Commit Graph

278 Commits

Author SHA1 Message Date
Luke Plant 53b2c3867b Fixed #12130 - documented need for csrf_protect on views that don't accept POST
Includes:
   
 * proper documentation for csrf_protect
 * notes in comments app.
 * specific upgrade notes for comments app

Thanks to carljm for report and debugging.




git-svn-id: http://code.djangoproject.com/svn/django/trunk@11711 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-03 14:40:37 +00:00
Luke Plant c5c7791e91 Improved HTML in CSRF debug template - <code> instead of <tt>
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11680 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-29 14:17:39 +00:00
Luke Plant 5df19aa99e Small improvement to CSRF failure template.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11676 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 22:20:03 +00:00
Luke Plant 7230a995ce Moved contrib.csrf.* to core code.
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:36:34 +00:00
Luke Plant 6e3a72585a Added 'key_prefix' keyword argument to cache_page()
This was available before r11586, but undocumented.  It has now been
re-added with documentation and explicit support, as it seems like a useful
feature and people were using it before.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11595 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-28 21:54:54 +00:00
Luke Plant a97648a7e0 Corrected regressions introduced in r11586 and r11593
I read the order of arguments in the docs incorrectly, doh!


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11594 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-26 19:39:42 +00:00
Luke Plant d6c2286712 Improved error messages when people use cache_page in undocumented and now unsupported ways.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11593 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-23 23:47:53 +00:00
Luke Plant afeafcd492 Fixed #6371 - several decorators don't work with bound methods.
This involved changing the way the internal function
decorator_from_middleware works slightly, breaking some code that relied on
the old behaviour.  As a result, it is much simpler, but cache_page has been
made slightly more complex to cope with the change.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11586 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-21 22:31:51 +00:00
Russell Keith-Magee bc5a7c0dbd Fixed #11512 -- Corrected unclosed tag in HTML on debug page. Thanks to rlaager for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11276 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-21 01:50:06 +00:00
Karen Tracey 50745cc31e Fixed #11066 -- Corrected 15 duplicate "the"s found in docs and code comments. Thanks kaikuehne.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10801 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-17 16:45:28 +00:00
Russell Keith-Magee 6cc0c3887c Fixed #10458 -- Corrected the `next_month` and `previous_month` context variables provided with the generic month_archive view. The value returned now matches the docstring and the generic views documentation. Thanks to fperetti for the report and initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10556 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-13 13:23:03 +00:00
Malcolm Tredinnick 54800be3a1 Fixed #9577 --Fixed URL display in the debug template.
Patch from Thomas Güttler.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10534 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-12 02:23:19 +00:00
Jacob Kaplan-Moss 641c5fd3b5 Fixed #7944: date-based generic views no longer get confused with a numeric month format. Thanks to Justin Lilly and Alex Gaynor.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10457 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-09 15:23:56 +00:00
Malcolm Tredinnick d2a8bc5b40 Fixed #10681 -- Work around (by ignoring) invalid ETag headers.
This is a hack to work around problems in the Real World. Apparently, Opera
9.64 has been observed sending malformed headers. We now compromise our high
principles and simply ignore such bad behaviour.

Patch from Ivan Sagalaev.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10370 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-03 06:59:34 +00:00
Jacob Kaplan-Moss cc5477df89 Fixed #7529: added a FILES section to the debug view. As a bonus, we've now got
the start of a suite of tests for the debug views. Thanks, Alex Gaynor.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10271 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-31 17:10:06 +00:00
Malcolm Tredinnick e5a8d9e810 A bunch of improvements for conditional HTTP processing.
Fixed some typos in the code (fixed #10586). Added more tests. Made the
tests compatible with Python 2.3. Improved the documentation by putting
the good news and common use-case right up front.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10134 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-24 03:01:46 +00:00
Malcolm Tredinnick 3bb68004ff Fixed #10581 -- Fixed conditional handling of If-Match headers.
The conditional processing decorator from r10114 wasn't parsing ETags
from an If-Match header correctly. Patch from Ivan Sagalaev (who also
did most of the work in r10114, before I rewrote parts of it and added
bonus bugs, although I forgot to thank him there).

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10116 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-22 23:16:03 +00:00
Malcolm Tredinnick b203db6ec8 Fixed #5791 -- Added early-bailout support for views (ETags and Last-modified).
This provides support for views that can have their ETag and/or Last-modified
values computed much more quickly than the view itself. Supports all HTTP
verbs (not just GET).

Documentation and tests need a little more fleshing out (I'm not happy with the
documentation at the moment, since it's a bit backwards), but the functionality
is correct.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10114 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-22 07:58:29 +00:00
Jacob Kaplan-Moss c485e236bd Fixed #8193: all dynamic imports in Django are now done correctly. I know this because Brett Cannon borrowed the time machine and brought Python 2.7's '`importlib` back for inclusion in Django. Thanks for the patch-from-the-future, Brett!
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10088 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-18 16:55:59 +00:00
Malcolm Tredinnick d32c290846 Revised r9566 slightly to be backwards compatible with versions 1.0 - 1.0.2.
Also documented the change. We prefer to load directory_index.html for static
directory listings, but if you have the (older style) "directory_index"
template and no .html version, we'll load that. This should stop a bunch of
mysterious breakages when people upgrade to Django 1.0.3 or Django 1.1. Also
keeps the docs in sync with released code.

Fixed #9993.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@9725 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-01-09 12:41:07 +00:00
Adrian Holovaty b76d7c1dec Added a 'permanent' argument the simple.redirect_to() generic view. It's True by default, to match existing behavior. If set to False, the redirect will be a 302 instead of a 301. This is technically backwards-incompatible if you were using the redirect_to generic view with a format-string key called 'permanent', which is highly, highly unlikely.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9594 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-12-08 04:53:34 +00:00
James Bennett dfef20a780 Fixed #9754: static-serving view now uses correct template name for directory indexes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9566 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-12-04 19:33:28 +00:00
Adrian Holovaty 40cb11a554 Moved the bulk of the shortcut() function in django/views/defaults.py to a new module, django/contrib/contenttypes/views.py. As a result, django/views/defaults.py no longer relies on django.contrib.contenttypes. Of course, the shortcut() function is still available in the former module, for backwards compatibility. See the new FutureBackwardsIncompatibleChanges wiki page.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9001 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-10 05:56:34 +00:00
Adrian Holovaty 6bdb7b9529 Fixed #8172 -- Improved a whole bunch of contrib templates (admin, databrowse, admindocs, etc.) to remove unnecessary 'escape' filters, given autoescaping. Also removed unnecessary {% if %} tags and shortened some {% if %}/{% else %} tags to use {% firstof %}. Thanks for the patch, benspaulding
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8984 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-08 05:19:28 +00:00
Jacob Kaplan-Moss 887f778794 Fixed #8287: the debug page now shows the actual requested URL even if you've messed with request.path. Patch from Giuliani Vito Ivan.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8633 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-27 19:59:29 +00:00
Jacob Kaplan-Moss ddb3cdd514 Fixed #6353: better handle unicode in exception reasons.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8560 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-25 22:47:07 +00:00
Brian Rosner a64dc39fb7 Fixed #7602 -- Corrected lookup keyword arguments in archive_month and archive_week to properly range when date_field is from DateField. Thanks nullie for the original patch and Colin Grady for the test coverage.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8476 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-23 04:46:33 +00:00
Russell Keith-Magee 15f8b4cde0 Fixed #8178: Another update to debug template to aid rendering of exception traces. Thanks to julianb for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8420 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-17 04:27:36 +00:00
Russell Keith-Magee 3afa4a4626 Fixed #8178: Cleaned up the rendering of exceptions on the error template. Thanks to Marinho Brandão for the fix.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8407 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-16 12:33:36 +00:00
Gary Wilson Jr ef48a3e69c Fixed #7830 -- Removed all of the remaining, deprecated, non-oldforms features:
* Support for representing files as strings was removed. Use `django.core.files.base.ContentFile` instead.
 * Support for representing uploaded files as dictionaries was removed. Use `django.core.files.uploadedfile.SimpleUploadedFile` instead.
 * The `filename`, `file_name`, `file_size`, and `chuck` properties of `UploadedFile` were removed. Use the `name`, `name`, `size`, and `chunks` properties instead, respectively.
 * The `get_FIELD_filename`, `get_FIELD_url`, `get_FIELD_size`, and `save_FIELD_file` methods for Models with `FileField` fields were removed. Instead, use the `path`, `url`, and `size` attributes and `save` method on the field itself, respectively.
 * The `get_FIELD_width` and `get_FIELD_height` methods for Models with `ImageField` fields were removed. Use the `width` and `height` attributes on the field itself instead.
 * The dispatcher `connect`, `disconnect`, `send`, and `sendExact` functions were removed. Use the signal object's own `connect`, `disconnect`, `send`, and `send` methods instead, respectively.
 * The `form_for_model` and `form_for_instance` functions were removed. Use a `ModelForm` subclass instead.
 * Support for importing `django.newforms` was removed. Use `django.forms` instead.
 * Support for importing `django.utils.images` was removed. Use `django.core.files.images` instead.
 * Support for the `follow` argument in the `create_object` and `update_object` generic views was removed. Use the `django.forms` package and the new `form_class` argument instead.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@8291 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-10 21:10:47 +00:00
Gary Wilson Jr 4774c8d673 Corrected spacing in warning message.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8106 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-27 17:25:37 +00:00
Gary Wilson Jr 020f965087 Fixed #7988 -- Corrected import of the warnings module, thanks richardh.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8105 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-27 17:24:35 +00:00
Adrian Holovaty 0894ddb2bb Fixed #7848 -- Removed a bunch of code that wasn't contributing to society. Thanks, julien
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8047 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-22 03:26:25 +00:00
Adrian Holovaty 29f0e8182f Fixed #7847 -- Removed a whole bunch of unused imports from throughout the codebase. Thanks, julien
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8046 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-22 03:24:09 +00:00
Jacob Kaplan-Moss 46786b4193 Fixed #7741: django.newforms is now django.forms. This is obviously a backwards-incompatible change. There's a warning upon import of django.newforms itself, but deeper imports will raise errors.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7971 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-19 01:22:26 +00:00
Gary Wilson Jr dc375fb0f3 Refs #3639 -- Minor docstring correction, it's a function not a method.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7966 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-18 23:52:18 +00:00
Jacob Kaplan-Moss 7997133a3d Fixed #3639: updated generic create_update views to use newforms. This is a backwards-incompatible change.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7952 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-18 19:45:00 +00:00
Malcolm Tredinnick e7e4b8b0f7 Fixed #6862 -- Refactored debug traceback extraction into an easy-to-use class.
Aside from being a little easier to read and use, this means you could subclass
a request/response handler class (from django.core.handlers) to add your own
traceback extraction handling in non-DEBUG environments and reuse this code.
Thanks, Ned Batchelder.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7927 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-15 18:47:49 +00:00
Malcolm Tredinnick 409ed9468f Fixed #7670 -- Fixed a couple of missed changes from [7865]. Patch from jshaffer.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7869 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-08 05:29:23 +00:00
Adrian Holovaty 4406d283e1 Fixed #7478 -- Rolled QuerySetPaginator into the Paginator class, to simplify things. QuerySetPaginator still exists as an alias, for backwards compatibility. Thanks for the suggestion, batiste@dosimple.ch
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7865 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-08 02:08:33 +00:00
Adrian Holovaty b0d380376c Fixed #7649 -- Fixed incorrect line numbering in debug view in case of empty spaces. Thanks, dusk
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7863 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-08 01:49:50 +00:00
Adrian Holovaty 16482911fd Fixed #7127 -- Fixed incorrect docstring for page_not_found() view. Thanks, kcarnold and Simon Greenhill
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7650 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-16 03:41:03 +00:00
Malcolm Tredinnick eb6a6c4619 Fixed #6864 -- Handle Javascript i18n when the plural form expression returns
True or False (so both booleans and integers are allowed). Thanks, Ramiro Morales.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7356 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-24 13:27:19 +00:00
Malcolm Tredinnick 0fea1348d6 Fixed #6846 -- Fixed first_on_page and last_on_page in list_detail generic
view. Thanks, trevor.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7352 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-23 05:45:59 +00:00
Malcolm Tredinnick c01e6b852a Fixed #6486 -- Added local server time to the debug output page. Patch from
Bastian Kleineidam and Thomas Güttler.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7333 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-20 07:01:26 +00:00
Adrian Holovaty c016352229 Fixed #5935 -- the 'It worked' page is now served with a 200 status code, not a 404. Thanks for bringing this up, Free Neuron
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7310 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-18 22:21:04 +00:00
Adrian Holovaty 08d4910d69 Changed list_detail.object_list generic view to use the new Paginator class. This is backwards-compatible -- the previous 12 template context variables (has_next, has_previous, etc.) are still passed to the template, but new templates should only access the new template variables 'paginator' and 'page_obj'
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7307 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-18 21:40:45 +00:00
Malcolm Tredinnick 73328bf8ec Fixed #6494 -- Factored out the HTML debug output into a method of its own for
reuse elsewhere. Thanks, Bastian Kleineidam.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@7292 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-03-18 14:34:48 +00:00
Malcolm Tredinnick efed04b634 Fixed #5603 -- Allow customization of the language cookie name. Thanks, moe.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7185 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-02-29 18:38:44 +00:00
Gary Wilson Jr 5ca0b9203b Fixed #5701 -- Fixed decorators to take the name, attributes, and docstring of the function they decorate by adding a modified version of the `functools.wraps` function from Python 2.5. `wraps` has been altered to work with Django's `curry` function and with Python 2.3, which doesn't allow assignment of a function's `__name__` attribute. This fixes severaly annoyances, such as the online documentation for template filters served by the admin app. This change is backwards incompatible if, for some reason, you were relying on the name of a Django decorator instead of the function it decorates.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7153 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-02-25 06:02:35 +00:00