d79cf1e9e2
Fixed #28985 -- Removed unneeded None checks before hasattr().
2018-01-03 11:37:06 -05:00
b3cd9fb18b
Refs #15902 -- Made set_language() view always set the current language in a cookie.
...
The plan is to later deprecate/remove storing the language in the session.
2018-01-03 11:25:40 -05:00
a862af3839
Fixed #28893 -- Removed unnecessary dict.items() calls.
2017-12-06 17:17:59 -05:00
d2afa5eb23
Fixed #28860 -- Removed unnecessary len() calls.
2017-12-04 10:35:23 -05:00
23bf4ad87f
Fixed #28795 -- Removed 'not in' checks and used dict.setdefault().
2017-11-14 10:52:52 -05:00
ac6a4eb9f9
Fixed #28719 -- Added a helpful exception if MultipleObjectTemplateResponseMixin doesn't generate any template names.
2017-11-07 18:46:52 -05:00
6c0042430e
Fixed #28776 -- Fixed a/an/and typos in docs and comments.
2017-11-06 22:41:03 -05:00
73241132f2
Refs #28457 -- Removed unused .next-step CSS in django/views/templates/default_urlconf.html.
2017-10-28 07:59:59 -04:00
f6b5cecc71
Refs #28457 -- Updated the colors of the 'Congrats' page for WCAG AA compliance.
2017-10-28 07:57:27 -04:00
6642a646f0
Fixed #28735 -- Fixed typo in django/views/templates/default_urlconf.html.
2017-10-24 11:17:47 -04:00
347551c2a1
Fixed #28508 -- Set the foreground color to black in CSRF and 404 error templates.
2017-09-21 10:23:23 -04:00
df41b5a05d
Fixed #28593 -- Added a simplified URL routing syntax per DEP 0201.
...
Thanks Aymeric Augustin for shepherding the DEP and patch review.
Thanks Marten Kenbeek and Tim Graham for contributing to the code.
Thanks Tom Christie, Shai Berger, and Tim Graham for the docs.
2017-09-20 18:04:42 -04:00
6e4c6281db
Reverted "Fixed #27818 -- Replaced try/except/pass with contextlib.suppress()."
...
This reverts commit 550cb3a365
2017-09-07 08:16:21 -04:00
46e2b9e059
Fixed CVE-2017-12794 -- Fixed XSS possibility in traceback section of technical 500 debug page.
...
This is a security fix.
2017-09-05 10:58:38 -04:00
5848305218
Fixed #28082 -- Made BaseDateListView pass context from get_dated_items() to subclasses.
...
Thanks leon-matthews for the report and fix.
2017-09-04 10:55:18 -04:00
f2b93b509c
Removed unneeded iter() calls.
...
A few of these were unnecessarily added in 2b281cc35e
2017-08-23 16:48:29 -04:00
9229e005aa
Django -> django when styled as a logo with font. This was pointed out at DjangoCon US.
2017-08-21 08:00:54 +02:00
71d39571f4
Fixed #28485 -- Made ExceptionReporter.get_traceback_frames() include frames without source code.
2017-08-12 20:32:39 -04:00
5fe9b7b40a
Fixed #28457 -- Updated the design of the 'Congrats' page for new Django projects.
...
Developed by Timothy Allen and Chad Whitman of The Wharton School with
shepherding from Aymeric Augustin and Collin Anderson.
2017-08-07 10:33:55 -04:00
293608a2e0
Refs #7697 -- Removed unnecessary force_escape of technical 500 debug view "unicode hint".
...
The test passes before and after the removal. unicode_hint will never
be SafeText, so normal autoescaping is sufficient.
2017-08-02 15:16:22 -04:00
8df7681d0e
Removed unneeded escape filter in templates where autoescaping is enabled.
2017-08-01 10:52:29 -04:00
604341c85f
Fixed #28331 -- Added ContextMixin.extra_context to allowing passing context in as_view().
2017-07-06 10:34:54 -04:00
550cb3a365
Fixed #27818 -- Replaced try/except/pass with contextlib.suppress().
2017-06-28 14:07:55 -04:00
0af14b2eaa
Refs #16870 -- Doc'd that CSRF protection requires the Referer header.
2017-06-22 11:50:00 -04:00
37c9b81ebc
Fixed #28104 -- Prevented condition decorator from setting ETag/Last-Modified headers for non-safe requests.
2017-06-06 15:37:14 -04:00
23142eea85
Fixed #18394 -- Added error for invalid JavaScriptCatalog packages
...
Thanks Tim Graham for the review.
2017-06-06 18:02:22 +02:00
ff099f9db8
Fixed #28271 -- Added charset to technical_500_response() AJAX response.
2017-06-05 14:43:40 -04:00
2c69824e5a
Refs #23968 -- Removed unnecessary lists, generators, and tuple calls.
2017-06-01 19:08:59 -04:00
c2eea61dff
Fixed #28209 -- Made date-based generic views return a 404 rather than crash when given an out of range date.
2017-05-30 13:20:35 -04:00
7afb476469
Fixed #28226 -- Replaced use of str.join() with concatenation.
2017-05-27 13:59:05 -04:00
2cbb095bec
Fixed #28221 -- Fixed plural fallback translations in JavaScriptCatalog view
...
Thanks Waldemar Kornewald for the report and initial patch.
2017-05-25 22:47:21 +02:00
eb66057c1e
Refs #28221 -- Honor plural number in JavaScriptCatalog
2017-05-20 13:23:54 +02:00
d842ada305
Refs #27795 -- Stopped converting integer format settings to str in JS/JSON i18n views
...
Thanks Tim Graham for the review.
2017-05-08 19:32:03 +02:00
301de774c2
Refs #27795 -- Replaced many force_text() with str()
...
Thanks Tim Graham for the review.
2017-04-27 09:10:02 +02:00
56970c5b61
Fixed #28122 -- Fixed crash when overriding views.static.directory_index()'s template.
2017-04-25 11:01:21 -04:00
8c6a3062dd
Fixed #28079 -- Restored "No POST data" (rather than an empty table) in HTML debug page.
...
Regression in 7b6dccc82f
2017-04-15 09:21:35 -04:00
941b869135
Fixed #28008 -- Replaced getElementsByClassName() JavaScript in debug view template.
2017-04-14 08:12:14 -04:00
ea542a9c72
Fixed #28007 -- Moved debug templates to the filesystem
...
Thanks Tim Graham for the review.
2017-04-12 11:36:47 -04:00
a1f948b468
Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve().
...
This is a security fix.
2017-04-04 10:42:06 -04:00
78619bcb0a
Fixed #27987 -- Added default colors in debug view CSS.
2017-03-28 08:55:16 -04:00
b536dcf656
Fixed #27948 -- Removed incorrect unquote() in static serving views.
2017-03-17 07:55:00 -04:00
8346680e1c
Refs #27795 -- Removed unneeded force_text calls
...
Thanks Tim Graham for the review.
2017-03-04 18:18:21 +01:00
711123e1cd
Refs #27656 -- Updated django.views docstring verbs according to PEP 257.
2017-03-03 17:05:42 -05:00
fede65260a
Fixed #26911 -- Removed NoReverseMatch silencing in RedirectView.
2017-03-01 15:56:39 -05:00
5f3a689f71
Imported django.http classes instead of django.http.
2017-02-27 14:47:11 -05:00
21f13ff5b3
Refs #23919 -- Removed an used block in ExceptionReporter.get_traceback_data().
...
The test from refs #20368 only runs this block on Python 2.
2017-02-09 09:03:28 -05:00
c651331b34
Converted usage of ugettext* functions to their gettext* aliases
...
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
597bfcbf8b
Removed unused ExceptionReporter.format_exception() method.
...
Unused since its introduction in e7e4b8b0f7
2017-02-01 19:55:31 -05:00
0205e04ce7
Removed ExceptionReporter support for string exceptions.
...
Reverted refs #6423 since raising string exceptions is prohibited
since Python 2.5.
2017-02-01 19:47:39 -05:00
8838d4dd49
Refs #23919 -- Replaced kwargs.pop() with keyword-only arguments.
2017-02-01 11:41:56 -05:00
fee42fd99e
Refs #23919 -- Replaced usage of django.utils.http utilities with Python equivalents
...
Thanks Tim Graham for the review.
2017-01-26 19:49:03 +01:00
d1bab24e01
Refs #23919 , #27778 -- Removed obsolete mentions of unicode.
2017-01-26 08:19:27 -05:00
d6eaf7c018
Refs #23919 -- Replaced super(ClassName, self) with super().
2017-01-25 12:23:46 -05:00
9e6e32bf5d
Refs #23919 -- Removed django.utils.decorators.available_attrs() usage.
...
It's only needed to workaround a bug on Python 2.
2017-01-21 13:20:17 -05:00
dc8834cad4
Refs #23919 -- Removed unneeded force_str calls
2017-01-20 08:44:31 +01:00
cecc079168
Refs #23919 -- Stopped inheriting from object to define new style classes.
2017-01-19 08:39:46 +01:00
3cc5f01d9b
Refs #23919 -- Stopped using django.utils.lru_cache().
2017-01-18 21:42:40 -05:00
2b281cc35e
Refs #23919 -- Removed most of remaining six usage
...
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
7b2f2e74ad
Refs #23919 -- Removed six.<various>_types usage
...
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
c716fe8782
Refs #23919 -- Removed six.PY2/PY3 usage
...
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
d334f46b7a
Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES.
2017-01-17 20:52:04 -05:00
2b20e4148f
Refs #19567 -- Removed deprecated javascript_catalog() and json_catalog() views.
2017-01-17 20:52:03 -05:00
6a74950513
Fixed #27258 -- Prohibited django.Template.render() with non-dict context.
...
Thanks Shivang Bharadwaj for the initial patch.
2016-12-28 16:03:20 -05:00
b24af2f405
Fixed #27418 -- Fixed occasional missing plural forms in JavaScriptCatalog.
2016-12-14 18:20:30 -05:00
eb7fb565e6
Removed an unnecessary, discouraging sentence on the "It worked!" page.
2016-12-13 13:45:09 -05:00
07ac5d830a
Added period in BaseFormView docstring.
2016-12-08 07:39:15 -05:00
373140b07a
Fixed #27567 -- Fixed crash in the debug view when request.user errors.
2016-12-06 12:28:00 -05:00
967be82443
Fixed E305 flake8 warnings.
2016-11-14 12:30:46 -05:00
c7f86d3eec
Fixed #27373 -- Corrected 404 debug page message for an empty request path.
2016-10-27 16:58:41 -04:00
6b5106b1ce
Fixed #27374 -- Made JavaScriptCatalog respect the packages argument.
2016-10-22 19:26:08 -04:00
8119b679eb
Refs #27025 -- Fixed "invalid escape sequence" warnings in Python 3.6.
...
http://bugs.python.org/issue27364
2016-09-17 15:44:06 -04:00
4ef0e019b7
Fixed #27083 -- Added support for weak ETags.
2016-09-10 08:14:52 -04:00
ef021412d5
Normalized spelling of ETag.
2016-09-09 11:00:21 -04:00
f227b8d15d
Refs #26956 -- Allowed is_safe_url() to validate against multiple hosts
2016-09-07 19:56:25 -07:00
7b6dccc82f
Fixed #27191 -- Fixed debug view crash for requests with 'items' in GET/POST/COOKIES/FILES.
2016-09-07 13:47:09 -04:00
2ced2f785d
Replaced smart_* by force_* calls whenever possible
...
The smart_* version should only be used when a lazy string should keep
its lazy status.
2016-09-03 13:46:41 +02:00
ff1e7b4eb4
Fixed #25181 -- Added localdate() function to get date in a different time zone.
...
Thanks Konrad Świat for the original patch.
2016-08-31 17:19:33 -07:00
1f68bb5683
Refs #26902 -- Protected against insecure redirects in set_language().
2016-08-19 19:16:00 -04:00
1e32e1cc95
Fixed #26973 -- Fixed views.static.serve() crash with show_indexes enabled.
2016-08-10 11:27:03 -04:00
348cfccd90
Fixed #26938 -- Fixed invalid HTML in template postmortem on the debug page.
2016-07-24 18:18:57 +02:00
93c538694e
Fixed XSS in admin's add/change related popup.
...
This is a security fix.
2016-07-18 11:17:01 -04:00
9baf692a58
Fixed #26601 -- Improved middleware per DEP 0005.
...
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
ac77c55bc5
Fixed #26567 -- Updated references to obsolete RFC2616.
...
Didn't touch comments where it wasn't obvious that the code adhered to
the newer standard.
2016-05-03 11:14:40 -04:00
7f51876f99
Fixed #26207 -- Replaced dynamic classes with non-data descriptors for deferred instance loading.
2016-04-29 13:06:32 -04:00
0d8b523422
Fixed #26553 -- Removed unneeded loop in views/i18n.py
2016-04-28 09:15:34 -04:00
de40cfbe74
Fixed #19567 -- Added JavaScriptCatalog and JSONCatalog class-based views
...
Thanks Cristiano Coelho and Tim Graham for the reviews.
2016-04-15 17:28:54 +02:00
9e3f141701
Fixed #26466 -- Added HTTP_REFERER decoding to i18n set_language() view.
2016-04-09 10:57:43 -04:00
df8d8d4292
Fixed E128 flake8 warnings in django/.
2016-04-08 09:51:06 -04:00
369fa471f4
Fixed #26201 -- Documented the consequences of rotating the CSRF token on login.
2016-04-05 11:02:38 -04:00
2cd2d18851
Fixed W503 flake8 warnings.
2016-04-04 17:14:26 -04:00
940b7fd5cb
Fixed #21446 -- Allowed not performing redirect in set_language view
...
Thanks Claude Paroz and Tim Graham for polishing the patch.
2016-03-29 22:15:14 +02:00
11c60b5298
Reused the DjangoTranslation class for the javascript_catalog view
...
Thanks Tim Graham and Cristiano Coelho for the reviews.
Refs #26328 , #26319 .
2016-03-08 21:39:59 +01:00
e81d1c995c
Fixed #25670 -- Allowed dictsort to sort a list of lists.
...
Thanks Tim Graham for the review.
2016-02-23 12:15:08 -05:00
16a88b4429
Fixed #26209 -- Masked sensitive settings in debug reports regardless of case.
2016-02-11 18:13:03 -05:00
406675b1a0
Fixed #26176 -- Fixed E123 flake8 warnings.
2016-02-05 15:11:07 -05:00
60586dd737
Fixed #26125 -- Fixed E731 flake warnings.
2016-01-25 14:23:43 -05:00
21bf685f5e
Fixed #25697 -- Made default error views error when passed a nonexistent template_name.
2016-01-14 07:05:38 -05:00
3d6474e1a5
Fixed #25385 -- Allowed importing views.generic.View from views.View.
2016-01-11 08:18:44 -05:00
c8d970a548
Refs #25755 -- Unified a couple more spellings of 'website'.
2016-01-11 06:13:16 -05:00
Дилян Палаузов
Claude Paroz
Tim Graham
Дилян Палаузов
Bjorn Kristinsson
Tim Baxter
Scot Hacker
Stefan Sinca
Sjoerd Job Postmus
Sebastian Sassi
Sergey Fedoseev
Allen, Timothy
Martin von Gagern
Timothy Allen
Bruno Alla
Mads Jensen
Flávio Juvenal
Josh Schneier
partizan
Jon Dufresne
Adit Biswas
Tom
Abhishek Gautam
Ionuț Ciocîrlan
Anton Samarchyan
Grzegorz Tężycki
Asif Saifuddin Auvi
Vytis Banaitis
chillaranand
Simon Charette
Aymeric Augustin
Shivang Bharadwaj
Waldemar Kornewald
Merrin Macleod
Collederas
Andreas Pelme
Ramin Farajpour Cami
Mariusz Felisiak
Alvin Lindstam
Kevin Christopher Henry
Anatoly Burov
Przemysław Suliga
Florian Apolloner
Vasiliy Faronov
Anssi Kääriäinen
Miikka Salminen
Vaclav Ehrlich
Krzysztof Jurewicz
Andrew Kuchev
François Freitag
userimack
Iacopo Spalletti
Varun Sharma
pp