Commit Graph

5591 Commits

Author SHA1 Message Date
James Bennett 9e3b327aca Patch CSRF-protection system to deal with reported security issue. Announcement and details to follow.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13698 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-09 00:34:54 +00:00
Luke Plant ef4b29a001 Fixed #13081 - Admin actions lose get-parameters in changelist view
Thanks to joh for report and to SmileyChris for patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13696 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-07 20:55:53 +00:00
Luke Plant 0b37d56481 Fixed #13475 - for tag raises an exception when trying to unpack a non-iterable item
Thanks to SmileyChris for the report and patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13690 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-07 20:30:46 +00:00
Luke Plant bdd13a4daa Fixed #14090 - Many sql queries needed to display change user form
Thanks to Suor for report and patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13683 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-03 18:56:12 +00:00
Luke Plant e8cff0b8f3 Added explanatory note on CSRF failure page for the case of a missing Referer header.
This is intended to help power users who have disabled Referer headers, or
installed add-ons which have done so, and to help web site administrators
with debugging, since this problem will be browser specific and not a
programming error.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13680 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-03 16:28:10 +00:00
Russell Keith-Magee 2a0f4fb5da Fixed #14199 -- Added a missing table creation statement in the db cache backend cull implementation, and added tests for cache culling. Thanks to Tim for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13678 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-31 00:44:46 +00:00
Russell Keith-Magee 0de3e7a756 Fixed #14198 -- Corrected rendering of generic sitemaps when no priority is specified. Thanks to palkeo for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13676 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-30 15:09:12 +00:00
Russell Keith-Magee 6909c22663 Fixed #13798 -- Added connection argument to the connection_created signal. Thanks to liangent for the report, and Alex Gaynor for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13672 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-30 13:21:18 +00:00
Russell Keith-Magee a5c80a28dc Added a missing (empty) models.py file required for the tests from r13644 to actually run.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13670 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-30 12:32:26 +00:00
Luke Plant 5deb3e5a62 Fixed #14162 - Dumpdata needs an option to use the base manager instead of the default manager
Thanks to PaulM for suggestion and patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13669 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-30 11:58:26 +00:00
Luke Plant f9d051d5f0 Fixed #14145 - undeterministic behavior when project or app template contains dotdir
Thanks to marbu for report and patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13668 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-30 11:47:32 +00:00
Russell Keith-Magee 1b7fcf4758 Fixed #12343 -- Added support for connection-by-socket to MySQL using the dbshell management command. Thanks to elyon001@gmail.com for the report, and sfllaw for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-28 13:17:50 +00:00
Russell Keith-Magee 120070ed47 Fixed #13723 -- Improved the legibility of hyperlinks included in admin validation error messages. Thanks to Sebastian Noack for the suggestion and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13659 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-28 12:45:03 +00:00
Russell Keith-Magee f4dd38757c Fixed #13681 -- Added a commented out admindocs entry to the default INSTALLED_APPS for a new project. Thanks to elkan for the report, and andrews for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13658 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-28 12:38:05 +00:00
Russell Keith-Magee 80dd2edabb Fixed #14166 -- Modified the list of state choices in the Indian localflavor to be a list of tuples, not just a list of values. Thanks to gogna for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13656 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-28 12:28:56 +00:00
Russell Keith-Magee 72a7167439 Fixed #5192 -- Modified flatpage admin form to allow ~ and . characters in flatpage names. Thanks to marco.giusti@gmail.com for the report, Idan Gazit for summarizing the issue on the ticket, and ctrochalakis for the initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13655 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-28 12:25:54 +00:00
Russell Keith-Magee e1e2726957 Fixed #6932 -- Added a template tag that gives a list of available flatpages for a given user. Thanks to Dmitri Fedortchenko for the suggestion, and to Mnewman, faldridge and Simon Meers for their work on the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13654 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-28 11:59:14 +00:00
Russell Keith-Magee 34740625ff Removed a stray DEBUG=True test setting introduced in r13641.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13650 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-28 06:12:54 +00:00
Russell Keith-Magee f611ffaab3 Fixed #13820 -- Started the deprecation process for mod_python. Thanks to Robert Coup for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13648 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-28 02:40:57 +00:00
Russell Keith-Magee 46fab8983e Fixed #14164 -- Ensure that sitemap priorities aren't rendered with localized numerical formats. Thanks to dokterbob for the report, and vung for the draft patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13644 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-27 15:16:04 +00:00
Russell Keith-Magee 3f96a7a358 Fixed #14156 -- Modified the way CSRF protection is applied to flatpages so that the flatpage middleware doesn't cause all POSTs resulting in 404s to turn into 403s. Thanks to patrys for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13641 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-27 13:55:11 +00:00
Russell Keith-Magee 8ce4a1991a Fixed #14116 -- Added a flag to enable CSRF checks in the test client. Thanks to jon@licq.org for the suggestion.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13640 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-27 13:54:13 +00:00
Russell Keith-Magee 3c99d06229 Fixed #13951 -- Corrected docstring in formtools wizard. Thanks to suzaku for the report, and lrekucki for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13630 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-23 08:11:24 +00:00
Russell Keith-Magee 26b3fb1e82 Fixed #13140 -- Ensure that request headers are preserved through redirect chains in the test client. Thanks to David Novakovic for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13620 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-21 03:01:46 +00:00
Russell Keith-Magee 1bf25e9bc6 Fixed #13895 -- Refactored aggregation_regress doctests. Thanks to Alex Gaynor for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13614 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-20 14:28:42 +00:00
Russell Keith-Magee c2e3ba3ba0 Fixed #14068 -- Corrected error handling in loaddata when an allow_syncdb method is defined on the router. Thanks to Xavier Ordoquy for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13612 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-20 13:57:24 +00:00
Russell Keith-Magee 015d85aee6 Fixed #14102 -- Ensure that fields that have been excluded from a form aren't included in the unique_for_* checks, either. Thanks to Travis Cline for the report and fix.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13598 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-17 07:07:28 +00:00
Russell Keith-Magee 842ceb5fe6 Fixed #14002 -- Modified filesize filter to ensure strings are translatable. Thanks to claudep for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13594 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-16 04:42:44 +00:00
Russell Keith-Magee 859fc020a7 Fixed #5350 -- Added fallback to default 404/500 handlers when they're not explicitly specified (or imported) in a urls.py file. Thanks to Thomas Güttler for the report and initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13590 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-14 14:27:35 +00:00
Russell Keith-Magee 7e52bb2bc3 Fixed #13796 -- Ensure that builtin tags and filters are included in admin documentation views.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13588 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-14 13:41:56 +00:00
Russell Keith-Magee 047d161164 Fixed #14002 -- Updated filesize filter to support terabyte and petabyte file sizes. Thanks to Aaron T. Myers for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13584 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-14 12:45:15 +00:00
Russell Keith-Magee 4835d86203 Fixed #13699 -- Updated Catalan translation. Thanks to txels.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13583 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-14 12:33:31 +00:00
Russell Keith-Magee b61e7754ca Fixed #13905 -- Updated Basque translation. Thanks to Aitzol Naberan.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13582 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-14 12:32:22 +00:00
Russell Keith-Magee 7b62523b95 Fixed #14079 -- Updated Norwegian Nynorsk translation. Thanks to Håvard Grimelid.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13581 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-14 12:19:44 +00:00
Russell Keith-Magee 6732c98101 Fixed #14084 -- Updated French translation. Thanks to stephaner.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13580 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-14 12:19:19 +00:00
Russell Keith-Magee 597e03cd74 Fixed #14096 -- Corrected Python 2.4 syntax issue. Thanks to PaulM for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13579 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-14 12:11:02 +00:00
Russell Keith-Magee b3dc3a0106 Fixed #13679, #13231, #7287 -- Ensured that models that have ForeignKeys/ManyToManyField can use a a callable default that returns a model instance/queryset. #13679 was a regression in behavior; the other two tickets are pleasant side effects. Thanks to 3point2 for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13577 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-14 12:05:41 +00:00
Ramiro Morales a004ac6eef Fixed typos in es_AR translation.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13572 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-11 12:02:40 +00:00
Russell Keith-Magee 806f3b26f8 Fixed #11021 -- Clarified newline stripping behavior in the truncatewords and truncatewords_html filters. Thanks to Ben Spaulding for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13555 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-07 14:57:24 +00:00
Russell Keith-Magee 973fb63e4f Fixed #14076 -- Updated Danish translation. Thanks to finngruwier.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13546 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-07 14:17:14 +00:00
Russell Keith-Magee 244e7b9334 Fixed #13516 -- Added an internal type definition for AutoFields, so that subclassed fields are handled correctly by the SQL generator. Thanks to manfre for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13540 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-07 07:38:27 +00:00
Russell Keith-Magee 72dc12ed06 Rationalized the verbosity levels (including introducing a new super-verbose level) for syncdb, test and loaddata.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13539 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-07 06:58:14 +00:00
Russell Keith-Magee 7e06065d8b Fixed #13552 -- Added a 'using' parameter to database signals. Thanks to gmandx for the suggestion, and Andrew Godwin for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13538 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-07 06:27:52 +00:00
Russell Keith-Magee 9a63264b09 Fixed #14070 -- Updated Serbian translations. Thanks to janos.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13524 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-07 02:18:03 +00:00
Luke Plant 10906fa75d Fixed #8426 - 'helptext' CSS class - hopefully for real this time.
This file was missing from [13519]

Thanks to mattmcc for the catch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@13522 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-07 01:29:23 +00:00
Ramiro Morales b71f990a9c Tweaked r13520 translation update (one forgtten fuzzy string).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13521 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-06 19:15:58 +00:00
Ramiro Morales 998daa897f Updated es_AR translation.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13520 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-06 19:01:18 +00:00
Russell Keith-Magee 917f433727 Fixed #11159 -- Added mimetype detection to the test client for file uploads. Thanks to notanumber for the report and patch, and lomin for the test case.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13517 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-06 17:14:02 +00:00
Jannis Leidel 7c03f1c97a Updated German translation.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13514 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-06 16:55:44 +00:00
Russell Keith-Magee 4e1c9ec24b Fixed #14069 -- Updated Czech translation. Thanks to Tuttle.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13513 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-08-06 16:54:43 +00:00