Commit Graph

1611 Commits

Author SHA1 Message Date
Mariusz Felisiak 3c35825009 Fixed typo in django/utils/crypto.py. 2020-03-11 14:38:27 +01:00
Claude Paroz e663f695fb Fixed #31359 -- Deprecated get_random_string() calls without an explicit length. 2020-03-11 13:16:44 +01:00
Claude Paroz e3e48b0012
Fixed #30439 -- Added support for different plural forms for a language.
Thanks to Michal Čihař for review.
2020-03-10 15:56:32 +01:00
Jon Dufresne 769cee5252 Fixed #31327 -- Deprecated providing_args argument for Signal. 2020-03-05 09:38:52 +01:00
Hasan Ramezani bc1c034076 Fixed #28280 -- Prevented numberformat.format() from formatting large/tiny floats in scientific notation. 2020-02-26 16:02:53 +01:00
Claude Paroz 4d973f5939 Refs #26601 -- Deprecated passing None as get_response arg to middleware classes.
This is the new contract since middleware refactoring in Django 1.10.

Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-02-18 20:03:44 +01:00
Claude Paroz 50cf183d21 Refs #27468 -- Added algorithm parameter to django.utils.crypto.salted_hmac(). 2020-01-27 12:42:21 +01:00
Pavel Lysak 13e4abf83e Fixed #30752 -- Allowed using ExceptionReporter subclasses in error reports. 2020-01-16 15:25:49 +01:00
Mariusz Felisiak c5e373d48c Fixed obsolete comment in django.utils.crypto.salted_hmac().
Obsolete since 13864703bc.
2020-01-15 12:53:21 +01:00
Sjbrgsn b2bd08bb7a Fixed #30892 -- Fixed slugify() and admin's URLify.js for "İ".
Thanks Luis Nell for the implementation idea and very detailed report.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2019-12-30 20:47:22 +01:00
leollon fef2636f28 Fixed typo in django/utils/termcolors.py docstring. 2019-12-27 07:49:15 +01:00
Mike Hansen d291c72bf2 Fixed #30585 -- Added {% translate %} and {% blocktranslate %} template tags. 2019-12-18 13:15:38 +01:00
Baptiste Mispelon f138e75910 Fixed outdated import in django/utils/safestring.py.
The backported version of functools.wraps was removed in
13864703bc.
2019-12-06 09:31:33 +01:00
Andrew Godwin c90ab30fa1 Fixed #31056 -- Allowed disabling async-unsafe check with an environment variable. 2019-12-03 17:29:31 +01:00
Farhaan Bukhsh 1f817daa20 Fixed #30803 -- Allowed comma separators for milliseconds in django.utils.dateparse functions.
Co-Authored-By: Ben Wilber <benwilber@gmail.com>
2019-11-27 09:43:12 +01:00
Farhaan Bukhsh 42b23d1e79 Refs #30803 -- Allowed comma separators for decimal fractions in parse_duration(). 2019-11-27 09:43:12 +01:00
Baptiste Mispelon 824981b2dc Removed unused unencoded_ampersands_re regex.
Unused since 8b81dee60c.
2019-11-25 09:01:31 +01:00
Baptiste Mispelon 8929afb8ec Fixed #9762 -- Made DateFormat.r() locale-independent.
Thanks to Antonio Melé for the original report all those years ago
and to all the contributors who helped along the way.
2019-11-22 12:41:53 +01:00
Baptiste Mispelon 76ec032712 Refs #26281 -- Added a helpful error message for an invalid "r" specifier to dateformat.format(). 2019-11-22 12:32:30 +01:00
Baptiste Mispelon cbe4d6203f Fixed #30989 -- Removed unimplemented B time format.
It's never been documented and has always raised a NotImplementedError.
2019-11-18 12:50:41 +01:00
Baptiste Mispelon 5e2839f320 Simplified DateFormat.W() and z(). 2019-11-18 11:30:23 +01:00
Baptiste Mispelon 1185c6172b Fixed #30990 -- Fixed example output in 'z' date format docs. 2019-11-18 11:30:20 +01:00
Hasan Ramezani 6315a272c5 Refs #28428 -- Made filepath_to_uri() support pathlib.Path. 2019-10-30 13:13:15 +01:00
Hasan Ramezani e3d0b4d550 Fixed #30899 -- Lazily compiled import time regular expressions. 2019-10-29 09:22:26 +01:00
Hasan Ramezani 39a34d4bf9 Refs #30899 -- Made _lazy_re_compile() support bytes. 2019-10-29 09:14:24 +01:00
Hasan Ramezani c4cba148d8 Refs #30899 -- Moved _lazy_re_compile() to the django.utils.regex_helper. 2019-10-29 09:14:24 +01:00
Hasan Ramezani 52cb419072 Fixed #30918 -- Made timesince()/timeuntil() respect custom time strings for future and the same datetimes. 2019-10-28 12:28:18 +01:00
André Ericson 3120490912 Fixed #30876 -- Moved classproperty() decorator to the django.utils.functional. 2019-10-21 09:57:39 +02:00
Flavio Curella ed112fadc1 Fixed #23755 -- Added support for multiple field names in the no-cache Cache-Control directive to patch_cache_control().
https://tools.ietf.org/html/rfc7234#section-5.2.2.2
2019-10-10 19:30:51 +02:00
Viktor Lomakin ee6b17187f Fixed #30812 -- Made ConditionalGetMiddleware set ETag only for responses with non-empty content. 2019-10-10 09:51:05 +02:00
Ad Timmering 7b5f8acb9e Fixed #28690 -- Fixed handling of two-digit years in parse_http_date().
Due to RFC7231 ayear that appears to be more than 50 years in the
future are interpreted as representing the past.
2019-09-30 14:42:56 +02:00
Mariusz Felisiak 9a2a12d415 Advanced deprecation warnings for Django 3.1. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak cb2be9d5d5 Refs #29546 -- Removed django.utils.timezone.FixedOffset per deprecation timeline. 2019-09-10 12:01:00 +02:00
Nasir Hussain 25706d7285 Fixed #29714 -- Allowed using ExceptionReporter subclass with AdminEmailHandler. 2019-09-04 08:40:46 +02:00
Carlton Gibson 4f61810751 Fixed #30747 -- Renamed is_safe_url() to url_has_allowed_host_and_scheme(). 2019-09-02 15:32:23 +02:00
Jon Dufresne a44d80f88e Adjusted subprocess.run() calls to use arg list, rather than string.
The Python docs recommend passing a sequence to subprocess.run() when
possible. Doing so allows for automatic escaping and quoting of
arguments.

https://docs.python.org/3/library/subprocess.html#frequently-used-arguments

> args is required for all calls and should be a string, or a sequence
> of program arguments. Providing a sequence of arguments is generally
> preferred, as it allows the module to take care of any required
> escaping and quoting of arguments (e.g. to permit spaces in file
> names).

Also removed `shell=True` where unnecessary.
2019-08-28 10:19:30 +02:00
Jon Dufresne 1e6b9e29e6 Refs #27795 -- Removed an unnecessary force_bytes() call in uri_to_iri().
The value returned from urllib.parse.quote() is always a string, so can
safely call .encode().
2019-08-28 09:20:46 +02:00
Claude Paroz 9386586f31 Replaced subprocess commands by run() wherever possible. 2019-08-23 10:53:36 +02:00
Adnan Umer 6805c0f99f Fixed #30701 -- Updated patch_vary_headers() to handle an asterisk according to RFC 7231. 2019-08-16 15:25:42 +02:00
Claude Paroz 88c0b907e7 Refs #30461 -- Added django.utils._os.to_path(). 2019-08-13 17:17:39 +02:00
swatantra 73ac9e3f04 Fixed #30677 -- Improved error message for urlencode() and Client when None is passed as data. 2019-08-11 20:15:23 +02:00
Jon Dufresne e8d0d2a5ef Removed unneeded ValueError catching in django.utils.text._replace_entity().
The html.entities.name2codepoint dict contains only valid Unicode
codepoints. Either the key exists and chr() will succeed or the key does
not exist.
2019-08-01 14:30:20 +02:00
Florian Apolloner 76ed1c49f8 Fixed CVE-2019-14235 -- Fixed potential memory exhaustion in django.utils.encoding.uri_to_iri().
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Florian Apolloner 4b78420d25 Fixed CVE-2019-14233 -- Prevented excessive HTMLParser recursion in strip_tags() when handling incomplete HTML entities.
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Florian Apolloner 7f65974f82 Fixed CVE-2019-14232 -- Adjusted regex to avoid backtracking issues when truncating HTML.
Thanks to Guido Vranken for initial report.
2019-08-01 09:24:54 +02:00
Nick Pope f618e033ac Fixed #30160 -- Added support for LZMA and XZ templates to startapp/startproject management commands. 2019-07-31 10:02:13 +02:00
Nick Pope 69a30f620e Refs #30160 -- Simplified archive extension map and added other aliases. 2019-07-31 09:46:17 +02:00
Nick Pope 0509148c24 Refs #30160 -- Made destination path a required argument of extract(). 2019-07-30 11:27:56 +02:00
Tom Forbes fc75694257 Fixed #30647 -- Fixed crash of autoreloader when extra directory cannot be resolved. 2019-07-24 14:08:37 +02:00
Mariusz Felisiak fed5e19369
Removed unused BaseReloader.watch_file().
Unused since its introduction in c8720e7696.
2019-07-24 13:32:02 +02:00