Commit Graph

1308 Commits

Author SHA1 Message Date
Kevin Christopher Henry bd7237d7ec Fixed #19705 -- Set proper headers on conditional Not Modified responses. 2016-10-12 14:43:25 -04:00
Nick Pope a346a88d46 Added missing roles/options to parse_color_setting()'s docstring. 2016-10-11 10:39:32 -04:00
Denis Cornehl a840710e1e Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware. 2016-10-10 14:55:59 -04:00
Reto Aebersold 3ab55c1a8a Fixed #27309 -- Added CallableBool.__hash__(). 2016-10-04 07:44:19 -04:00
Claude Paroz fa2f55cfd5 Refs #26940 -- Re-allowed makemessages without settings
Thanks Tim Graham for the review.
2016-10-01 14:57:16 +02:00
Rinat Khabibiev 9e07a9b5fe Fixed #27226 -- Removed patch_response_headers()'s setting of the Last-Modified header. 2016-09-28 09:09:09 -04:00
Sergey Fursov 6709ea4ae9 Fixed #27271 -- Fixed a crash in runserver logging.
Allowed ServerFormatter to handle simple string messages or messages with
formatting arguments. The formatter will set the server_time variable on
the log record if it's required by the format string but wasn't passed in
extra parameters.
2016-09-27 09:46:07 -04:00
Jon Dufresne 4ff389dcdc Removed unused regexes from django.utils.html.
Last uses removed in commit 8b81dee60c.
2016-09-23 11:24:50 -07:00
Tim Graham 8119b679eb Refs #27025 -- Fixed "invalid escape sequence" warnings in Python 3.6.
http://bugs.python.org/issue27364
2016-09-17 15:44:06 -04:00
Kevin Christopher Henry 22e303887b Refs #27083 -- Updated conditional header comparison to match RFC 7232. 2016-09-16 15:45:53 -04:00
Jani Tiainen 727d7ce6cb Fixed #27198 -- Made MultiValueDict.getlist() return a new list to prevent mutation. 2016-09-16 15:16:18 -04:00
Kevin Christopher Henry 4ef0e019b7 Fixed #27083 -- Added support for weak ETags. 2016-09-10 08:14:52 -04:00
Jon Dufresne f227b8d15d Refs #26956 -- Allowed is_safe_url() to validate against multiple hosts 2016-09-07 19:56:25 -07:00
Jon Dufresne ff1e7b4eb4 Fixed #25181 -- Added localdate() function to get date in a different time zone.
Thanks Konrad Świat for the original patch.
2016-08-31 17:19:33 -07:00
Olexander Yermakov b7fb608142 Fixed #27154 -- Allowed comparing CallableBool with bitwise or.
Thanks Tim for the review.
2016-08-31 08:27:37 -04:00
Mattias Loverot 2315114090 Fixed #27067 -- Deprecated string_concat() in favor of format_lazy(). 2016-08-25 16:12:40 -04:00
Mattias Loverot 9aaeec337e Fixed #26866 -- Added format_lazy function
Added format_lazy function to django.utils.text module.
Useful when dealing with relative complex lazy string concatenations
(e.g. in urls.py when translating urls in regular expressions).
2016-08-24 18:18:17 +02:00
Przemysław Suliga 5e5a17028f Fixed #26902 -- Allowed is_safe_url() to require an https URL.
Thanks Andrew Nester, Berker Peksag, and Tim Graham for reviews.
2016-08-19 18:51:33 -04:00
Claude Paroz 5fb22b4d4c Fixed #27034 -- Made makemessages independent of USE_I18N
Thanks Tim Graham for the review.
2016-08-11 21:16:19 +02:00
Ville Skyttä a2fb2b3a1f Fixed #27020 -- Used a context manager to close files. 2016-08-04 19:45:14 -04:00
Tim Graham 54afa960d1 Fixed #26988 -- Improved/clarified User.is_authenticated/anonymous compatibility.
Thanks marktranchant for the report and review.
2016-08-02 11:01:08 -04:00
Will Hardy 8ef78b8165 Fixed #26656 -- Added duration (timedelta) support to DjangoJSONEncoder. 2016-07-14 13:34:15 -04:00
jasisz b5a1c3a6f5 Fixed #25920 -- Added support for non-uniform NUMBER_GROUPING. 2016-06-22 17:28:49 -04:00
Carl Meyer 7d1b69dbe7 Refs #26601 -- Improved backwards-compatibility of DEP 5 middleware exception handling. 2016-06-17 10:00:39 -07:00
Vytis Banaitis 57eb17b8c7 Fixed #26746 -- Fixed handling of zero priority in Accept-Language header parsing. 2016-06-13 07:58:25 -04:00
Vytis Banaitis f1b38842af Fixed #26744 -- Fixed a typo in regex for Accept-Language header parsing. 2016-06-11 21:32:56 -04:00
Thejaswi Puthraya c8d2120b06 Fixed #26705 -- Fixed plural versions of languages not supported by Django. 2016-06-08 16:17:17 -04:00
Scott Vitale be729b6120 Fixed #10107 -- Allowed using mark_safe() as a decorator.
Thanks ArcTanSusan for the initial patch.
2016-06-07 12:24:03 -04:00
Chesco Igual ffd18732f3 Fixed #24781 -- Fixed repr() for lazy objects. 2016-06-04 19:13:00 -04:00
Ketan Bhatt f31fbbae1a Fixed #26653 -- Made SyndicationFeed.latest_post_date() return time in UTC. 2016-05-30 18:36:15 -04:00
Tim Graham 6f520bf7d8 Added RemovedInDjango21Warning 2016-05-28 21:12:39 -04:00
Florian Apolloner 9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Andre Cruz 929684d6ee Fixed #21231 -- Enforced a max size for GET/POST values read into memory.
Thanks Tom Christie for review.
2016-05-12 10:17:52 -04:00
Tim Graham 2f0e0eee45 Fixed #24046 -- Deprecated the "escape" half of utils.safestring. 2016-05-10 12:46:47 -04:00
Claude Paroz c3e1086949 Stopped truncating AdminEmailHandler message subjects
Refs #26572, #17281. The RFC doesn't limit total length, just the line length
which is already taken care of by Python itself.
Thanks Tim Graham for the review.
2016-05-10 18:17:43 +02:00
Vasiliy Faronov 31e0314979 Fixed #26580 -- Updated references to obsolete RFC 2822.
Didn't rename django.utils.feedgenerator.rfc2822_date()
as some external code may rely on it.
2016-05-10 11:24:51 -04:00
Vasiliy Faronov ac77c55bc5 Fixed #26567 -- Updated references to obsolete RFC2616.
Didn't touch comments where it wasn't obvious that the code adhered to
the newer standard.
2016-05-03 11:14:40 -04:00
Marko Benko 45c7acdc50 Fixed #26281 -- Added a helpful error message for an invalid format specifier to dateformat.format(). 2016-04-20 20:13:52 -04:00
Jeremy Lainé c1aec0feda Fixed #25847 -- Made User.is_(anonymous|authenticated) properties. 2016-04-09 14:54:18 -04:00
Tim Graham df8d8d4292 Fixed E128 flake8 warnings in django/. 2016-04-08 09:51:06 -04:00
Tim Graham 3913a56558 Removed unused django.utils.http.PROTOCOL_TO_PORT.
Unused since b0c56b895f.
2016-04-06 12:29:20 -04:00
Tim Graham 2cd2d18851 Fixed W503 flake8 warnings. 2016-04-04 17:14:26 -04:00
Tim Graham 2c125bded1 Refs #18239 -- Removed an obsolete workaround for bugs in HTMLParser. 2016-03-26 12:48:29 -04:00
Amine Yaiche 32c8e43ef1 Fixed #26378 -- Allowed a left byte of zero in mixed IPv4/IPv6 validation. 2016-03-23 08:18:29 -04:00
Claude Paroz 11c60b5298 Reused the DjangoTranslation class for the javascript_catalog view
Thanks Tim Graham and Cristiano Coelho for the reviews.
Refs #26328, #26319.
2016-03-08 21:39:59 +01:00
Claude Paroz 552f03869e Added safety to URL decoding in is_safe_url() on Python 2
The errors='replace' parameter to force_text altered the URL before checking
it, which wasn't considered sane. Refs 24fc935218 and ada7a4aef.
2016-03-04 23:33:35 +01:00
Claude Paroz ada7a4aefb Fixed #26308 -- Prevented crash with binary URLs in is_safe_url()
This fixes a regression introduced by c5544d2892.
Thanks John Eskew for the reporti and Tim Graham for the review.
2016-03-04 21:14:14 +01:00
Mark Striemer c5544d2892 Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.
This is a security fix.
2016-03-01 11:25:28 -05:00
Nick Malakhov ee69789f45 Fixed #26269 -- Prohibited spaces in is_valid_ipv6_address(). 2016-02-25 18:52:50 -05:00
Alexey Kotlyarov b59f963ad2 Fixed #26212 -- Made forms.FileField and translation.lazy_number() picklable. 2016-02-15 11:44:29 -05:00