Commit Graph

1637 Commits

Author SHA1 Message Date
Claude Paroz a8343fe7bf Refs #27795 -- Replaced force_text() with str() in feed generators 2017-04-27 09:31:08 +02:00
Claude Paroz 301de774c2 Refs #27795 -- Replaced many force_text() with str()
Thanks Tim Graham for the review.
2017-04-27 09:10:02 +02:00
petedmarsh 14671affc3 Fixed #28064 -- Removed double-quoting of key names in MultiValueDictKeyError. 2017-04-11 12:44:52 -04:00
Jon Dufresne b906c3db63 Removed duplicate lines in slugify(). 2017-04-10 08:12:37 -04:00
Daniel F Moisset 5d3b322dce Made MultiValueDict.__deepcopy__()'s memo kwarg an arg.
It's always provided.
2017-04-07 09:13:57 -04:00
Raphael Michel bde814142a Fixed #22654 -- Broken decimal validation 2017-04-07 12:45:08 +02:00
Tim Graham 5ea48a70af Fixed #27912, CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs.
This is a security fix.
2017-04-04 10:42:06 -04:00
Claude Paroz 8346680e1c Refs #27795 -- Removed unneeded force_text calls
Thanks Tim Graham for the review.
2017-03-04 18:18:21 +01:00
Tim Graham 6ae1b04fb5 Fixed #27900 -- Made escapejs escape backticks for use in ES6 template literals. 2017-03-04 09:04:16 -05:00
Pavlo Kapyshin b6fbf3e8e5 Fixed #27879 -- Fixed crash if enclosures aren't provided to Atom1Feed.add_item().
Regression in 75cf9b5ac0
2017-02-24 09:46:31 -05:00
Ian Foote 508b5debfb Refs #11964 -- Made Q objects deconstructible. 2017-02-23 20:47:48 -05:00
Anton Samarchyan 9718fa2e8a Refs #27656 -- Updated django.utils docstring verbs according to PEP 257. 2017-02-11 16:11:08 -05:00
Chronial 03281d8fe7 Fixed #26005 -- Fixed some percent decoding cases in uri_to_iri(). 2017-02-09 09:22:00 -05:00
Tim Graham 500532c95d Refs #23919 -- Removed default 'utf-8' argument for str.encode()/decode(). 2017-02-09 09:03:47 -05:00
Claude Paroz 3a148f958d Refs #27795 -- Removed force_text from the template layer
Thanks Tim Graham for the review.
2017-02-07 17:14:02 +01:00
Claude Paroz c651331b34 Converted usage of ugettext* functions to their gettext* aliases
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
Claude Paroz 2757209c9d Refs #27795 -- Removed force_text from templatize function 2017-02-06 17:35:03 +01:00
Tim Graham 2d899ce16b Refs #23919 -- Removed a Python 2 code path in force_text().
Reverted the obsolete fix and tests for refs #12302.
2017-02-03 19:38:33 -05:00
Tim Graham 26619ad7b0 Removed an untested and broken branch in force_bytes() (refs #6353).
The new test crashed in the removed branch. It's unclear if the branch has
value since c6a2bd9b96 didn't include tests.
2017-02-03 19:36:53 -05:00
Tim Graham 4ee877a7b0 Used super() in DjangoUnicodeDecodeError. 2017-02-03 19:16:14 -05:00
Claude Paroz a21ec12409 Fixed #27803 -- Kept safe status of lazy safe strings in conditional_escape 2017-02-02 21:01:39 +01:00
Vytis Banaitis 8838d4dd49 Refs #23919 -- Replaced kwargs.pop() with keyword-only arguments. 2017-02-01 11:41:56 -05:00
Vytis Banaitis 84126f2789 Refs #23919 -- Removed unneeded code in force_text().
Unneeded since 7b2f2e74ad.
2017-01-31 18:31:17 -05:00
Claude Paroz ccfd1295f9 Refs #27795 -- Prevented SafeText from losing safe status on str()
This will allow to replace force_text() by str() in several places (as one of
the features of force_text is to keep the safe status).
2017-01-30 21:10:32 +01:00
Claude Paroz 52138b1fd0 Refs #23919 -- Removed usage of obsolete SafeBytes class
The class will be removed as part of #27753.
Thanks Tim Graham for the review.
2017-01-30 15:04:45 +01:00
Claude Paroz 277a4dd4b4 Fixed #27793 -- Used stdlib's ipaddress module to validate IP addresses
Thanks Tim Graham for the review.
2017-01-30 14:22:18 +01:00
Claude Paroz e34f4e6f87 Made ugettext* functions aliases of gettext*
Thanks Tim Graham for the review.
2017-01-28 12:01:30 +01:00
Chillar Anand 6478e07a62 Refs #23919 -- Replaced tempfile.mkdtemp() with TemporaryDirectory() context manager. 2017-01-26 13:54:16 -05:00
Claude Paroz fee42fd99e Refs #23919 -- Replaced usage of django.utils.http utilities with Python equivalents
Thanks Tim Graham for the review.
2017-01-26 19:49:03 +01:00
Vytis Banaitis d1bab24e01 Refs #23919, #27778 -- Removed obsolete mentions of unicode. 2017-01-26 08:19:27 -05:00
chillaranand d6eaf7c018 Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-25 12:23:46 -05:00
Mads Jensen ebf34c3cdc Removed unused variables that are overwritten. 2017-01-25 09:14:05 -05:00
Claude Paroz d2e7d15b4c Assumed iri_to_uri always returns a string
Thanks Tim Graham for the review.
2017-01-23 19:59:33 +01:00
Claude Paroz 6e55e1d88a Refs #23919 -- Replaced six.reraise by raise 2017-01-22 20:08:04 +01:00
Tim Graham d170c63351 Refs #23919 -- Removed misc references to Python 2. 2017-01-21 20:02:00 -05:00
Mariusz Felisiak c22212220a Refs #23919 -- Removed re.U and re.UNICODE (default on Python 3). 2017-01-21 14:28:16 -05:00
Tim Graham 9e6e32bf5d Refs #23919 -- Removed django.utils.decorators.available_attrs() usage.
It's only needed to workaround a bug on Python 2.
2017-01-21 13:20:17 -05:00
Claude Paroz 042b7350a0 Refs #23919 -- Removed unneeded str() calls 2017-01-20 14:13:55 +01:00
Tim Graham 4e729feaa6 Refs #23919 -- Removed django.utils._os.upath()/npath()/abspathu() usage.
These functions do nothing on Python 3.
2017-01-20 08:01:02 -05:00
Claude Paroz dc8834cad4 Refs #23919 -- Removed unneeded force_str calls 2017-01-20 08:44:31 +01:00
Tim Graham d29fd3f9a6 Fixed django/utils/http.py comment typo. 2017-01-19 13:21:54 -05:00
Tim Graham d4bb37593e Refs #23919 -- Removed obsolete compare_digest() and pbkdf2() implementations. 2017-01-19 11:55:23 -05:00
Chillar Anand 41e0033caf Refs #23919 -- Removed usage of django.utils.decorators.ContextDecorator. 2017-01-19 11:28:30 -05:00
Simon Charette 4c5ed3e683 Refs #23919 -- Removed __nonzero__() methods (for Python 2).
Thanks Tim for the review.
2017-01-19 11:26:26 -05:00
Simon Charette cecc079168 Refs #23919 -- Stopped inheriting from object to define new style classes. 2017-01-19 08:39:46 +01:00
Aymeric Augustin eb422e476f Refs #23919 -- Removed obsolete __ne__() methods.
__ne__() defaults to the opposite of __eq__() on Python 3
when it doesn't return NotImplemented.
2017-01-18 21:44:00 -05:00
Aymeric Augustin 3cc5f01d9b Refs #23919 -- Stopped using django.utils.lru_cache(). 2017-01-18 21:42:40 -05:00
Claude Paroz 2b281cc35e Refs #23919 -- Removed most of remaining six usage
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
Claude Paroz 7b2f2e74ad Refs #23919 -- Removed six.<various>_types usage
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
Claude Paroz c716fe8782 Refs #23919 -- Removed six.PY2/PY3 usage
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz d7b9aaa366 Refs #23919 -- Removed encoding preambles and future imports 2017-01-18 09:55:19 +01:00
Tim Graham f847308200 Advanced deprecation warnings for Django 2.0. 2017-01-17 20:52:05 -05:00
Tim Graham 60ca37d2e5 Refs #24046 -- Removed mark_for_escaping() per deprecation timeline. 2017-01-17 20:52:04 -05:00
Tim Graham eba093e8b0 Refs #25847 -- Removed support for User.is_(anonymous|authenticated) as methods.
Per deprecation timeline.
2017-01-17 20:52:03 -05:00
Tim Graham 9d304b26cf Refs #20223 -- Removed deprecated django.utils.functional.allow_lazy(). 2017-01-17 20:52:02 -05:00
Tim Graham 75cf9b5ac0 Refs #13110 -- Removed SyndicationFeed.add_item()'s enclosure argument.
Per deprecation timeline.
2017-01-17 20:52:01 -05:00
Tim Graham c6de8cca20 Refs #24728 - Removed Atom1Feed/RssFeed mime_type attribute.
Per deprecation timeline.
2017-01-17 20:52:00 -05:00
Jinank Jain f4c0eec713 Fixed #27699 -- Added negative timedelta support to parse_duration() 2017-01-14 11:17:54 +01:00
vinay karanam 6128c1736d Refs #27637 -- Fixed timesince, timeuntil on New Year's Eve in a leap year. 2017-01-02 08:40:44 -05:00
Anton Samarchyan 5cf4894836 Fixed #27628 -- Fixed unarchiving a file without permission data. 2016-12-28 19:14:58 -05:00
Aleksi Häkli f6671c5d78 Fixed #27647 -- Fixed Windows segmentation fault in runserver autoreload. 2016-12-28 08:04:09 -05:00
Tim Graham 51cde873d9 Fixed #27648 -- Deprecated (iLmsu) regex groups in url() patterns. 2016-12-27 15:59:13 -05:00
Mariusz Felisiak 3e5c5e6754 Fixed #27637 -- Fixed timesince, timeuntil in leap year edge case. 2016-12-27 09:29:11 -05:00
Jaap Roes 3188b49ee2 Fixed #25753 -- Made get_format() cache the formats from Django settings 2016-12-21 17:40:08 +01:00
Michael Lelyakin fb1349ce8c Used ternary if/else in utils.lorem_ipsum.words(). 2016-12-14 17:36:34 -05:00
Mariusz Felisiak 8e3a72f4fb Fixed #27583 -- Fixed MultiValueDict.getlist() crash when values for key is None.
Restored the behavior before 727d7ce6cb.
2016-12-09 15:31:52 -05:00
Anton Samarchyan d0112cf930 Fixed #26494 -- Made Archive.extract() preserve file permissions. 2016-12-06 08:28:36 -05:00
Keda87 48826aa541 Fixed #27546 -- Removed hardcoded class names in __repr__() methods. 2016-12-01 08:11:09 -05:00
Adam Chainz 71609a5b90 Fixed #27555 -- Removed django.utils.functional.lazy_property. 2016-11-29 19:01:12 -05:00
Tim Graham 2e5fbe889f Cleaned up some __getstate__() docstrings. 2016-11-23 09:45:21 -05:00
Ramin Farajpour Cami 0a63ef3f61 Fixed #27463 -- Fixed E741 flake8 warnings. 2016-11-14 17:40:28 -05:00
Ramin Farajpour Cami 967be82443 Fixed E305 flake8 warnings. 2016-11-14 12:30:46 -05:00
Tim Graham 6072de727f Decorated a few functions. 2016-11-14 12:20:44 -05:00
Joachim Jablon fd78fb82d6 Fixed #27138 -- Restored pre-Python 3.6 behavior of localtime() and make_naive() on Python 3.6.
Reverted test changes in a7a7ecd2b0 and
e43ea36b76 (refs #27025).
2016-11-07 19:07:18 -05:00
Carl Meyer 7107b6ff0f Fixed #27454 -- Skipped gettext calls for apps without a locale dir. 2016-11-07 09:59:13 +01:00
Krzysztof Urbaniak a01d887a3a Fixed #27063 -- Prevented i18n_patterns() from using too much of the URL as the language. 2016-10-31 14:32:01 -04:00
Tim Graham 414ad25b09 Fixed #27327 -- Simplified time zone handling by requiring pytz. 2016-10-27 08:53:20 -04:00
Claude Paroz d75c2ccaa0 Removed note about obsolete Python version 2016-10-20 16:39:14 +02:00
Kevin Christopher Henry 9108696a75 Refs #19705 -- Changed gzip modification times to 0.
This makes gzip output deterministic, which allows
ConditionalGetMiddleware to reliably compare ETags on gzipped
content (views using the gzip_page() decorator in particular).
2016-10-14 07:41:42 -04:00
Kevin Christopher Henry bd7237d7ec Fixed #19705 -- Set proper headers on conditional Not Modified responses. 2016-10-12 14:43:25 -04:00
Nick Pope a346a88d46 Added missing roles/options to parse_color_setting()'s docstring. 2016-10-11 10:39:32 -04:00
Denis Cornehl a840710e1e Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware. 2016-10-10 14:55:59 -04:00
Reto Aebersold 3ab55c1a8a Fixed #27309 -- Added CallableBool.__hash__(). 2016-10-04 07:44:19 -04:00
Claude Paroz fa2f55cfd5 Refs #26940 -- Re-allowed makemessages without settings
Thanks Tim Graham for the review.
2016-10-01 14:57:16 +02:00
Rinat Khabibiev 9e07a9b5fe Fixed #27226 -- Removed patch_response_headers()'s setting of the Last-Modified header. 2016-09-28 09:09:09 -04:00
Sergey Fursov 6709ea4ae9 Fixed #27271 -- Fixed a crash in runserver logging.
Allowed ServerFormatter to handle simple string messages or messages with
formatting arguments. The formatter will set the server_time variable on
the log record if it's required by the format string but wasn't passed in
extra parameters.
2016-09-27 09:46:07 -04:00
Jon Dufresne 4ff389dcdc Removed unused regexes from django.utils.html.
Last uses removed in commit 8b81dee60c.
2016-09-23 11:24:50 -07:00
Tim Graham 8119b679eb Refs #27025 -- Fixed "invalid escape sequence" warnings in Python 3.6.
http://bugs.python.org/issue27364
2016-09-17 15:44:06 -04:00
Kevin Christopher Henry 22e303887b Refs #27083 -- Updated conditional header comparison to match RFC 7232. 2016-09-16 15:45:53 -04:00
Jani Tiainen 727d7ce6cb Fixed #27198 -- Made MultiValueDict.getlist() return a new list to prevent mutation. 2016-09-16 15:16:18 -04:00
Kevin Christopher Henry 4ef0e019b7 Fixed #27083 -- Added support for weak ETags. 2016-09-10 08:14:52 -04:00
Jon Dufresne f227b8d15d Refs #26956 -- Allowed is_safe_url() to validate against multiple hosts 2016-09-07 19:56:25 -07:00
Jon Dufresne ff1e7b4eb4 Fixed #25181 -- Added localdate() function to get date in a different time zone.
Thanks Konrad Świat for the original patch.
2016-08-31 17:19:33 -07:00
Olexander Yermakov b7fb608142 Fixed #27154 -- Allowed comparing CallableBool with bitwise or.
Thanks Tim for the review.
2016-08-31 08:27:37 -04:00
Mattias Loverot 2315114090 Fixed #27067 -- Deprecated string_concat() in favor of format_lazy(). 2016-08-25 16:12:40 -04:00
Mattias Loverot 9aaeec337e Fixed #26866 -- Added format_lazy function
Added format_lazy function to django.utils.text module.
Useful when dealing with relative complex lazy string concatenations
(e.g. in urls.py when translating urls in regular expressions).
2016-08-24 18:18:17 +02:00
Przemysław Suliga 5e5a17028f Fixed #26902 -- Allowed is_safe_url() to require an https URL.
Thanks Andrew Nester, Berker Peksag, and Tim Graham for reviews.
2016-08-19 18:51:33 -04:00
Claude Paroz 5fb22b4d4c Fixed #27034 -- Made makemessages independent of USE_I18N
Thanks Tim Graham for the review.
2016-08-11 21:16:19 +02:00
Ville Skyttä a2fb2b3a1f Fixed #27020 -- Used a context manager to close files. 2016-08-04 19:45:14 -04:00
Tim Graham 54afa960d1 Fixed #26988 -- Improved/clarified User.is_authenticated/anonymous compatibility.
Thanks marktranchant for the report and review.
2016-08-02 11:01:08 -04:00
Will Hardy 8ef78b8165 Fixed #26656 -- Added duration (timedelta) support to DjangoJSONEncoder. 2016-07-14 13:34:15 -04:00
jasisz b5a1c3a6f5 Fixed #25920 -- Added support for non-uniform NUMBER_GROUPING. 2016-06-22 17:28:49 -04:00
Carl Meyer 7d1b69dbe7 Refs #26601 -- Improved backwards-compatibility of DEP 5 middleware exception handling. 2016-06-17 10:00:39 -07:00
Vytis Banaitis 57eb17b8c7 Fixed #26746 -- Fixed handling of zero priority in Accept-Language header parsing. 2016-06-13 07:58:25 -04:00
Vytis Banaitis f1b38842af Fixed #26744 -- Fixed a typo in regex for Accept-Language header parsing. 2016-06-11 21:32:56 -04:00
Thejaswi Puthraya c8d2120b06 Fixed #26705 -- Fixed plural versions of languages not supported by Django. 2016-06-08 16:17:17 -04:00
Scott Vitale be729b6120 Fixed #10107 -- Allowed using mark_safe() as a decorator.
Thanks ArcTanSusan for the initial patch.
2016-06-07 12:24:03 -04:00
Chesco Igual ffd18732f3 Fixed #24781 -- Fixed repr() for lazy objects. 2016-06-04 19:13:00 -04:00
Ketan Bhatt f31fbbae1a Fixed #26653 -- Made SyndicationFeed.latest_post_date() return time in UTC. 2016-05-30 18:36:15 -04:00
Tim Graham 6f520bf7d8 Added RemovedInDjango21Warning 2016-05-28 21:12:39 -04:00
Florian Apolloner 9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Andre Cruz 929684d6ee Fixed #21231 -- Enforced a max size for GET/POST values read into memory.
Thanks Tom Christie for review.
2016-05-12 10:17:52 -04:00
Tim Graham 2f0e0eee45 Fixed #24046 -- Deprecated the "escape" half of utils.safestring. 2016-05-10 12:46:47 -04:00
Claude Paroz c3e1086949 Stopped truncating AdminEmailHandler message subjects
Refs #26572, #17281. The RFC doesn't limit total length, just the line length
which is already taken care of by Python itself.
Thanks Tim Graham for the review.
2016-05-10 18:17:43 +02:00
Vasiliy Faronov 31e0314979 Fixed #26580 -- Updated references to obsolete RFC 2822.
Didn't rename django.utils.feedgenerator.rfc2822_date()
as some external code may rely on it.
2016-05-10 11:24:51 -04:00
Vasiliy Faronov ac77c55bc5 Fixed #26567 -- Updated references to obsolete RFC2616.
Didn't touch comments where it wasn't obvious that the code adhered to
the newer standard.
2016-05-03 11:14:40 -04:00
Marko Benko 45c7acdc50 Fixed #26281 -- Added a helpful error message for an invalid format specifier to dateformat.format(). 2016-04-20 20:13:52 -04:00
Jeremy Lainé c1aec0feda Fixed #25847 -- Made User.is_(anonymous|authenticated) properties. 2016-04-09 14:54:18 -04:00
Tim Graham df8d8d4292 Fixed E128 flake8 warnings in django/. 2016-04-08 09:51:06 -04:00
Tim Graham 3913a56558 Removed unused django.utils.http.PROTOCOL_TO_PORT.
Unused since b0c56b895f.
2016-04-06 12:29:20 -04:00
Tim Graham 2cd2d18851 Fixed W503 flake8 warnings. 2016-04-04 17:14:26 -04:00
Tim Graham 2c125bded1 Refs #18239 -- Removed an obsolete workaround for bugs in HTMLParser. 2016-03-26 12:48:29 -04:00
Amine Yaiche 32c8e43ef1 Fixed #26378 -- Allowed a left byte of zero in mixed IPv4/IPv6 validation. 2016-03-23 08:18:29 -04:00
Claude Paroz 11c60b5298 Reused the DjangoTranslation class for the javascript_catalog view
Thanks Tim Graham and Cristiano Coelho for the reviews.
Refs #26328, #26319.
2016-03-08 21:39:59 +01:00
Claude Paroz 552f03869e Added safety to URL decoding in is_safe_url() on Python 2
The errors='replace' parameter to force_text altered the URL before checking
it, which wasn't considered sane. Refs 24fc935218 and ada7a4aef.
2016-03-04 23:33:35 +01:00
Claude Paroz ada7a4aefb Fixed #26308 -- Prevented crash with binary URLs in is_safe_url()
This fixes a regression introduced by c5544d2892.
Thanks John Eskew for the reporti and Tim Graham for the review.
2016-03-04 21:14:14 +01:00
Mark Striemer c5544d2892 Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.
This is a security fix.
2016-03-01 11:25:28 -05:00
Nick Malakhov ee69789f45 Fixed #26269 -- Prohibited spaces in is_valid_ipv6_address(). 2016-02-25 18:52:50 -05:00
Alexey Kotlyarov b59f963ad2 Fixed #26212 -- Made forms.FileField and translation.lazy_number() picklable. 2016-02-15 11:44:29 -05:00
Jon Dufresne dec334cb66 Fixed #26193 -- Made urlize() trim multiple trailing punctuation. 2016-02-15 09:10:15 -05:00
Marcin Markiewicz f7a9872b91 Fixed #26173 -- Prevented localize_input() from formatting booleans as numbers. 2016-02-09 13:07:33 -05:00
Ben Kraft 13023ba867 Fixed #26122 -- Fixed copying a LazyObject
Shallow copying of `django.utils.functional.LazyObject` or its subclasses has
been broken in a couple of different ways in the past, most recently due to
35355a4.
2016-01-26 06:56:21 -05:00
userimack 60586dd737 Fixed #26125 -- Fixed E731 flake warnings. 2016-01-25 14:23:43 -05:00
Claude Paroz 104eddbdf6 Fixed #26093 -- Allowed escape sequences extraction by gettext on Python 3
Thanks Sylvain Fankhauser for the report and Tim Graham for the review.
2016-01-23 14:00:55 +01:00
Tim Graham 5b94b17fef Fixed #25999 -- Removed promotion of RemovedInNextVersionWarning to loud by default. 2016-01-14 09:05:43 -05:00
Tim Graham d45cfefbad Refs #25769 -- Updated docs to reflect get_version() uses PEP 0440. 2016-01-13 07:06:34 -05:00
Flavio Curella 0bc5cd6280 Fixed #25684 -- Made runserver use logging for request/response output.
Thanks andreif for the contributing to the patch.
2016-01-11 07:35:17 -05:00
Claude Paroz 632a9f21bc Fixed #26046 -- Fixed a crash with translations and Django-unknown language code
Thanks Jens Lundstrom for the report and Tim Graham for the review.
2016-01-06 20:30:56 +01:00
Benjamin Bach 8ad18103a1 Replaced dict.setdefault() usage to avoid unnecessary object instantiations. 2016-01-05 13:06:23 -05:00
Denis Cornehl 186b6c61bf Fixed #26024 -- Fixed regression in ConditionalGetMiddleware ETag support.
Thanks Denis Cornehl for help with the patch.
2016-01-05 09:37:11 -05:00
Claude Paroz cd3c042b04 Fixed #25915 -- Allowed language not in Django's default LANGUAGES
This fixes a regression introduced by a5f6cbce07.
Thanks Gavin Wahl for the report and Tim Graham for the review.
2015-12-18 17:50:16 +01:00
Claude Paroz ed20dd2e85 Fixed #25875 -- Prevented UnicodeDecodeError for Q object repr
Thanks Ben Kraft for the report, and Simon Charette for the review.
2015-12-13 15:07:17 +01:00
Iacopo Spalletti d693074d43 Fixed #20223 -- Added keep_lazy() as a replacement for allow_lazy().
Thanks to bmispelon and uruz for the initial patch.
2015-12-12 14:46:48 -05:00
Raphaël Hertzog 9f4e031bd3 Fixed #25761 -- Added __cause__.__traceback__ to reraised exceptions.
When Django reraises an exception, it sets the __cause__ attribute even
in Python 2, mimicking Python's 3 behavior for "raise Foo from Bar".
However, Python 3 also ensures that all exceptions have a __traceback__
attribute and thus the "traceback2" Python 2 module (backport of Python
3's "traceback" module) relies on the fact that whenever you have a
__cause__ attribute, the recorded exception also has a __traceback__
attribute.

This is breaking testtools which is using traceback2 (see
https://github.com/testing-cabal/testtools/issues/162).

This commit fixes this inconsistency by ensuring that Django sets
the __traceback__ attribute on any exception stored in a __cause__
attribute of a reraised exception.
2015-12-03 16:31:50 -05:00
Gagaro 34d88944f4 Fixed #25812 -- Restored the ability to use custom formats with the date template filter. 2015-11-28 08:38:45 -05:00
Florian Apolloner 316bc3fc94 Fixed a settings leak possibility in the date template filter.
This is a security fix.
2015-11-24 11:20:29 -05:00
Tim Graham 4921d4e59f Fixed #25769 -- Updated get_version() release candidate naming for PEP 0440. 2015-11-19 10:00:09 -05:00
Tim Graham c7adfe941b Removed redundant termcolors.
Replaced MIGRATE_SUCCESS and MIGRATE_FAILURE with
SUCCESS and ERROR.
2015-11-18 10:26:39 -05:00
Attila Tovt 0a2d3b7387 Fixed #25682 -- Removed bare except clauses. 2015-11-17 14:39:15 -05:00
Jaap Roes 9a2aca6030 Fixed #25743 -- Optimized utils.localize() and localize_input()
Bail early if the input is a string since that's the most common case.
2015-11-12 13:24:53 -05:00
Marti Raudsepp d3e3703a15 Fixed #25720 -- Made gettext() return bytestring on Python 2 if input is bytestring.
This is consistent with the behavior of Django 1.7.x and earlier.
2015-11-11 08:56:10 -05:00
Tim Graham 4c593eaa5f Updated six to 1.10.0. 2015-11-10 22:05:48 -05:00
Dwight Gunning 1f29164ced Fixed #6727 -- Made patch_cache_control() patch an empty Cache-Control header. 2015-11-09 14:26:29 -05:00
Aymeric Augustin 1014ba026e Fixed debug view crash during autumn DST change.
This only happens if USE_TZ = False and pytz is installed (perhaps not
the most logical combination, but who am I to jugde?)

Refs #23714 which essentially fixed the same problem when USE_TZ = True.

Thanks Florian and Carl for insisting until I wrote a complete patch.
2015-11-07 23:17:33 +01:00
Neal Todd c3a974c81e Amended comment to remove reference to the no longer used NullHandler 2015-11-07 16:35:46 +01:00
Ville Skyttä 3ee18400ae Fixed #25668 -- Misc spelling errors 2015-11-03 11:58:13 +02:00
Tim Graham 0b5d32faca Fixed #25611 -- Standardized descriptor signatures. 2015-10-26 11:31:16 -04:00
Claude Paroz 8b5acda821 Fixed #25571 -- Fixed boolean evaluation of ungettext_lazy 2015-10-22 15:17:45 +02:00
Tim Graham 04ecc26223 Removed SimpleLazyObject workaround for a Python 3 bug.
The workaround added in fe8484efda
seems unnecessary as the Python bug is fixed in Python 3.4.
2015-10-05 09:46:59 -04:00
Tim Graham ea8e7fd989 Removed obsolete (since Python 2.3) __safe_for_unpickling__ attribute. 2015-10-05 08:07:27 -04:00
Ben Kraft 35355a4ffe Fixed #25389 -- Fixed pickling a SimpleLazyObject wrapping a model.
Pickling a `SimpleLazyObject` wrapping a model did not work correctly; in
particular it did not add the `_django_version` attribute added in 42736ac8.
Now it will handle this and other custom `__reduce__` methods correctly.
2015-10-03 13:00:37 -04:00
Tim Graham 8d1a001ef6 Fixed #25466 -- Added backwards compatibility aliases for LoaderOrigin and StringOrigin.
Thanks Simon Charette for the DeprecationInstanceCheck class.
2015-09-29 18:31:11 -04:00
Tim Graham 48e7787db5 Removed RemovedInDjango110Warning. 2015-09-23 19:31:11 -04:00
Tim Graham e5c12f6701 Refs #23613 -- Removed django.utils.checksums per deprecation timeline. 2015-09-23 19:31:10 -04:00
Tim Graham 222d063301 Refs #23269 -- Removed the removetags template tag and related functions per deprecation timeline. 2015-09-23 19:31:09 -04:00
Tim Graham 6b37719616 Refs #24526 -- Made the django logger handle INFO messages.
Without an explicit 'level', only messages at WARNING or higher
are handled. This makes the config consistent with the docs
which say, "The django catch-all logger sends all messages at
the INFO level or higher to the console."
2015-09-23 11:33:49 -04:00
Matt Deacalion Stevens f06ce6053c Fixed #25439 -- Added `SUCCESS` style to termcolor palettes 2015-09-23 09:01:02 +02:00
Unai Zalakain a4b80e2421 Refs #13110 -- Fixed mistakes in the new multiple enclosure feed tests 2015-09-19 15:54:33 +02:00
fabrizio ettore messina 186eb21dc1 Fixed #25269 -- Allowed method_decorator() to accept a list/tuple of decorators. 2015-09-18 19:04:29 -04:00
Unai Zalakain aac2a2d2ae Fixed #13110 -- Added support for multiple enclosures in Atom feeds.
The ``item_enclosures`` hook returns a list of ``Enclosure`` objects which is
then used by the feed builder. If the feed is a RSS feed, an exception is
raised as RSS feeds don't allow multiple enclosures per feed item.

The ``item_enclosures`` hook defaults to an empty list or, if the
``item_enclosure_url`` hook is defined, to a list with a single ``Enclosure``
built from the ``item_enclosure_url``, ``item_enclosure_length``, and
``item_enclosure_mime_type`` hooks.
2015-09-18 18:31:58 -04:00
Matt Robenolt b0c56b895f Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN.
Thanks Seth Gottlieb for help with the documentation and
Carl Meyer and Joshua Kehn for reviews.
2015-09-16 12:21:50 -04:00
Zan Anderle f3dc173240 Fixed #24917 -- Made admindocs display model methods that take arguments. 2015-09-07 15:07:39 -04:00
Alexandre Pocquet e7b7f94678 Fixed #25297 -- Allowed makemessages to work with {% trans %} tags that use template filters. 2015-09-04 15:09:09 -04:00
Maxime Lorant c92cd22d02 Refs #25345 -- Updated links to code.google.com. 2015-09-04 08:14:21 -04:00
Maxime Lorant 5153a3bfdc Fixed #25331 -- Removed trailing blank lines in docstrings. 2015-08-31 17:37:21 -04:00
Aymeric Augustin b79fc11d73 Made the autoreloader survive all exceptions.
Refs #24704.
2015-08-29 20:50:00 +02:00
Aymeric Augustin fe6ddb837d Fixed #24704 -- Made the autoreloader survive SyntaxErrors.
With this change, it's expected to survive anything except errors
that make it impossible to import the settings. It's too complex
to fallback to a sensible behavior with a broken settings module.

Harcoding things about runserver in ManagementUtility.execute is
atrocious but it's the only way out of the chicken'n'egg problem:
the current implementation of the autoreloader primarily watches
imported Python modules -- and then a few other things that were
bolted on top of this design -- but we want it to kick in even if
the project contains import-time errors and django.setup() fails.

At some point we should throw away this code and replace it by an
off-the-shelf autoreloader that watches the working directory and
re-runs `django-admin runserver` whenever something changes.
2015-08-29 20:49:56 +02:00
Aymeric Augustin c2fcba2ac7 Ensured gen_filenames() yields native strings.
This also fixes a test failure on Python 2 when Django is installed in a
non-ASCII path. This problem cannot happen on Python 3.
2015-08-29 20:49:25 +02:00
Aymeric Augustin 23620cb8e0 Accounted for error files in the autoreloader.
* When some old files contain errors, the second call to
  gen_filenames() should return them.
* When some new files contain errors, the first call to
  gen_filenames(only_new=True) should return them.
2015-08-29 20:47:38 +02:00
Claude Paroz 9324935c3e Fixed #25295 -- Restored 'no active translation' after language override
Thanks David Nelson Adamec for the report and Tim Graham for the review.
2015-08-25 10:32:10 +02:00
Denis Cornehl 7a40fef17a Fixed #24935 -- Refactored common conditional GET handling. 2015-08-15 09:08:45 -04:00
Doug Beck b7508896fb Fixed #24257 -- Corrected i18n handling of percent signs.
Refactored tests to use a sample project.

Updated extraction:
* Removed special handling of single percent signs.
* When extracting messages from template text, doubled all percent signs
  so they are not interpreted by gettext as string format flags. All
  strings extracted by gettext, if containing a percent sign, will now
  be labeled "#, python-format".

Updated translation:
* Used "%%" for "%" in template text before calling gettext.
* Updated {% trans %} rendering to restore "%" from "%%".
2015-08-12 10:23:34 -04:00
Claude Paroz 64982cc2fb Updated Wikipedia links to use https 2015-08-08 12:02:32 +02:00
Rigel Di Scala 3bdaaf6777 Fixed #25146 -- Allowed method_decorator() to decorate classes. 2015-08-01 08:38:03 -04:00
Edward Henderson f8cc464452 Fixed #16501 -- Added an allow_unicode parameter to SlugField.
Thanks Flavio Curella and Berker Peksag for the initial patch.
2015-07-17 13:48:58 -04:00
Vlastimil Zíma 8f8c54f70b Fixed #25099 -- Cleaned up HttpRequest representations in error reporting. 2015-07-13 19:22:39 -04:00
darkryder f675afa13c Fixed #25093 -- Added utils.datastructures.OrderedSet.__len__() 2015-07-09 21:20:52 -04:00
Chris Bainbridge e5cfa394d7 Refs #23882 -- Added detection for moved files when using inotify polling
Commit 15f82c7 ("used pyinotify as change detection system when
available") introduced a regression where editing a file in vim with
default settings (writebackup=auto) no longer causes the dev server
to be restarted. On a write, vim moves the monitored file to a backup
path and then creates a new file in the original. The new file is not
monitored as it has a different inode. Fixed this by also watching for
inotify events IN_DELETE_SELF and IN_MOVE_SELF.
2015-07-07 12:23:04 -04:00
Tim Graham 7da3923ba0 Sorted imports in __init__.py files. 2015-06-27 11:53:33 -04:00
Tim Graham aaacaeb096 Renamed RemovedInDjangoXYWarnings for new roadmap.
Forwardport of ae1d663b79
from stable/1.8.x plus more.
2015-06-24 16:08:20 -04:00
Marten Kenbeek 290ff35e6c Fixed #25000 -- Fixed cast to string for lazy objects.
Implemented __str__() to return the string-representation of the
proxied object, not the proxy itself, if the lazy object didn't have
a string-like object in its resultclasses.
2015-06-23 09:16:17 -04:00
Claude Paroz 9368f51e12 Fixed #20197 -- Made XML serializer fail loudly when outputting unserializable chars
Thanks Tim Graham for the review.
2015-06-19 20:54:46 +02:00
Tim Graham 7f1168e387 Removed support for Python 3.3. 2015-06-18 08:36:50 -04:00
Tim Graham 3872a33132 Fixed #24979 -- Removed usage of inspect.getargspec(). 2015-06-15 13:43:22 -04:00
Tim Graham 4b600ed244 Removed django.utils.functional.total_ordering() 2015-06-15 13:15:24 -04:00
Tim Graham 47fcbe506c Fixed flake8 warnings on Python 3. 2015-06-15 11:27:09 -04:00
Moritz Sichert 98df288dda Fixed #24978 -- Escaped special characters in loaddata fixture paths 2015-06-13 19:45:05 -04:00
Moritz Sichert 296919e7a5 Fixed #24965 -- Made LiveServerTestCase.live_server_url accessible from class 2015-06-12 17:44:54 -04:00
Tomasz Kontusz c2b4967e76 Fixed ImportError message in utils.module_loading.import_string() 2015-06-06 11:45:22 -04:00
Matthew Somerville c91bc68e9a Fixed #24927 -- Used python_2_unicode_compatible from six 2015-06-05 08:40:57 -04:00
Raphael Michel 6700c90935 Fixed #19210 -- Added leap year support to django.utils.timesince() 2015-06-04 21:36:12 -04:00
Raphael Michel 5c125f63f7 Fixed #24728 -- Renamed mime_type to content_type for syndication feeds
Renamed the mime_type properties of RssFeed and Atom1Feed to
content_type and start deprecation for the old names.
2015-06-04 13:24:18 -04:00
Tomáš Ehrlich 002b3d87b5 Fixed #24230 -- Added translated language name for i18n template tag/filter. 2015-06-02 16:04:01 -04:00
zauddelig 262d4db8c4 Fixed #24897 -- Allowed using choices longer than 1 day with DurationField 2015-06-02 12:39:34 -04:00
Tim Graham 70be31bba7 Fixed #24836 -- Made force_text() resolve lazy objects. 2015-05-27 09:48:53 -04:00
Piotr Jakimiak 4157c502a5 Removed unnecessary arguments in .get method calls 2015-05-13 20:51:18 +02:00
Tim Graham a969394cff Fixed logging regression introduced in bbe28496d3 2015-05-07 20:12:41 -04:00
Aymeric Augustin 76220fe730 Optimized two functions slightly.
This avoids calling date.tzinfo.utcoffset(date) twice. It's also
robust to cases where that function returns None -- which never
happens in practice :-)
2015-05-02 21:11:25 +02:00
Aymeric Augustin 432678dbc1 Simplified the implementation of timezone.is_aware/naive. 2015-05-02 21:11:03 +02:00
Markus Bertheau 4a438e400b Fixed #13008 -- Added more Cache-Control headers to never_cache() decorator. 2015-04-28 12:07:02 -04:00
Michal Čihař 76d26d8922 Fixed #24063 -- Allowed locale variants supported by gettext.
The locale code can contain a variant after @, so allowed that.
2015-04-24 20:31:16 -04:00
Josh Smeaton 143255c8bb Fixed #22598 -- Allowed make_aware() to work with ambiguous datetime 2015-04-24 13:55:40 -04:00
Tim Graham 8efea1b8d5 Fixed #24526 -- Combined django.request/security loggers with the root logger.
Thanks Carl Meyer for review.
2015-04-24 11:07:42 -04:00
Curtis Maloney 14ecbd02a3 Removed cases of six.iter* wrapped in a list()
There's absolutely no advantage [and a mild performance hit] to using six.iter*
in these cases.
2015-04-18 23:29:29 +10:00
Tim Graham ad53213066 Fixed #24562 -- Renamed get_major_version() to get_main_version()
This reflects the actual behavior of the method.
2015-04-06 09:19:34 -04:00
Claude Paroz 7a0d9b5cda Fixed #24569 -- Made some translation functions accept None value
get_language() can return None when translations are deactivated.
Thanks Nicola Peduzzi for the reporti and Tim Graham for the review.
2015-04-04 10:54:16 +02:00
Moritz Sichert 1f2abf784a Fixed #24469 -- Refined escaping of Django's form elements in non-Django templates. 2015-03-27 19:46:20 -04:00
Tim Graham 13bc311cdb Removed getLogger alias in django.utils.log. 2015-03-24 08:41:05 -04:00
Tim Graham 987e4b91d6 Removed the null handler in Django's default logging config.
It's unused since f0f327bb.
2015-03-24 08:26:14 -04:00
Bas Peschier b4382b7055 Fixed #16362 -- Allowed lookaround assertions in URL patterns. 2015-03-23 09:00:07 -04:00
Claude Paroz 9e83f30cd3 Fixed #24515 -- Fixed DjangoTranslation plural handling 2015-03-21 10:27:30 +01:00
Preston Timmons 55f12f8709 Cleaned up the template debug implementation.
This patch does three major things:

* Merges the django.template.debug implementation into django.template.base.

* Simplifies the debug implementation.

  The old implementation copied debug information to every token and node.
  The django_template_source attribute was set in multiple places, some
  quite hacky, like django.template.defaulttags.ForNode.

  Debug information is now annotated in two high-level places:

  * Template.compile_nodelist for errors during parsing
  * Node.render_annotated for errors during rendering

  These were chosen because they have access to the template and context
  as well as to all exceptions that happen during either the parse or
  render phase.

* Moves the contextual line traceback information creation from
  django.views.debug into django.template.base.Template. The debug views now
  only deal with the presentation of the debug information.
2015-03-20 08:58:07 -04:00
Tim Graham 011a54315e Made is_safe_url() reject URLs that start with control characters.
This is a security fix; disclosure to follow shortly.
2015-03-18 19:20:07 -04:00
Tim Graham 1c83fc88d6 Fixed an infinite loop possibility in strip_tags().
This is a security fix; disclosure to follow shortly.
2015-03-18 19:20:07 -04:00
Tim Graham 3ed9c7bdfe Fixed #24471 -- Enhanced urlize regex to exclude quotes and angle brackets. 2015-03-10 19:24:46 -04:00
Tim Graham 7b1a67cce5 Fixed escaping regression in urlize filter.
Now that the URL is always unescaped as of refs #22267,
we should re-escape it before inserting it into the anchor.
2015-03-10 18:58:34 -04:00
Claude Paroz df193b3cef Fixed #24382 -- Allowed unicode chars inside formatted numbers
Thanks Jacob Rief for the report and Tim Graham for the review.
2015-03-09 18:55:28 +01:00
Rik a5b225084f Fixed #23838 -- added missing `__iter__` to LazyObject 2015-03-08 15:42:23 +01:00
Claude Paroz ec808e807a Fixed urlize regression with entities in query strings
Refs #22267.
Thanks Shai Berger for spotting the issue and Tim Graham for the
initial patch.
2015-03-06 22:20:14 +01:00
Benjamin Wohlwend d6969abf23 Moved definition of chunks out of timesince function.
This speeds up the timesince function/filter substantially.
2015-03-04 22:30:14 +01:00
Claude Paroz 3cf1c02695 Fixed #24413 -- Prevented translation fallback for English
Thanks Tomasz Kontusz for the report, Baptiste Mispelon for
analysis and Tim Graham for the review.
2015-02-28 10:07:12 +01:00
Aymeric Augustin b9c619abc1 Prevented makemigrations from writing in sys.path[0].
There's no reason to assume that sys.path[0] is an appropriate location
for generating code. Specifically that doesn't work with extend_sys_path
which puts the additional directories at the end of sys.path.

In order to create a new migrations module, instead of using an
arbitrary entry from sys.path, import as much as possible from the path
to the module, then create missing submodules from there.

Without this change, the tests introduced in the following commit fail,
which seems sufficient to prevent regressions for such a refactoring.
2015-02-23 19:55:10 +01:00
Aymeric Augustin c688460df6 Removed rmtree_errorhandler.
The stated reason for its introduction in d18d37ce no longer applies
since Django's code repository was switched from Subversion to git.

Furthermore it never had any effect because shutil.rmtree ignores its
onerror argument when ignore_errors is True.

The reason for its use in template management commands is unclear.
2015-02-22 23:09:42 +01:00
Tim Graham bebc1e53a3 Refs #24324 -- Fixed UnicodeDecodeError in template_backends tests
The message for the SuspiciousFileOperation exception needs to
be a unicode string.
2015-02-17 18:44:31 -05:00
Lukas Klein 93b3ef9b2e Fixed #24321 -- Improved `utils.http.same_origin` compliance with RFC6454 2015-02-12 08:58:35 +01:00
Tim Graham 2ee9bce654 Removed some obsolete absolute_imports. 2015-02-09 13:37:23 -05:00
Alex Gaynor 82e0cd1571 Optimized allow_lazy() by not generating a new lazy wrapper on each invocation.
This dramatically improves performance on PyPy. The following benchmark:

python -mtimeit -s "from django.utils.functional import allow_lazy; from django.utils.translation import ugettext_lazy; f = allow_lazy(lambda s: s, str)" "f(ugettext_lazy('abc'))"

goes from 390us per loop to 165us.
2015-02-08 14:56:57 -05:00
Varun Sharma 540ca563de Fixed #24181 -- Fixed multi-char THOUSAND_SEPARATOR insertion
Report and original patch by Kay Cha.
2015-02-08 20:00:57 +01:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Tim Graham 607af78bb8 Removed django-2to3.py
Aymeric says, "It was fun to write, but I don't think it's very useful."
2015-02-06 06:22:00 -05:00
Tim Graham bbe28496d3 Removed old import aliases. 2015-02-05 19:37:01 -05:00
Matthew Somerville caa3562d5b Fixed #24242 -- Improved efficiency of utils.text.compress_sequence()
The function no longer flushes zfile after each write as doing so can
lead to the gzipped streamed content being larger than the original
content; each flush adds a 5/6 byte type 0 block. Removing this means
buf.read() may return nothing, so only yield if that has some data.
Testing shows without the flush() the buffer is being flushed every 17k
or so and compresses the same as if it had been done as a whole string.
2015-02-04 13:04:00 -05:00
darkryder 9ec8aa5e5d Fixed #24149 -- Normalized tuple settings to lists. 2015-02-03 14:59:45 -05:00
Claude Paroz cd0ceaa102 Fixed #24252 -- Forced lazy __str__ to utf-8 on Python 2
Thanks Stanislas Guerra for the report and Tomas Ehrlich for
the review.
2015-02-03 18:23:41 +01:00
Tim Graham 18f3e79b13 Removed threading fallback imports.
Django imports threading in many other places without fallback.
2015-01-28 10:23:25 -05:00
Adam Taylor 039465a6a7 Fixed typos in code comments. 2015-01-20 12:18:03 -05:00
Tim Graham 378a0d27d6 Advanced deprecation warnings for Django 1.9. 2015-01-19 12:22:41 -05:00
Tim Graham 5008a4db44 Removed legacy ORM lookup support per deprecation timeline; refs #16187. 2015-01-19 11:11:30 -05:00
Tim Graham d029fafea1 Removed utils.module_loading.import_by_path() per deprecation timeline; refs #21674. 2015-01-18 12:51:15 -05:00
Tim Graham df3f3bbe29 Removed utils.text.javascript_quote() per deprecation timeline; refs #21725. 2015-01-17 12:41:49 -05:00
Tim Graham f0a1df0b01 Removed deprecated Chinese language codes; refs #18149. 2015-01-17 11:23:43 -05:00
Tim Graham 1b0365ad34 Removed django.utils.tzinfo per deprecation timeline; refs #17262. 2015-01-17 09:32:33 -05:00
Tim Graham fed25f1105 Removed compatibility with Python 3.2. 2015-01-17 09:00:17 -05:00
Tim Graham c820892eed Removed django.utils.datastructures.SortedDict per deprecation timeline. 2015-01-17 08:40:23 -05:00
Tim Graham 41f0d3d3bc Removed FastCGI support per deprecation timeline; refs #20766. 2015-01-17 08:32:31 -05:00
Tim Graham 37b7776a01 Removed django.utils.datastructures.MergeDict per deprecation timeline; refs #18659. 2015-01-17 08:13:36 -05:00
Tim Graham 61ad1ea92b Removed django.utils.functional.memoize per deprecation timeline.
refs #21351.
2015-01-17 07:55:32 -05:00
Tim Graham b952c3fc60 Removed django.utils.unittest per deprecation timeline. 2015-01-17 07:32:22 -05:00
Tim Graham ce78b954cf Removed django.utils.importlib per deprecation timeline. 2015-01-17 07:14:21 -05:00
Tim Graham 1c8b637ed9 Removed django.utils.dictconfig per deprecation timeline. 2015-01-17 07:13:51 -05:00
Tim Graham 69b5e66738 Fixed is_safe_url() to handle leading whitespace.
This is a security fix. Disclosure following shortly.
2015-01-13 13:03:06 -05:00
Claude Paroz 543df07720 Fixed #24073 -- Returned None for get_language when translations are deactivated
This fixes a regression caused by f7c287fca9. Thanks Markus Holtermann
for identifying the regression.
2015-01-08 17:43:07 +01:00
Tim Graham 52f0b2b622 Updated six to 1.9.0. 2015-01-02 12:35:41 -05:00
Aymeric Augustin 7eefdbf7ab Cleaned up the django.template namespace.
Since this package is going to hold both the implementation of the Django
Template Language and the infrastructure for Multiple Template Engines,
it should be untied from the DTL as much as possible within our
backwards-compatibility policy.

Only public APIs (i.e. APIs mentioned in the documentation) were left.
2014-12-28 14:47:31 +01:00
Aymeric Augustin 6d52f6f8e6 Fixed #23831 -- Supported strings escaped by third-party libs in Django.
Refs #7261 -- Made strings escaped by Django usable in third-party libs.

The changes in mark_safe and mark_for_escaping are straightforward. The
more tricky part is to handle correctly objects that implement __html__.

Historically escape() has escaped SafeData. Even if that doesn't seem a
good behavior, changing it would create security concerns. Therefore
support for __html__() was only added to conditional_escape() where this
concern doesn't exist.

Then using conditional_escape() instead of escape() in the Django
template engine makes it understand data escaped by other libraries.

Template filter |escape accounts for __html__() when it's available.
|force_escape forces the use of Django's HTML escaping implementation.

Here's why the change in render_value_in_context() is safe. Before Django
1.7 conditional_escape() was implemented as follows:

    if isinstance(text, SafeData):
        return text
    else:
        return escape(text)

render_value_in_context() never called escape() on SafeData. Therefore
replacing escape() with conditional_escape() doesn't change the
autoescaping logic as it was originally intended.

This change should be backported to Django 1.7 because it corrects a
feature added in Django 1.7.

Thanks mitsuhiko for the report.
2014-12-27 18:02:34 +01:00
Aymeric Augustin 5c5eb5fea4 Fixed an inconsistency introduced in 547b1810.
mark_safe and mark_for_escaping should have been kept similar.

On Python 2 this change has no effect. On Python 3 it fixes the use case
shown in the regression test for mark_for_escaping, which used to raise
a TypeError. The regression test for mark_safe is just for completeness.
2014-12-27 17:44:54 +01:00
Gavin Wahl b4e76f30d1 Fixed #23346 -- Fixed lazy() to lookup methods on the real object, not resultclasses.
Co-Authored-By: Rocky Meza <rmeza@fusionbox.com>
2014-12-26 11:30:34 -05:00
Tim Graham 3325ec869c Fixed #24045 -- Removed useless mark_safe() call in trans_null.py 2014-12-26 07:42:49 -05:00
Claude Paroz 234a2e0b6b Fixed #23866 -- Harmonized refs to Django documentation from code 2014-12-25 13:53:13 +01:00
Collin Anderson 5dddd79433 Fixed #20349 -- Moved setting_changed signal to django.core.signals.
This removes the need to load django.test when not testing.
2014-12-24 07:18:43 -05:00
Oscar Ramirez 54085b0f9b Fixed #23998 -- Added datetime.time support to migrations questioner. 2014-12-22 07:24:54 -05:00
Marc Tamlyn 57554442fe Fixed #2443 -- Added DurationField.
A field for storing periods of time - modeled in Python by timedelta. It
is stored in the native interval data type on PostgreSQL and as a bigint
of microseconds on other backends.

Also includes significant changes to the internals of time related maths
in expressions, including the removal of DateModifierNode.

Thanks to Tim and Josh in particular for reviews.
2014-12-20 18:28:29 +00:00
Michael Hall 895dc880eb Fixed #23812 -- Changed django.utils.six.moves.xrange imports to range 2014-12-13 12:45:58 -05:00
Jon Dufresne 4468c08d70 Fixed #23968 -- Replaced list comprehension with generators and dict comprehension 2014-12-08 07:58:23 -05:00
Berker Peksag 560b4207b1 Removed redundant numbered parameters from str.format().
Since Python 2.7 and 3.1, "{0} {1}" is equivalent to "{} {}".
2014-12-03 14:27:38 -05:00
Eric Rouleau 9d1a69579b Fixed #23935 -- Converted decimals to fixed point in utils.numberformat.format 2014-12-03 07:49:06 -05:00
Tom V d049b36f91 Fixed typo in django/utils/decorators.py comment. 2014-11-24 10:45:29 -05:00
Aymeric Augustin 9d3d1a0321 Simplified caching of supported languages. 2014-11-19 21:35:40 +01:00
Aymeric Augustin e23240474b Simplified caching of get_default_timezone(). 2014-11-19 21:35:39 +01:00
Berker Peksag d552da1f8d Fixed #22407 -- Added AdminEmailHandler.send_mail(). 2014-11-15 09:38:19 +01:00
Tim Graham 7ef81b5cdd Removed thread customizations of six which are now built-in. 2014-11-13 10:30:53 +01:00
Aymeric Augustin b8ba73cd0c Raised SuspiciousFileOperation in safe_join.
Added a test for the condition safe_join is designed to prevent.

Previously, a generic ValueError was raised. It was impossible to tell
an intentional exception raised to implement safe_join's contract from
an unintentional exception caused by incorrect inputs or unexpected
conditions. That resulted in bizarre exception catching patterns, which
this patch removes.

Since safe_join is a private API and since the change is unlikely to
create security issues for users who use it anyway -- at worst, an
uncaught SuspiciousFileOperation exception will bubble up -- it isn't
documented.
2014-11-11 19:05:14 +01:00
Tim Graham b07aa52e8a Added a dummy class for HTMLParserError; refs #23763. 2014-11-05 09:54:35 -05:00
Tim Graham 81477c91f6 Updated six to 1.8.0. 2014-11-04 20:38:38 -05:00
Unai Zalakain c548c8d0d1 Fixed #18456 -- Added path escaping to HttpRequest.get_full_path(). 2014-11-03 07:59:19 -05:00
Markus Holtermann ed2f96819c Fixed #23715 -- Prevented urlize from treating a trailing ! as part of an URL
Thanks to 57even for the report.
2014-10-31 08:06:40 -04:00
Markus Holtermann 98da408964 Fixed #23670 -- Prevented partial import state during module autodiscovery
Thanks kostko for the report.
2014-10-31 08:01:47 -04:00
David Hoffman 03467368db Fixed #23558 -- documented slugify limitations 2014-10-30 09:02:04 -04:00
John-Scott Atlakson dbf7a3df45 Fixed #23688 -- Updated cached_property to preserve docstring of original function 2014-10-20 17:59:07 -04:00
Jon Dufresne 54e695331b Fixed #20221 -- Allowed some functions that use mark_safe() to result in SafeText.
Thanks Baptiste Mispelon for the report.
2014-10-20 17:08:29 -04:00
Jon Dufresne 59026bfbf9 Fixed #23668 -- Changed make_aware() and make_naive() to use the current timezone by default
Thanks Aymeric Augustin for review.
2014-10-20 12:42:10 -04:00
Thomas Chaumeny b962653060 Fixed #23664 -- Provided a consistent definition for OrderedSet.__bool__
This also defines QuerySet.__bool__ for consistency though this should not have any consequence as bool(qs) used to fallback on QuerySet.__len__ in Py3.
2014-10-16 14:16:24 +02:00
Anubhav Joshi 10b17a22be Fixed #19508 -- Implemented uri_to_iri as per RFC.
Thanks Loic Bistuer for helping in shaping the patch and Claude Paroz
for the review.
2014-10-16 02:31:17 +07:00
Florian Apolloner 2ccbaba1f2 Added unicode_literals to the jslexer.
This ensure that ''.join(c) in jslex.py always returns text.
2014-10-15 15:09:35 +02:00
Jaap Roes 115c307184 Fixed #23613 -- Deprecated django.utils.checksums 2014-10-10 09:22:20 -04:00
Tim Graham 9dff5ce7c7 Fixed #23593 -- Fixed crash in AdminEmailHandler with non-ASCII characters in request.
Thanks edevil for the report and Simon Charette for review.
2014-10-06 17:35:53 -04:00
Seth Hill fe2afcd318 Fixed #23569 -- Allowed using configs besides dictConfig in LOGGING_CONFIG. 2014-09-30 17:13:27 -04:00
Thomas Chaumeny b2aad7b836 Replaced set([foo, ...]) by {foo, ...} literals. Refs PR 3282.
Thanks Collin Anderson for the review.
2014-09-29 00:01:38 +07:00
Yuri Kriachko 11f307a5a8 Fixed #23196 -- Short-circuited empty string translation
Translating an empty string used to return the gettext catalog
metadata instead of the empty string.
Thanks Ned Batchelder for the suggestion, Tim Graham for the review
and Anton Berezin and Claude Paroz for contributions to the patch.
2014-09-21 17:08:17 +02:00
Tim Graham fbeb7979ee Avoided using deprecated version of importlib; refs #23418. 2014-09-10 13:07:40 -04:00