:00
e671337e8b
Fixed #29750 -- Added View.setup() hook for class-based views.
2018-12-21 19:01:11 -05:00
19e863a844
Fixed #29995 -- Used higher contrast colors in debug page.
2018-12-21 18:00:13 -05:00
226a26cf34
Removed an overridden CSS rule in debug page.
2018-12-21 18:00:03 -05:00
4f8f1b2f24
Fixed #29903 -- Added error message for invalid WeekArchiveView week_format.
2018-10-29 14:22:42 -04:00
82f286cf6f
Refs #29784 -- Switched to https:// links where available.
2018-09-26 08:48:47 +02:00
50b8493581
Refs #29654 -- Replaced three dots with ellipsis character in output strings.
2018-08-22 09:13:58 -04:00
f52b026168
Refs #28457 -- Tweaked colors/layout of the congrats page for readability.
2018-06-27 10:47:59 -04:00
7cdeb23ae7
Fixed #29511 -- Added charset to JavaScriptCatalog's Content-Type header.
2018-06-22 09:15:29 +02:00
238ed313c5
Removed views.i18n.null_javascript_catalog().
...
Unused since de40cfbe74
2018-06-21 11:06:14 -04:00
a177f854c3
Fixed #16470 -- Allowed FileResponse to auto-set some Content headers.
...
Thanks Simon Charette, Jon Dufresne, and Tim Graham for the reviews.
2018-05-15 18:12:11 +02:00
10b44e4525
Fixed #26688 -- Fixed HTTP request logging inconsistencies.
...
* Added logging of 500 responses for instantiated responses.
* Added logging of all 4xx and 5xx responses.
2018-05-04 20:55:03 -04:00
11b8c30b9e
Ref #23919 -- Replaced some os.path usage with pathlib.Path.
2018-04-19 21:30:00 -04:00
ff05de760c
Fixed #29038 -- Removed closing slash from HTML void tags.
2018-01-21 02:09:10 -05:00
3c34452ab5
Refs #23668 -- Removed passing default argument of current TZ to make_aware()/naive.
2018-01-18 11:21:12 -05:00
fcd431c6c3
Improved generic detail view error message for when pk or slug is missing.
2018-01-17 10:58:05 -05:00
1b753b2d60
Fixed #28885 -- Fixed hidden content at the bottom of the "The install worked successfully!" page for some languages.
2018-01-12 19:09:54 -05:00
d7b2aa24f7
Fixed #28982 -- Simplified code with and/or.
2018-01-03 20:12:23 -05:00
d79cf1e9e2
Fixed #28985 -- Removed unneeded None checks before hasattr().
2018-01-03 11:37:06 -05:00
b3cd9fb18b
Refs #15902 -- Made set_language() view always set the current language in a cookie.
...
The plan is to later deprecate/remove storing the language in the session.
2018-01-03 11:25:40 -05:00
a862af3839
Fixed #28893 -- Removed unnecessary dict.items() calls.
2017-12-06 17:17:59 -05:00
d2afa5eb23
Fixed #28860 -- Removed unnecessary len() calls.
2017-12-04 10:35:23 -05:00
23bf4ad87f
Fixed #28795 -- Removed 'not in' checks and used dict.setdefault().
2017-11-14 10:52:52 -05:00
ac6a4eb9f9
Fixed #28719 -- Added a helpful exception if MultipleObjectTemplateResponseMixin doesn't generate any template names.
2017-11-07 18:46:52 -05:00
6c0042430e
Fixed #28776 -- Fixed a/an/and typos in docs and comments.
2017-11-06 22:41:03 -05:00
73241132f2
Refs #28457 -- Removed unused .next-step CSS in django/views/templates/default_urlconf.html.
2017-10-28 07:59:59 -04:00
f6b5cecc71
Refs #28457 -- Updated the colors of the 'Congrats' page for WCAG AA compliance.
2017-10-28 07:57:27 -04:00
6642a646f0
Fixed #28735 -- Fixed typo in django/views/templates/default_urlconf.html.
2017-10-24 11:17:47 -04:00
347551c2a1
Fixed #28508 -- Set the foreground color to black in CSRF and 404 error templates.
2017-09-21 10:23:23 -04:00
df41b5a05d
Fixed #28593 -- Added a simplified URL routing syntax per DEP 0201.
...
Thanks Aymeric Augustin for shepherding the DEP and patch review.
Thanks Marten Kenbeek and Tim Graham for contributing to the code.
Thanks Tom Christie, Shai Berger, and Tim Graham for the docs.
2017-09-20 18:04:42 -04:00
6e4c6281db
Reverted "Fixed #27818 -- Replaced try/except/pass with contextlib.suppress()."
...
This reverts commit 550cb3a365
2017-09-07 08:16:21 -04:00
46e2b9e059
Fixed CVE-2017-12794 -- Fixed XSS possibility in traceback section of technical 500 debug page.
...
This is a security fix.
2017-09-05 10:58:38 -04:00
5848305218
Fixed #28082 -- Made BaseDateListView pass context from get_dated_items() to subclasses.
...
Thanks leon-matthews for the report and fix.
2017-09-04 10:55:18 -04:00
f2b93b509c
Removed unneeded iter() calls.
...
A few of these were unnecessarily added in 2b281cc35e
2017-08-23 16:48:29 -04:00
9229e005aa
Django -> django when styled as a logo with font. This was pointed out at DjangoCon US.
2017-08-21 08:00:54 +02:00
71d39571f4
Fixed #28485 -- Made ExceptionReporter.get_traceback_frames() include frames without source code.
2017-08-12 20:32:39 -04:00
5fe9b7b40a
Fixed #28457 -- Updated the design of the 'Congrats' page for new Django projects.
...
Developed by Timothy Allen and Chad Whitman of The Wharton School with
shepherding from Aymeric Augustin and Collin Anderson.
2017-08-07 10:33:55 -04:00
293608a2e0
Refs #7697 -- Removed unnecessary force_escape of technical 500 debug view "unicode hint".
...
The test passes before and after the removal. unicode_hint will never
be SafeText, so normal autoescaping is sufficient.
2017-08-02 15:16:22 -04:00
8df7681d0e
Removed unneeded escape filter in templates where autoescaping is enabled.
2017-08-01 10:52:29 -04:00
604341c85f
Fixed #28331 -- Added ContextMixin.extra_context to allowing passing context in as_view().
2017-07-06 10:34:54 -04:00
550cb3a365
Fixed #27818 -- Replaced try/except/pass with contextlib.suppress().
2017-06-28 14:07:55 -04:00
0af14b2eaa
Refs #16870 -- Doc'd that CSRF protection requires the Referer header.
2017-06-22 11:50:00 -04:00
37c9b81ebc
Fixed #28104 -- Prevented condition decorator from setting ETag/Last-Modified headers for non-safe requests.
2017-06-06 15:37:14 -04:00
23142eea85
Fixed #18394 -- Added error for invalid JavaScriptCatalog packages
...
Thanks Tim Graham for the review.
2017-06-06 18:02:22 +02:00
ff099f9db8
Fixed #28271 -- Added charset to technical_500_response() AJAX response.
2017-06-05 14:43:40 -04:00
2c69824e5a
Refs #23968 -- Removed unnecessary lists, generators, and tuple calls.
2017-06-01 19:08:59 -04:00
c2eea61dff
Fixed #28209 -- Made date-based generic views return a 404 rather than crash when given an out of range date.
2017-05-30 13:20:35 -04:00
7afb476469
Fixed #28226 -- Replaced use of str.join() with concatenation.
2017-05-27 13:59:05 -04:00
2cbb095bec
Fixed #28221 -- Fixed plural fallback translations in JavaScriptCatalog view
...
Thanks Waldemar Kornewald for the report and initial patch.
2017-05-25 22:47:21 +02:00
eb66057c1e
Refs #28221 -- Honor plural number in JavaScriptCatalog
2017-05-20 13:23:54 +02:00
d842ada305
Refs #27795 -- Stopped converting integer format settings to str in JS/JSON i18n views
...
Thanks Tim Graham for the review.
2017-05-08 19:32:03 +02:00
301de774c2
Refs #27795 -- Replaced many force_text() with str()
...
Thanks Tim Graham for the review.
2017-04-27 09:10:02 +02:00
56970c5b61
Fixed #28122 -- Fixed crash when overriding views.static.directory_index()'s template.
2017-04-25 11:01:21 -04:00
8c6a3062dd
Fixed #28079 -- Restored "No POST data" (rather than an empty table) in HTML debug page.
...
Regression in 7b6dccc82f
2017-04-15 09:21:35 -04:00
941b869135
Fixed #28008 -- Replaced getElementsByClassName() JavaScript in debug view template.
2017-04-14 08:12:14 -04:00
ea542a9c72
Fixed #28007 -- Moved debug templates to the filesystem
...
Thanks Tim Graham for the review.
2017-04-12 11:36:47 -04:00
a1f948b468
Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve().
...
This is a security fix.
2017-04-04 10:42:06 -04:00
78619bcb0a
Fixed #27987 -- Added default colors in debug view CSS.
2017-03-28 08:55:16 -04:00
b536dcf656
Fixed #27948 -- Removed incorrect unquote() in static serving views.
2017-03-17 07:55:00 -04:00
8346680e1c
Refs #27795 -- Removed unneeded force_text calls
...
Thanks Tim Graham for the review.
2017-03-04 18:18:21 +01:00
711123e1cd
Refs #27656 -- Updated django.views docstring verbs according to PEP 257.
2017-03-03 17:05:42 -05:00
fede65260a
Fixed #26911 -- Removed NoReverseMatch silencing in RedirectView.
2017-03-01 15:56:39 -05:00
5f3a689f71
Imported django.http classes instead of django.http.
2017-02-27 14:47:11 -05:00
21f13ff5b3
Refs #23919 -- Removed an used block in ExceptionReporter.get_traceback_data().
...
The test from refs #20368 only runs this block on Python 2.
2017-02-09 09:03:28 -05:00
c651331b34
Converted usage of ugettext* functions to their gettext* aliases
...
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
597bfcbf8b
Removed unused ExceptionReporter.format_exception() method.
...
Unused since its introduction in e7e4b8b0f7
2017-02-01 19:55:31 -05:00
0205e04ce7
Removed ExceptionReporter support for string exceptions.
...
Reverted refs #6423 since raising string exceptions is prohibited
since Python 2.5.
2017-02-01 19:47:39 -05:00
8838d4dd49
Refs #23919 -- Replaced kwargs.pop() with keyword-only arguments.
2017-02-01 11:41:56 -05:00
fee42fd99e
Refs #23919 -- Replaced usage of django.utils.http utilities with Python equivalents
...
Thanks Tim Graham for the review.
2017-01-26 19:49:03 +01:00
d1bab24e01
Refs #23919 , #27778 -- Removed obsolete mentions of unicode.
2017-01-26 08:19:27 -05:00
d6eaf7c018
Refs #23919 -- Replaced super(ClassName, self) with super().
2017-01-25 12:23:46 -05:00
Carlton Gibson
Mike Yusko
Adam Johnson
Mike Hansen
Jon Dufresne
Baptiste Mispelon
Hasan Ramezani
Felipe Lee
Ngalim Siregar
Jerrod Martin
Alexandre Varas
Tobias Bengfort
Ran Benita
Nick Pope
Majid Vaghari
Claude Paroz
Aymeric Augustin
Vinay Karanam
Tim Graham
Tom Hacohen
François Freitag
Zach Garwood
Timothy Allen
Samir Shah
Tom
Vincent Poulailleau
Himanshu Chauhan
Дилян Палаузов
Дилян Палаузов
Bjorn Kristinsson
Tim Baxter
Scot Hacker
Stefan Sinca
Sjoerd Job Postmus
Sebastian Sassi
Sergey Fedoseev
Allen, Timothy
Martin von Gagern
Bruno Alla
Mads Jensen
Flávio Juvenal
Josh Schneier
partizan
Adit Biswas
Abhishek Gautam
Ionuț Ciocîrlan
Anton Samarchyan
Grzegorz Tężycki
Asif Saifuddin Auvi
Vytis Banaitis
chillaranand