Commit Graph

4385 Commits

Author SHA1 Message Date
Jacob Kaplan-Moss d698f319e4 Testing -- please ignore.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6725 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 21:26:11 +00:00
Malcolm Tredinnick 9130765ff9 Fixed #5890 -- fixed the far edge-case of allowing constant strings inside
template template markers: we now treat embedded, escaped double quotes
consistently with constant string arguments to filters. Patch from Dmitri
Fedortchenko.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6724 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 21:04:05 +00:00
Malcolm Tredinnick 5a5a71edcd Fixed #5991 -- Marked the generated HTML for newforms.extra.SelectDateWidget as
safe. Patch from alberto.piai@gmail.com.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6723 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 20:19:58 +00:00
Malcolm Tredinnick 1c87a7bb58 Fixed #5730: Conditionally escape widget contents in newforms to avoid
inadvertent double-escaping. This still isn't perfect behaviour (since it's
unaware of the current context's auto-escaping setting), but that's a larger
problem that needs fixing and this change at least makes the existing
behaviour consistent. Patch from SmileyChris.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6722 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 20:19:54 +00:00
Malcolm Tredinnick dc716112a7 Fixed an edge-case for auto-escaping: if the stringfilter decorator is used and
generates a first argument that is a safe string, make the is_safe handling
work as expect.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6721 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 20:03:28 +00:00
Malcolm Tredinnick 2d0d6620e6 Fixed #6015 -- Fixed a CSS escaping issue for admin's edit-inline.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6720 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 17:58:10 +00:00
Malcolm Tredinnick 8f70eb5b50 FIxed #5951 -- Updated Polish translation. Thanks, Jarek Zgoda.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6719 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 16:13:09 +00:00
Russell Keith-Magee 6b626800f8 Fixed #5943 -- Modified django-admin.py to work like manage.py whenever a --settings option is provided. Thanksfor the patch, Todd O'Bryan.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6718 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-26 12:32:57 +00:00
Gary Wilson Jr f110da91db Fixed #5993 -- Made `RadioSelect` easier to subclass by giving it a default `renderer` as a class attribute.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6717 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-26 02:39:48 +00:00
Gary Wilson Jr 183a457f5a Fixed #2086 -- Changed `base.css` to import `null.css` (added in [6197]) instead of `null`.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6716 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-25 20:29:26 +00:00
Gary Wilson Jr 5903b0bdcd Added a few more tests for `MultiValueDict`.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6715 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-25 18:16:40 +00:00
Gary Wilson Jr c7181ec0ff Made `MultiValueDict`'s `get` and `getlist` method docstrings more descriptive.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6714 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-25 18:14:18 +00:00
Gary Wilson Jr 891cc5df92 Minor styling fix in `DotExpandedDict.__init__`.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6713 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-25 18:11:44 +00:00
Gary Wilson Jr 303d22b0d2 Changed several hardcoding of `dict` method calls in `django.utils.datastructures.py` to use `super` instead.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6712 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-25 18:10:45 +00:00
Gary Wilson Jr 8df3d2b467 In `MergeDict` class, changed variable names to not clash with `dict` builtin.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6711 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-25 18:07:57 +00:00
Russell Keith-Magee dab8503146 Corrected a docstring in django.test.TestCase to match the actual behavior.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6710 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-23 10:51:17 +00:00
Gary Wilson Jr 900811f401 Fixed #5981 -- Fixed failing regression test when using locmem cache backend. Changed `add` to pickle the value as is done in `set`. Based on patch from mattmcc.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6709 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-21 19:54:58 +00:00
Malcolm Tredinnick 2e9e36e297 Fixed #5983 -- Made iriencode filter respect safe strings. Patch from
SmileyChris.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6706 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-20 01:37:57 +00:00
Malcolm Tredinnick ab69710de4 Fixed #5976 -- Handle auto-escaping correctly for empty columns in admin change
view.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6705 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-20 01:37:34 +00:00
Malcolm Tredinnick 116b9d06cc Fixed #5974 -- Added autoescaping for source code lines and local variables in
technical debug page.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6704 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-20 01:37:16 +00:00
Malcolm Tredinnick b1d40295bc Fixed #5973 -- Fixed inadvertent allow_tags=True auto-escaping problem.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6703 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-20 01:37:01 +00:00
Gary Wilson Jr 6522e0697a Fixed #5932 -- Use `self.pages` and not `self._pages` in `_get_page_range` so that an exception is not raised if `self.page_range` is accessed before `self.pages`.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6702 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 06:10:23 +00:00
Gary Wilson Jr 1607acee40 Fixed #5978 -- Gave `LOCALE_PATHS` a default setting of an empty tuple and removed some code that was checking for its existance in settings before accessing it.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6701 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 05:59:58 +00:00
Gary Wilson Jr 331d4bba97 Fixed link to settings documentation in the i18n docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6700 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 04:36:09 +00:00
Gary Wilson Jr 42c5a91388 Made use of `EMPTY_VALUES` in `ModelChoiceField.clean()`.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6699 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 04:07:03 +00:00
Gary Wilson Jr 66576c285a Some minor changes to the `patch_vary_headers` function:
* Replaced a for loop with a list comprehension.
 * Used a set instead of a dict with dummy values.
 * Used a bit more readable variable names.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6698 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 04:00:41 +00:00
Gary Wilson Jr 5870ffd4b0 Made some stylistic changes in `GZipMiddleware` and added some notes about IE, refs #5313.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6697 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 03:41:46 +00:00
Gary Wilson Jr 34cc21983c Removed `vary_delim_re` in `django/utils/cache.py` in favor of existing `cc_delim_re` since the latter is more correct in parsing the header (allows whitespace before and after comma separators instead of just after). As a bonus, tests added for `patch_vary_headers()`.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6696 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 03:12:19 +00:00
Gary Wilson Jr 7d8ac66026 Added *.pyc ignore.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6695 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 03:01:20 +00:00
Gary Wilson Jr b2b6fc8e3c Fixed #5975 -- Gave `ModelChoiceField` and `ModelMultipleChoiceField` ability to specify custom error messages.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6694 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-18 20:25:23 +00:00
Malcolm Tredinnick 86ca11dd6d Rewrote the section about writing autoescaping-aware filters, based on feedback
from Ivan Sagalaev.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6692 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-18 07:19:11 +00:00
Gary Wilson Jr 38d972b9ec Fixed #5880 -- Fixed an XSS hole in the admin interface.
* Escaped text that gets sent after saving the admin foreignkey popup form.
 * Added quotes around the second argument passed to `opener.dismissAddAnotherPopup` to make the function also work when a text field is used as the primary key.
 * Added a `html_unescape` javascript function to unescape the strings passed in to the `dismissAddAnotherPopup` function so that the added choice displays correctly in the dropdown box.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6691 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-18 06:51:20 +00:00
Malcolm Tredinnick 5f8cfe99f3 Fixed #5969 -- Corrected a problem introduced in [6682].
*sigh* As usual, the one case I forget to test turned out to be broken.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6689 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-18 03:36:03 +00:00
Malcolm Tredinnick ce73298e26 Fixed #5960 -- Fixed some Python 2.3 incompatibilities.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6685 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 12:58:06 +00:00
Malcolm Tredinnick 4bd75e8712 Fixed a couple of chained filter tests that weren't demonstrating what they
claimed (since the "cut" filter's behaviour had changed since I originally
wrote those tests).


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6684 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 12:18:09 +00:00
Malcolm Tredinnick 4585b4d6c2 Fixed some missed auto-escaping and URL quoting cases in the urlize filter.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6683 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 12:12:40 +00:00
Malcolm Tredinnick adcec0885d Fixed a few problems with variable resolving inside of blocktrans tags. A couple of these were exposed by the auto-escaping changes, but I suspect the other one has been hiding in plain sight for a while.
Fixed #5952, #5953


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6682 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 12:12:18 +00:00
Malcolm Tredinnick 64c0bf8677 Translating safe strings should return a safe result.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6681 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 12:11:54 +00:00
Malcolm Tredinnick 0928fa5566 Fixed #5945 -- Treat string literals in template filter arguments as safe
strings for auto-escaping purposes.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6680 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 12:11:26 +00:00
Malcolm Tredinnick 0b0ef3f0c5 Fixed #4713 -- Fixed handling of _() in template tag arguments. Based on
patched from Indy and SmileyChris.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6679 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 04:04:12 +00:00
Malcolm Tredinnick d0f3c4386e Fixed #5898 -- Updated docs for r6662, as pointed out by arien.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6678 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-15 09:26:57 +00:00
Malcolm Tredinnick 84c1e78551 Fixed #5892, #5930 -- Fixed some typos pointed out by ars@iki.fi and nickl.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6677 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-15 09:21:36 +00:00
Malcolm Tredinnick a5e960db48 Fixed #5933 -- Updated Polish translation from Jarek Zgoda.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6676 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-15 09:17:53 +00:00
Malcolm Tredinnick b58c55fc80 Fixed #5944 -- Added safe string markings to admin error messages in one place
that was missed.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6675 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-14 22:58:24 +00:00
Malcolm Tredinnick 3322521cd6 Documented the time-saver in flatpages: title and content are marked as safe
strings.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6674 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-14 21:30:18 +00:00
Malcolm Tredinnick bdb0b903c2 Content coming via {{ block.super }} is always going to be correctly escaped
already. We mark it as safe so that template authors don't need to.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6673 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-14 21:07:27 +00:00
Malcolm Tredinnick 356662cf74 Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359
See documentation in templates.txt and templates_python.txt for how everything
works.

Backwards incompatible if you're inserting raw HTML output via template variables.

Based on an original design from Simon Willison and with debugging help from Michael Radziej.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-14 12:58:53 +00:00
Gary Wilson Jr babfe78494 Fixed #4787, #5913 -- Updating the queryset on a `ModelChoiceField` or `ModelMultipleChoiceField` now updates its widget's choices. The clean methods for `ModelChoiceField` and `ModelMultipleChoiceField` were changed to only allow choices in the specified queryset (instead of allowing all choices returned by the queryset model's default manager).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6670 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-13 14:36:29 +00:00
Gary Wilson Jr 5e8be6978e Simplified `SortedDict.__deepcopy__` now that the its constructor can take a sequence of tuples.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6669 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-12 03:12:47 +00:00
Gary Wilson Jr a4907be38e Fixed #5918 -- Removed `SortedDictFromList` since `SortedDict` now can do everything `SortedDictFromList` could do. Since `SortedDict`'s `copy` method doesn't return a deepcopy as `SortedDictFromList`'s `copy` method did, you will need to update your code if you were relying on `SortedDictFromList.copy` to return a deepcopy by using the `deepcopy` function from the `copy` module.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6668 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-11 04:44:20 +00:00