Commit Graph

2596 Commits

Author SHA1 Message Date
Luke Plant 7230a995ce Moved contrib.csrf.* to core code.
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:36:34 +00:00
Luke Plant 8e70cef9b6 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
This is a large change to CSRF protection for Django.  It includes:

 * removing the dependency on the session framework.
 * deprecating CsrfResponseMiddleware, and replacing with a core template tag.
 * turning on CSRF protection by default by adding CsrfViewMiddleware to
   the default value of MIDDLEWARE_CLASSES.
 * protecting all contrib apps (whatever is in settings.py)
   using a decorator.

For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.

Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.

Details of the rationale for these changes is found here:

http://code.djangoproject.com/wiki/CsrfProtection

As of this commit, the CSRF code is mainly in 'contrib'.  The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Luke Plant c6e8e5d9f0 Fixed non-standard introspection support in LazyObject.
LazyObject called a public method ``get_all_members`` on wrapped objects in
order to allow introspection.  This could easily cause name clashes with
existing methods on wrapped objects, and so has been changed to use the
standard methods.  This could be slightly backwards-incompatible, in obscure
cases, if the undocumented LazyObject has been used externally.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11636 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-19 21:48:06 +00:00
Russell Keith-Magee b8b9411ffc Fixed #11659 -- Corrected a minor typo in the v1.1 release notes. Thanks to agabel for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11537 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:52:25 +00:00
James Bennett 542c33eec8 Add release date to 1.1 release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11365 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-29 05:52:06 +00:00
Jacob Kaplan-Moss 91f18400cc Added 1.1 release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11362 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-29 05:31:00 +00:00
Russell Keith-Magee 6644ef72c8 Fixed #11519 -- Corrected minor typo in release notes index.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11338 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-27 01:52:23 +00:00
James Bennett 84d86c07e0 Clarify the description of URL namespacing.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11288 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-22 01:41:16 +00:00
James Bennett d33386c584 Add draft release notes for 1.1 RC 1.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11287 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-22 01:26:47 +00:00
Russell Keith-Magee b9d1757840 Fixed #11119 -- Corrected spelling error in 1.0 porting guide.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11050 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 13:35:36 +00:00
Jacob Kaplan-Moss c6c25adf6d Fixed a whole bunch of small docs typos, errors, and ommissions.
Fixes #8358, #8396, #8724, #9043, #9128, #9247, #9267, #9267, #9375, #9409, #9414, #9416, #9446, #9454, #9464, #9503, #9518, #9533, #9657, #9658, #9683, #9733, #9771, #9835, #9836, #9837, #9897, #9906, #9912, #9945, #9986, #9992, #10055, #10084, #10091, #10145, #10245, #10257, #10309, #10358, #10359, #10424, #10426, #10508, #10531, #10551, #10635, #10637, #10656, #10658, #10690, #10699, #19528.

Thanks to all the respective authors of those tickets.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10371 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-03 18:30:54 +00:00
Gary Wilson Jr b4f5655c86 Fixed #10553 -- Corrected several uses of `URLconf` in documentation and comments, according to the Django style guide. Based on patch from rduffield.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10256 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-31 16:07:07 +00:00
Jacob Kaplan-Moss 4246c832b6 Added 1.1 beta release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10130 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-23 23:25:03 +00:00
Luke Plant 4e2533436e Removed erroneous changes to 1.1 alpha 1 release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10120 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-23 16:37:25 +00:00
Luke Plant 2d28724730 Added CSRF middleware to default settings and updated docs.
Updated docs to reflect the change, and the fact that using the
two separate middleware is preferred to using the combined one.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@10094 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-19 23:14:20 +00:00
Jacob Kaplan-Moss 28605a9c26 Whitespace fix to [9896].
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9897 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-02-24 02:31:09 +00:00
Jacob Kaplan-Moss 17bb750b08 Cleaned up some reST errors in the 1.1 alpha release notes, and made a few minor edits.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9895 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-02-24 02:21:09 +00:00
James Bennett f3a95d2d14 Add 1.1 alpha 1 release notes
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9893 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-02-24 01:42:45 +00:00
Karen Tracey b197fa7ece Fixed #10152 -- Fixed typo in porting guide. Thanks eagle-eyed anonymous.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9795 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-01-29 20:21:43 +00:00
Malcolm Tredinnick d1102d63e6 Fixed #9677 -- Fixed a tiny typo in the 1.0.2 release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9584 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-12-07 03:54:45 +00:00
James Bennett e5437af89a Forward-port docutils fix from [9497].
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9498 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-19 05:26:31 +00:00
James Bennett 5759f28947 Add 1.0.2 release notes to trunk so they show up online
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9496 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-19 05:21:58 +00:00
James Bennett 2246d526b1 One more correction to the release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9456 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-15 05:57:39 +00:00
James Bennett 1d375e1472 Port [9450] forward to trunk.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9451 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-15 05:36:30 +00:00
James Bennett f5532f7119 Add 1.0.1 release notes to trunk so they'll show up in the online docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9449 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-15 05:21:37 +00:00
Brian Rosner 227a5a4ee6 Corrected a typo in the 1.0 porting guide.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9219 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-09 23:35:34 +00:00
Malcolm Tredinnick cddece2db1 Fixed #9254 -- Added information to the porting guide about the removal of
"core" and the new methods on model file- and image-fields.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@9166 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-06 08:30:02 +00:00
James Bennett b131462d76 Add note to 1.0 porting guide about removal of dictionary access to HTTP request objects
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9153 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-05 16:03:58 +00:00
Brian Rosner 2d8d69f9ae Fixed #9050 -- Fixed a typo in the 1.0 porting guide in the admin section. Thanks ahebert.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9017 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-12 16:56:09 +00:00
Gary Wilson Jr acf2600a4c Fixed #8911 -- Several corrections for the 1.0 porting documentation, thanks arien.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8979 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-07 19:15:41 +00:00
Adrian Holovaty 6008485b80 Made a bunch of edits and typo corrections to 1.0-porting-guide.txt
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8966 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-05 00:48:34 +00:00
James Bennett ca422fd89b Now that the 1.0 release is finalized, we can fill in the revision number for it.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8962 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-04 05:26:09 +00:00
Jacob Kaplan-Moss 58fad7f9fd Added the last notes about 1.0, including the inevitable (short!) list of known issues.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8959 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-03 23:10:07 +00:00
Jacob Kaplan-Moss e62ab77054 A collection of improvements and cleanups to the 1.0 release notes and porting guide.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8937 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-03 19:58:34 +00:00
Jacob Kaplan-Moss b13276b1ff Fixed another typo in 1.0 notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8874 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 19:45:06 +00:00
Jacob Kaplan-Moss 0a7e454fa2 Fixed a typo in 1.0 notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8873 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 19:34:20 +00:00
Jacob Kaplan-Moss e997a1c3df Rough draft of 1.0 release notes. Not in any way finished.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8870 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 19:19:20 +00:00
Brian Rosner 6656642d36 Use a lower case 's' in URLS in the 1.0 porting guide.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8869 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 19:08:31 +00:00
Brian Rosner 5ff51f6bb3 Corrected a minor typo in the 1.0 porting guide.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8868 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 19:04:33 +00:00
Jacob Kaplan-Moss 58e3ef76db Updated API stability document for 1.0.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8866 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 18:45:33 +00:00
Simon Willison e00aa16e24 Fixed spelling typo in porting guide and added __str__ to __unicode__ to the model example
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8865 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 18:38:55 +00:00
Jacob Kaplan-Moss 23f012dbfa Cleaned up a bunch of minor doc stuff:
* Removed flatpages/redirects README; no other contrib apps have those.
  * Cleaned up top-level README to be more readable.
  * Removed outdated references to old docs (Fixes #8701)

git-svn-id: http://code.djangoproject.com/svn/django/trunk@8857 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 16:42:13 +00:00
Jacob Kaplan-Moss 1156db790a Added a rough draft of the 1.0 porting guide, and an obviously incomplete placeholder for the 1.0 release notes. Thanks to daonb, patrickf, and ramiro for contributions to this porting guide. Refs #8438.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8856 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 16:27:47 +00:00
James Bennett a20cf7f974 Small typo in notes
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8623 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-27 11:50:02 +00:00
James Bennett 236ceea87f 1.0 beta 2 release notes
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8622 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-27 11:49:42 +00:00
Jacob Kaplan-Moss 97cb07c3a1 Massive reorganization of the docs. See the new docs online at http://docs.djangoproject.com/.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8506 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-23 22:25:40 +00:00