Commit Graph

6971 Commits

Author SHA1 Message Date
Luke Plant 8a5eadd140 Corrected HTML-escaping behaviour of url template tag.
Due to the URL encoding applied by the tag for all parameters that might be
partly controllable by an end-user, there are no XSS/security problems
caused by this bug, only invalid HTML.
2015-07-21 14:04:58 +01:00
Claude Paroz 1da170a203 Fixed #25141 -- Diminished GDAL dependence during geojson serialization
Only require GDAL if contained geometries need coordinate transformations.
Thanks drepo for the report and Tim Graham for the review.
2015-07-20 20:22:29 +02:00
Tim Graham 774c16d16e Fixed #25052; refs #16860 -- Added password validation to UserCreationForm. 2015-07-20 13:44:34 -04:00
Tim Graham f5e9d67907 Refs #16860 -- Moved password_changed() logic to AbstractBaseUser.
Thanks Carl Meyer for review.
2015-07-20 13:44:26 -04:00
Anssi Kääriäinen baa732ac9f Refs #23622 -- Added tests to ensure ordering is retained for distinct on fields subqueries.
The ticket was already fixed by
b68212f539.

Thanks to Beauhurst for commissioning the work on this ticket.
2015-07-20 10:20:21 -04:00
Anssi Kääriäinen 6a9a9e50f2 Fixed test with incorrect assumption about pk values.
The test results were dependent on the order in which the
tests were run.
2015-07-20 10:20:21 -04:00
Tim Graham 6e3fe089dd Replaced six.BytesIO with io.BytesIO 2015-07-20 08:19:47 -04:00
Claude Paroz 19fcf083d3 Replaced try/finally by mock.patch in geos tests 2015-07-18 15:34:40 +02:00
Edward Henderson f8cc464452 Fixed #16501 -- Added an allow_unicode parameter to SlugField.
Thanks Flavio Curella and Berker Peksag for the initial patch.
2015-07-17 13:48:58 -04:00
Tim Graham 28ee511b7e Fixed db.utils.load_backend() on non-ASCII paths. 2015-07-17 08:21:43 -04:00
Claude Paroz 1ef4aeab40 Fixed #25078 -- Added support for disabled form fields
Thanks Keryn Knight and Tim Graham for the reviews.
2015-07-16 19:36:56 +02:00
Tim Graham 1fed8dd715 Fixed #25120 -- Deprecated egg template loader. 2015-07-16 09:32:42 -04:00
Tim Graham c52822e750 Fixed #25128 -- Fixed SQLite SchemaEditor crash when adding a ForeignObject field. 2015-07-15 15:22:52 -04:00
Tim Graham bbbb7ce115 Filtered out 'base' from database backend choices error message. 2015-07-15 10:51:26 -04:00
rroskam ed514caed2 Fixed #24966 -- Added deployment system check for empty ALLOWED_HOSTS. 2015-07-15 09:18:58 -04:00
Keryn Knight c96f11257b Refs #24121 -- Added meaningful repr() to HttpResponse and subclasses. 2015-07-15 09:01:25 -04:00
Tim Graham b356dc4e07 Refs #25085 -- Used more specific assertion in widget test. 2015-07-14 12:17:34 -04:00
Eric Carrillo 8ee6a3f1a8 Fixed #25085 -- Overrode Select widget's __deepcopy__() 2015-07-14 11:56:08 -04:00
Thomas Stephenson 035b0fa60d Fixed #24716 -- Deprecated Field._get_val_from_obj()
The method duplicates the functionality of Field.value_from_object()
and has the additional downside of being a privately named public
API method.
2015-07-14 09:13:22 -04:00
Vlastimil Zíma 8f8c54f70b Fixed #25099 -- Cleaned up HttpRequest representations in error reporting. 2015-07-13 19:22:39 -04:00
Daniel Roseman 24620d71f2 Fixed #25079 -- Added warning if both TEMPLATES and TEMPLATE_* settings are defined.
Django ignores the value of the TEMPLATE_* settings if TEMPLATES is also
set, which is confusing for users following older tutorials. This change
adds a system check that warns if any of the TEMPLATE_* settings have
changed from their defaults but the TEMPLATES dict is also non-empty.

Removed the TEMPLATE_DIRS from the test settings file; this was marked
for removal in 1.10 but no tests fail if it is removed now.
2015-07-13 17:50:22 -04:00
Andrei Kulakov db97a88495 Fixed #24375 -- Added Migration.initial attribute
The new attribute is checked when the `migrate --fake-initial` option
is used. initial will be set to True for all initial migrations (this
is particularly useful when initial migrations are split) as well as
for squashed migrations.
2015-07-13 15:57:40 -04:00
Yosuke Yasuda a2b999dfca Fixed #25108 -- Fixed a test which failed on Pillow 2.9+ 2015-07-13 14:58:44 -04:00
Anssi Kääriäinen 76ac07a909 Refs #24090 -- Added a test for multi-table inheritance + subqueries.
Ticket #24090 was already fixed by
b68212f539, this commit adds tests to
verify this is indeed the case.

Thanks to Beauhurst for commissioning the work on this ticket.
2015-07-13 13:13:54 -04:00
Ben Spaulding 915ef79b08 Fixed #25115 -- Made admindocs view bookmarklet reverse the URL rather than hardcode it. 2015-07-13 12:44:37 -04:00
Anssi Kääriäinen 6f403056f0 Fixed #24923 -- errored out nicely when using aggregates in order_by() 2015-07-13 08:36:25 -04:00
Claude Paroz d72f8862cb Fixed #25072 -- Prevented GDALRaster memory to be uncollectable
Setting GDALRaster.bands as a cached property was creating a circular
reference with objects having __del__ methods, which means the memory
could never be freed.
Thanks Daniel Wiesmann for the report and test, and Tim Graham for the review.
2015-07-10 19:56:17 +02:00
darkryder f675afa13c Fixed #25093 -- Added utils.datastructures.OrderedSet.__len__() 2015-07-09 21:20:52 -04:00
Simon Charette 11e6bf9bdf Fixed a CaptureQueriesContext usage in queries tests. 2015-07-09 16:00:53 -04:00
Simon Charette 3b0cdb1410 Added a regression test for get() ordering clearing. 2015-07-09 16:00:52 -04:00
Simon Charette 07577a2d05 Fixed #25081 -- Prevented DISTINCT ON ordering from being cleared in get().
Thanks to pdewacht for the patch.
2015-07-09 16:00:52 -04:00
Shai Berger 17d3a6d804 Fixed catastrophic backtracking in URLValidator.
Thanks João Silva for reporting the problem and Tim Graham for finding the
problematic RE and for review.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Tim Graham 014247ad19 Prevented newlines from being accepted in some validators.
This is a security fix; disclosure to follow shortly.

Thanks to Sjoerd Job Postmus for the report and draft patch.
2015-07-08 15:23:03 -04:00
Carl Meyer df049ed77a Fixed #19324 -- Avoided creating a session record when loading the session.
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
Andriy Sokolovskiy 13dca01af0 Replaced try..except blocks by context manager in custom lookups tests 2015-07-07 12:03:58 -04:00
David Wolever 0d71349773 Fixed #22804 -- Added warning for unsafe value of 'sep' in Signer
Thanks Jaap Roes for completing the patch.
2015-07-07 11:44:37 -04:00
Tim Graham 6bd8462380 Refs #23658 -- Fixed dbshell tests on Windows. 2015-07-06 16:17:56 -04:00
Alexey Sveshnikov bc98bc56a5 Fixed #25059 -- Allowed Punycode TLDs in URLValidator 2015-07-06 15:08:43 -04:00
Andriy Sokolovskiy b40c551fdf Fixed some unclosed objects in tests 2015-07-06 10:10:40 -04:00
Tim Graham e7c6a2cf9f Refs #4960 -- Fixed selenium test failures for CharField strip changes. 2015-07-06 08:52:50 -04:00
Sylvain Fankhauser f5d5867a4a Fixed #24877 -- Added middleware handling of response.render() errors. 2015-07-03 12:06:40 -04:00
Rigel Di Scala b91a2a499f Fixed #23190 -- Made Paginator.page_range an iterator 2015-07-03 11:34:34 -04:00
Michael Manfre f9c3587b51 Fixed #25055 -- Made m2m long name testing friendlier for 3rd party databases. 2015-07-03 09:00:08 -04:00
Jan Pazdziora 3353684102 Fixed #25032 -- Removed double redirect in admin login. 2015-07-03 08:53:10 -04:00
Tim Graham ca58181bac Fixed #25056 -- Documented minimum version of jinja2 for testing. 2015-07-03 08:20:53 -04:00
Tim Graham c0c7fa4837 Refs #25050 -- Corrected test assertion in serializers test. 2015-07-03 08:03:20 -04:00
Jan Pazdziora a570701e02 Fixed #25029 -- Added PersistentRemoteUserMiddleware for login-page-only external authentication. 2015-07-02 17:38:10 -04:00
Grégoire ROCHER c6cce4de38 Fixed #25050 -- Allowed serialization of models with deferred fields. 2015-07-02 14:46:16 -04:00
Tim Graham 7edd912cfb Used assertRaisesMessage in managers_regress tests. 2015-07-02 14:23:28 -04:00
Chris Lamb 61f3e22e38 Fixed #25054 -- Added app_label to swapped model AttributeError 2015-07-02 14:18:10 -04:00