7fe5b656c9
Prevented arbitrary file inclusion with {% ssi %} tag and relative paths.
...
Thanks Rainer Koirikivi for the report and draft patch.
This is a security fix; disclosure to follow shortly.
2013-09-10 21:02:48 -04:00
b2b763448f
Fixed #20841 -- Added messages to NotImplementedErrors
...
Thanks joseph at vertstudios.com for the suggestion.
2013-09-10 11:09:59 -04:00
7c6f2ddcd9
Simplify FilterExpression.args_check
2013-09-09 09:03:50 -04:00
28a571348b
Fix #20745 : Don't silence TypeError raised inside templates.
...
Thanks to robin for the report and claudep for the review.
2013-09-08 22:05:35 +02:00
2530735d2d
Fixed a number of flake8 errors -- particularly around unused imports and local variables
2013-09-06 21:56:40 -07:00
8625c7aab3
Fixed #16096 -- Added origin attribute to template instances.
...
Thanks jdunck for the suggestion.
2013-09-06 09:14:52 -04:00
365c3e8b73
Replaced "not PY3" by "PY2", new in six 1.4.0.
2013-09-02 12:11:02 +02:00
11cd7388f7
Fixed #20989 -- Removed useless explicit list comprehensions.
2013-08-30 10:57:51 -04:00
e2f06226ea
Improved {% include %} implementation
...
Merged BaseIncludeNode, ConstantIncludeNode and Include node.
This avoids raising TemplateDoesNotExist at parsing time, allows recursion
when passing a literal template name, and should make TEMPLATE_DEBUG behavior
consistant.
Thanks loic84 for help with the tests.
Fixed #3544 , fixed #12064 , fixed #16147
2013-08-30 10:36:36 +03:00
c7d0ff0cad
Fixed #20989 -- Removed explicit list comprehension inside dict() and tuple()
...
Thanks jeroen.pulles at redslider.net for the suggestion and
helper script.
2013-08-29 12:11:03 -04:00
8d473b2c54
Fixed #7116 -- Optimize RequestContext construction
2013-08-29 10:25:56 +03:00
5cdacbda03
Fixed #17356 -- Allowed {% include %} to render compiled templates
...
Reviewed by Loic Bistuer and Tim Graham.
2013-08-29 10:22:24 +03:00
12023887ea
Fixed #14765 -- Removed unncessary usage of NodeList in ForNode.
...
Thanks traff and FunkyBob for work on the patch.
2013-08-28 09:48:47 -04:00
b785a80d19
Added further fixes, tests for #19949/f33db5a09a.
...
Thanks Susan Tan. Refs #19949 .
2013-08-26 08:47:24 -03:00
f33db5a09a
Fixed 19949 -- Cached template loader now caches TemplateDoesNotExist
...
Thanks @timgraham and @jdunck for the code reviews and Kronuz for bug
report and initial patch.
2013-08-24 09:19:55 -04:00
0073f1d94f
Fixed #20949 -- Typo #2 in docstring
2013-08-21 10:50:08 -04:00
d3ed15b79d
Fixed docstring typo, thanks minddust.
2013-08-21 09:01:52 -04:00
ff410565bf
Fixed #20709 -- Allowed {% widthratio %} to accept an "as" parameter.
...
Thanks clay.evil@ for the suggestion.
2013-08-14 12:40:19 -04:00
71b5617c24
Fixed #17778 -- Prevented class attributes on context from resolving as template variables.
...
Thanks KyleMac for the report, regebro for the patch, and Aymeric for the test.
2013-08-12 12:41:39 -04:00
5154c9f92c
Fixed #20806 -- Cached loader caches find_template
...
The cached template loader should cache find_template in addition to
load_template.
2013-07-30 14:25:30 -04:00
5c1143910e
Removed most of absolute_import imports
...
Should be unneeded with Python 2.7 and up.
Added some unicode_literals along the way.
2013-07-29 20:28:13 +02:00
fdd7a355bf
Deprecated django.utils.importlib
...
This was a shim for pre-Python 2.7 support.
2013-07-29 17:10:22 +02:00
a3e7d73ed7
Allowed Context.push to behave as a context mananger.
...
Thanks Loic Bistuer for the review.
2013-07-17 13:32:32 -04:00
acd7b34aaf
Advanced deprecation warnings for Django 1.7.
2013-06-29 18:49:37 +02:00
8eadbc5a03
Removed 'mimetype' arguments from a few places, as per deprecation TL.
...
This includes HttpResponse and co. __init__() methods,
django.shortcuts.render_to_response() and the index(), sitemap() sitemap
app views.
2013-06-28 21:48:16 -03:00
ec371ace00
Fixed #20650 -- Fixed {% filter %} incorrectly accepting 'escape' as argument
...
Thanks to grzesiof for the report and to loic84 and Alex Gaynor
for the review.
2013-06-25 20:28:35 +02:00
ffcf24c9ce
Removed several unused imports.
2013-06-19 17:18:40 +02:00
7d77e9786a
Fixed #20246 -- Added non-breaking spaces between values an units
2013-05-18 23:01:48 +02:00
9c487b5974
Replaced an antiquated pattern.
...
Thanks Lennart Regebro for pointing it out.
2013-05-17 18:08:58 +02:00
2bcbca3451
Updated some 'Dive Into Python' links
2013-04-01 14:04:41 +02:00
68905695b8
Fixed #19510 -- Race condition in template loading.
...
Thanks Kronuz and regebro.
2013-03-17 23:56:07 +01:00
40b9f4fb8b
[py3] Always fed hashlib with bytes.
2013-02-27 10:02:07 +01:00
87e8dfaa47
Switching to autoescape is not a change in syntax.
2013-02-25 00:43:03 -07:00
3ded2aef71
Remove leading underscore from a function that's all growed up now.
...
This function is now the de facto standard function for rendering values in a
template, and is imported by two other built-in template modules. It shouldn't
have a leading underscore.
2013-02-25 00:33:29 -07:00
636c45fc58
Fixed #19890 -- ifchanged templatetag rendered its content twice
...
The content of ifchanged template tag was rendered twice: first time, to
compare it with the previous value and the second time, to return the
rendered output.
2013-02-24 16:49:28 +01:00
8503120c10
Fixed #15849 -- Made IfChanged node thread safe.
...
Previously, the ifchanged node stored state on `self._last_seen`,
thereby giving undesired results when the node is reused by another
thread at the same time (e.g. globally caching a Template object).
Thanks to akaihola for the report and Diederik van der Boor and
Bas Peschier for the patch.
2013-02-24 16:06:55 +01:00
687d2e967d
Fixed #19827 -- Kept stacktrace in defaulttags exception reraising
...
Thanks Kronuz for the report and the initial patch.
2013-02-23 17:43:17 +01:00
5278776a88
Merge pull request #751 from bmispelon/ticket-6271
2013-02-23 07:47:58 -08:00
f49e9a517f
Fixed #17906 - Autoescaping {% cycle %} and {% firstof %} templatetags.
...
This commit adds "future" version of these two tags with auto-escaping
enabled.
2013-02-23 16:16:39 +01:00
069280a689
Used token.split_contents() for tokenisation in template tags accepting variables.
...
Fixed #6271 , #18260 .
2013-02-23 15:15:30 +01:00
e5a8df06be
Fixed #19846 -- Optimized a dict of lists in BlockContext class
...
Thanks Curtis Maloney for the report and the patch.
2013-02-22 23:55:11 +01:00
f13bfbec70
Fixed #19882 -- Smarter tokenizing of {% for %} tag arguments.
2013-02-22 19:19:33 +01:00
7d5e35cdb4
Fixed #19829 -- Fixed index lookups for NumPy arrays in templates.
2013-02-14 23:29:15 -08:00
138de533ff
Fixed #19819 - Improved template filter errors handling.
...
Wrap the Parser.compile_filter method call with a try/except and call the
newly added Parser.compile_filter_error(). Overwrite this method in the
DebugParser to throw the correct error.
Since this error was otherwise catched by the compile_function try/except
block the debugger highlighted the wrong line.
2013-02-14 10:22:59 +01:00
826d9de00e
Fixed #19729 -- Removed leftover refactoring helper variables.
...
Thanks chrismedrela for the report.
Refs #6262 , 44b90764d94c0c
2013-02-04 20:31:50 -03:00
7c5b244826
Fixed #17061 -- Factored out importing object from a dotted path
...
Thanks Carl Meyer for the report.
2013-02-04 16:38:25 +01:00
a7b7d6320c
Merge pull request #595 from bmispelon/patch-1
...
Fixed a typo in WidthRatioNode.
2012-12-29 13:39:52 -08:00
5d5e1f5afa
Removed support is_safe and needs_autoescape as function attributes.
2012-12-29 21:59:07 +01:00
6534a95ac3
Fixed #19470 - Clarified widthratio example.
...
Thanks orblivion for the suggestion.
2012-12-18 08:20:01 -05:00
ac8eb82abb
Fixed typo in WidthRatioNode's error.
2012-12-17 10:35:36 +01:00
Tim Graham
Gregor MacGregor
Curtis Maloney
Baptiste Mispelon
Alex Gaynor
Preston Timmons
Aymeric Augustin
Simon Charette
Ramiro Morales
SusanTan
Jonathan Slenders
Gavin Wahl
Claude Paroz
Emil Stenström
Łukasz Langa
Carl Meyer
Christopher Medrela
Diederik van der Boor
Lennart Regebro
Vladimir A Filonov
Julien Phalip
Michael van Tellingen