Commit Graph

411 Commits

Author SHA1 Message Date
Alex Gaynor c6f90f0053 Fixed MultiValueDict's copy implementation to be consistant with all other copies.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14366 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-27 20:39:20 +00:00
Luke Plant 5864834fa5 Fixed a bug with method_decorator not preserving the attributes of the wrapped method, which is important for decorators like csrf_exempt
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14311 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-21 14:56:49 +00:00
Russell Keith-Magee f657079c70 Fixed #14486 -- Modified the import order for the bundled unittest so that a locally installed unittest2 (which will have more features) will supersede the Python 2.7 native version. Thanks to Michael Foord for the suggestion.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14259 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-18 16:01:11 +00:00
Luke Plant d81b3aa739 Fixed Python 2.4 incompatibility introduced in [14218]
sha_constructor was incorrectly used instead of sha_hmac (which only made a
difference under 2.4).

Thanks to Steffan Kaminski for report and patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14233 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-15 11:11:08 +00:00
Luke Plant 45c7f427ce Fixed #14445 - Use HMAC and constant-time comparison functions where needed.
All adhoc MAC applications have been updated to use HMAC, using SHA1 to
generate unique keys for each application based on the SECRET_KEY, which is
common practice for this situation. In all cases, backwards compatibility
with existing hashes has been maintained, aiming to phase this out as per
the normal deprecation process. In this way, under most normal
circumstances the old hashes will have expired (e.g. by session expiration
etc.) before they become invalid.

In the case of the messages framework and the cookie backend, which was
already using HMAC, there is the possibility of a backwards incompatibility
if the SECRET_KEY is shorter than the default 50 bytes, but the low
likelihood and low impact meant compatibility code was not worth it.

All known instances where tokens/hashes were compared using simple string
equality, which could potentially open timing based attacks, have also been
fixed using a constant-time comparison function.

There are no known practical attacks against the existing implementations,
so these security improvements will not be backported.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14218 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-14 20:54:30 +00:00
Russell Keith-Magee 121d2e3678 Fixed #12991 -- Added unittest2 support. Thanks to PaulM for the draft patch, and to Luke, Karen, Justin, Alex, Łukasz Rekucki, and Chuck Harmston for their help testing and reviewing the final patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14139 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-11 12:55:17 +00:00
Russell Keith-Magee 1070c57b83 Fixed #14436 -- Escalated 1.2 PendingDeprecationWarnings to DeprecationWarnings, and removed 1.1 deprecated code.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14138 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-11 12:20:07 +00:00
Russell Keith-Magee a904e55859 Fixed #11509 -- Modified usage of "Web" to match our style guide in various documentation, comments and code. Thanks to timo and Simon Meers for the work on the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14069 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-09 08:12:50 +00:00
Russell Keith-Magee fea159282b Fixed #14406 -- Added a Python 2.4 compatibility to the logging interface. Thanks to Łukasz Rekucki for the report, and to Luke Plant for original patch this was based on.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13989 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-06 15:02:26 +00:00
Russell Keith-Magee 24acca4139 Fixed #12012 -- Added support for logging. Thanks to Vinay Sajip for his draft patch, and to the many people who gave feedback during development of the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13981 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-04 15:12:39 +00:00
Jannis Leidel d80d2e8103 Fixed #14053 -- Also localize long integers. Thanks, David Danier.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13920 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-27 16:21:16 +00:00
Jannis Leidel bf8c93f2cf Fixed #14306 -- Cleaned up django.utils.translation module a bit to be quicker. Thanks for the report and initial patch, Anssi Kääriäinen.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13899 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-27 15:25:38 +00:00
Jannis Leidel 534792d055 Fixed #14290 -- Made format localization faster by caching the format modules. Thanks, Teemu Kurppa and Anssi Kääriäinen for the report and initial patches.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13898 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-27 15:25:08 +00:00
Luke Plant 6fb4f6e299 Fixed #13765 - 'safe' parameter for urlencode filter
Thanks to KyleMac for the suggestion and SmileyChris for the patch

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13849 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-13 23:01:34 +00:00
Jannis Leidel 7bb6abed12 Fixed #13702 -- Made sure to actually fall back to the l10n format strings provided in the settings, when disabled.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13770 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-12 19:40:44 +00:00
Justin Bronn 1efa807703 Fixed #12632 -- Improved performance of `SortedDict`. Thanks, Alex Gaynor.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13742 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-11 02:28:16 +00:00
Malcolm Tredinnick 255147c97e Added more readable __str__ and __repr__ methods to MergeDict.
Thanks, john@calixto.net. Fixed #3508.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13721 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-10 19:24:24 +00:00
Russell Keith-Magee 806f3b26f8 Fixed #11021 -- Clarified newline stripping behavior in the truncatewords and truncatewords_html filters. Thanks to Ben Spaulding for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13555 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-07 14:57:24 +00:00
Russell Keith-Magee c4b6edf3b8 Fixed #12746 -- Updated sorting calls to use 'key' instead of 'cmp'. This will be slightly faster in certain circumstances, but more importantly, is a required step for migration to Python 3. Thanks to Martin van Loewis for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13509 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-06 16:31:44 +00:00
Karen Tracey adc9458541 Fixed #13653: Fixed django.utils.hashcompat to support running on Python 2.4 with standalone hashlib.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13310 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-28 11:46:03 +00:00
Jannis Leidel 34ddcd9939 Fixed #13547 -- Made sure the ISO 8601 date formatting introduced in r12058 uses "T" as the separator between the date and the time value to increase real world usefulness.
While the ISO standard permits the use of a space instead of "T" for readability, it does have an impact on standards like HTML5 which rely on specific rules made in RFC 3339.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13266 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-16 15:54:10 +00:00
Luke Plant b29b0f8cac Corrected 'name' of functions wrapped with method_decorator
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13249 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-13 11:11:27 +00:00
Brian Rosner 47639b6410 Fixed #3469 -- added django.utils documentation for stable bits
Thanks to Rupe and Ramiro Morales for their initial work on this patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13140 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-08 21:38:27 +00:00
Russell Keith-Magee 5211f48ae3 Fixed #12164 -- Removed the Python 2.3 compatibility imports and workarounds. Thanks to timo and claudep for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13094 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-04 14:00:30 +00:00
Russell Keith-Magee 4ca7c4e34d Fixed #13464 -- Reworked module_has_submodule to break the requirement for loader and finder to be the same class. Thanks to Alex Gaynor for the report and patch, and Brett Cannon for suggesting the approach.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13082 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-04 06:14:47 +00:00
Jannis Leidel 77c13844ae Fixed #11068 - Introduced new language code "nb" for Norwegian Bokmål as a replacement of the current "no".
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13047 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-29 14:36:09 +00:00
Russell Keith-Magee 9872badf33 Fixed #13404 -- Reworked module_has_submodule() to allow it to work under AppEngine. Thanks to Waldemar Kornewald for the report and testing help.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13023 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-25 13:18:24 +00:00
Russell Keith-Magee ebfe9383bf Fixed #13370 -- Corrected the handling of pickling for lazy() proxy objects. Thanks to Alex Gaynor for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13000 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-19 12:40:46 +00:00
Karen Tracey 29341aaffc Fixed #13348: Restored ability to load models from apps in eggs. Thanks Ramiro and metzen for pointers on how to find out if a module loaded from an egg has a particular submodule.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12982 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-04-15 18:44:51 +00:00
Russell Keith-Magee 7d25682108 Fixed #13234 -- Rejiggered the imports in the translation utils . Thanks to roklenardic and Spark23 for their reports, and to Alex for his suggestion on a potential fix.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12875 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-29 08:14:57 +00:00
Russell Keith-Magee ad5afd6ed2 Fixed #12769, #12924 -- Corrected the pickling of curried and lazy objects, which was preventing queries with translated or related fields from being pickled. And lo, Alex Gaynor didst slayeth the dragon.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12866 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-27 15:54:31 +00:00
Jannis Leidel 10d4094b86 Fixed #13054 - Only apply grouping to integer part of numbers if explicitly wanted. Thanks, Ramiro Morales.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12816 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-20 15:26:41 +00:00
Russell Keith-Magee be8a1f612d Fixed #12849 -- Corrected the way strings are encoded for display by the colorizer so that they work with unicode. Thanks to jype for the report, and frasern for his work on the issue.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12803 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-18 13:24:11 +00:00
Russell Keith-Magee 615eab6b02 Fixed #13093 -- Updated some decorators and the decorator_from_middleware function to allow callable classes to be decorated. Thanks to Brian Neal for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12762 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-12 13:06:13 +00:00
Jannis Leidel 0d2a24fd42 Fixed #12779 - Sanitize numeric form field input according to decimal and thousand separator settings.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12625 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 10:19:24 +00:00
Jannis Leidel 284e7e3cbd Refined changes made in r12546 to also respect the request.LANGUAGE_CODE in case the LocaleMiddleware is used to discover the language preference.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12624 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 10:19:01 +00:00
Karen Tracey 9e95d6f604 Fixed #12302: Modified force_unicode to avoid raising unicode errors when
handed exceptions with non-ASCII bytestring data and no working unicode method
under Python 2.6 and higher.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@12621 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-28 15:18:03 +00:00
Joseph Kocherhans c8cd8b80aa Fixed #12119. Changed smart_split to stop splitting on whitespace in quotes. Thanks, emulbreh.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12581 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-24 20:52:14 +00:00
Jannis Leidel 2164e138e3 Fixed #5691 - Adds the active language to the cache key. Thanks, Antoni Aloy, Ramiro Morales and Yann Malet.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12546 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-23 20:45:28 +00:00
Joseph Kocherhans b3d20ade47 Fixed #12820. Implemented other dict methods for MergeDict. Thanks, Gisle Aas.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12498 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-22 23:38:18 +00:00
Jannis Leidel 12d40a9fd6 Fixed #11384 - Make sure translations in the project directory really override translations in apps as specified in the docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12447 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-16 12:17:17 +00:00
Jannis Leidel 16942e178f Removed Python 2.3 compat code in translation framework.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12446 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-16 12:16:01 +00:00
Jannis Leidel 71da5f62da Fixed #7720 - Fallback to the base language if the sub language given in the language cookie doesn't exist. Thanks, djoume and Ramiro Morales.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12442 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-16 12:13:48 +00:00
Jacob Kaplan-Moss 76afc30229 Fixed a couple Python 2.4 incompatibilities.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12434 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-14 20:29:42 +00:00
Jacob Kaplan-Moss 1d078be448 Fixed #6799 - added an `end_text` argument to `truncate_words`/`truncate_html_words`.
This allows customizing the standard "..." end text. Yes, this is technically a
feature sneaking in after the deadline, but I just couldn't bring myself to punt
it again: we already used that excuse for not getting it into 1.1.

Thanks to Adam Fast and Travis Cline for work on this patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12431 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-14 18:36:48 +00:00
Russell Keith-Magee 0e5836dc07 Fixed #12613 -- Added Q and Z to the list of characters supported by the phone2numeric filter. Thanks to gabrielhurley for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12425 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-13 14:36:21 +00:00
Russell Keith-Magee 03924929ba Fixed #12524 -- Clarified handling of pre-1000AD dates in datetime_safe (and thus, the serializers). Patch includes moving the datetime_safe tests into the utils regressiontests module. Thanks to gsf for the report and initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12423 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-13 14:02:32 +00:00
Luke Plant 4bff194633 Fixed #12804 - regression with decorating admin views.
This is a BACKWARDS INCOMPATIBLE change, because it removes the flawed
'auto_adapt_to_methods' decorator, and replaces it with 'method_decorator'
which must be applied manually when necessary, as described in the 1.2
release notes.

For users of 1.1 and 1.0, this affects the decorators:

 * login_required
 * permission_required
 * user_passes_test

For those following trunk, this also affects:

 * csrf_protect
 * anything created with decorator_from_middleware 

If a decorator does not depend on the signature of the function it is
supposed to decorate (for example if it only does post-processing of the
result), it will not be affected.
 



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12399 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-09 15:02:39 +00:00
Jannis Leidel a28bd76bb6 Fixed #12777 - Localize decimal fields correctly. Thanks, Florian Apolloner
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12382 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-05 00:44:35 +00:00
Russell Keith-Magee c4c27d8a04 Fixed #6188, #6304, #6618, #6969, #8758, #8989, #10334, #11069, #11973 and #12403 -- Modified the syndication framework to use class-based views. Thanks to Ben Firshman for his work on this patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12338 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-28 13:46:18 +00:00