Commit Graph

44 Commits

Author SHA1 Message Date
Tim Graham 8045dff98c Refs #27829 -- Removed settings.DEFAULT_CONTENT_TYPE per deprecation timeline. 2019-01-17 10:50:25 -05:00
Carlton Gibson 876dc306cd
Refs #30102 -- Added comment on use of Template without placeholders in page_not_found() view. 2019-01-16 16:19:56 +01:00
Tom Hacohen 1ecc0a395b Fixed #30070, CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page.
Co-Authored-By: Tim Graham <timograham@gmail.com>
2019-01-03 21:21:55 -05:00
Claude Paroz 301de774c2 Refs #27795 -- Replaced many force_text() with str()
Thanks Tim Graham for the review.
2017-04-27 09:10:02 +02:00
Asif Saifuddin Auvi 5f3a689f71 Imported django.http classes instead of django.http. 2017-02-27 14:47:11 -05:00
Claude Paroz 7b2f2e74ad Refs #23919 -- Removed six.<various>_types usage
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
Vasiliy Faronov ac77c55bc5 Fixed #26567 -- Updated references to obsolete RFC2616.
Didn't touch comments where it wasn't obvious that the code adhered to
the newer standard.
2016-05-03 11:14:40 -04:00
Iacopo Spalletti 21bf685f5e Fixed #25697 -- Made default error views error when passed a nonexistent template_name. 2016-01-14 07:05:38 -05:00
Claude Paroz 70779d9c1c Fixed #24733 -- Passed the triggering exception to 40x error handlers
Thanks Tim Graham for the review.
2015-05-11 22:02:14 +02:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Aymeric Augustin a3e783fe11 Deprecated passing a Context to a generic Template.render.
A deprecation path is required because the return type of
django.template.loader.get_template changed during the
multiple template engines refactor.

test_csrf_token_in_404 was incorrect: it tested the case when the
hardcoded template was rendered, and that template doesn't depend on the
CSRF token. This commit makes it test the case when a custom template is
rendered.
2015-01-12 21:01:34 +01:00
Tim Graham 9344bbb446 Removed django.views.defaults.shortcut and django.conf.urls.shortcut per deprecation timeline. 2014-03-21 07:56:00 -04:00
Claude Paroz 210d0489c5 Fixed #21188 -- Introduced subclasses for to-be-removed-in-django-XX warnings
Thanks Anssi Kääriäinen for the idea and Simon Charette for the
review.
2014-03-08 09:57:40 +01:00
Aymeric Augustin 784377544e Fixed #20822 -- Set content type of default error pages to 'text/html'.
Thanks Jimmy Song for the patch.
2013-08-04 11:04:37 +02:00
Aymeric Augustin acd7b34aaf Advanced deprecation warnings for Django 1.7. 2013-06-29 18:49:37 +02:00
Preston Holmes d228c1192e Fixed #19866 -- Added security logger and return 400 for SuspiciousOperation.
SuspiciousOperations have been differentiated into subclasses, and
are now logged to a 'django.security.*' logger. SuspiciousOperations
that reach django.core.handlers.base.BaseHandler will now return a 400
instead of a 500.

Thanks to tiwoc for the report, and Carl Meyer and Donald Stufft
for review.
2013-05-25 16:27:34 -07:00
Aymeric Augustin 3f2befc931 Deprecated django.views.defaults.shortcut. 2013-03-14 20:30:23 +01:00
Claude Paroz 8bd7b598b6 Fixed #18807 -- Made 404.html and 500.html optional
Thanks Aymeric Augustin for the report and Jannis Leidel for the
review.
2012-09-30 23:16:19 +02:00
Ben Spaulding 24dec9edaa Add reST role to templates named in some view docs.
This makes the templates link up correctly in the admindocs.
2012-06-26 21:45:45 -05:00
Jannis Leidel 1ca6e9b9e2 Fixed #9847 -- Added 403 response handler. Many thanks to kgrandis, adamnelson, vkryachko, fvox13 and Chris Beaven.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16606 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-12 14:15:31 +00:00
Luke Plant 90ac02300e Fixed #14565 - No csrf_token on 404 page.
This solution doesn't have the negative side-effects of [14356].

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14377 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-28 11:47:15 +00:00
Luke Plant 144ab8877f Reverted changeset [14356]
That fix for #14565 introduced test failures.  A better fix will
follow shortly.

Refs #14565

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14376 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-28 11:46:57 +00:00
Luke Plant 851f42ba27 Fixed #14565 - No csrf_token on 404 pages
Thanks to gvangool for report and patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14356 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-26 18:09:20 +00:00
Adrian Holovaty 40cb11a554 Moved the bulk of the shortcut() function in django/views/defaults.py to a new module, django/contrib/contenttypes/views.py. As a result, django/views/defaults.py no longer relies on django.contrib.contenttypes. Of course, the shortcut() function is still available in the former module, for backwards compatibility. See the new FutureBackwardsIncompatibleChanges wiki page.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9001 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-10 05:56:34 +00:00
Adrian Holovaty 16482911fd Fixed #7127 -- Fixed incorrect docstring for page_not_found() view. Thanks, kcarnold and Simon Greenhill
git-svn-id: http://code.djangoproject.com/svn/django/trunk@7650 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-06-16 03:41:03 +00:00
Adrian Holovaty c7b49792f4 Fixed #4685 -- 'View on site' now works for https URLs. Thanks, cbrand@redback.com, treborhudson@gmail.com, Jeff Hilyard
git-svn-id: http://code.djangoproject.com/svn/django/trunk@5594 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-07-03 15:11:49 +00:00
Malcolm Tredinnick 880e3cfaa6 Backed out the changes in [5482] for a bit whilst some more investigation into
side-effects is done. Refs #4565.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5511 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-22 07:15:04 +00:00
Malcolm Tredinnick bccb8897e6 Fixed #4565 -- Changed template rendering to use iterators, rather than
creating large strings, as much as possible. This is all backwards compatible.
Thanks, Brian Harring.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@5482 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-06-17 07:11:37 +00:00
Jacob Kaplan-Moss 9368f67b2b Added a comment to the 404/500 views so that people with DEBUG=False and no 404/500 template will get a clue about which template to create.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@4612 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-02-26 17:43:41 +00:00
Adrian Holovaty 10229c4a1e Changed default 500 view NOT to use RequestContext, to lessen the chance that the 500 view would raise an error in itself
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3193 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-06-22 16:28:40 +00:00
Adrian Holovaty dc4f726df9 Fixed #688 -- Changed default 404 and 500 views to use RequestContext
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3179 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-06-20 14:07:48 +00:00
Luke Plant 7a62bac56e Made QuerySet slicing return IndexError instead of DoesNotExist (and related changes).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2859 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-05-06 18:46:53 +00:00
Adrian Holovaty f69cf70ed8 MERGED MAGIC-REMOVAL BRANCH TO TRUNK. This change is highly backwards-incompatible. Please read http://code.djangoproject.com/wiki/RemovingTheMagic for upgrade instructions.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@2809 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2006-05-02 01:31:56 +00:00
Adrian Holovaty 57981fb2fa Changed views.defaults page_not_found and server_error to pass in optional template_name override
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1350 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-22 05:47:51 +00:00
Adrian Holovaty 1b035c35d9 BACKWARDS-INCOMPATIBLE CHANGE -- Moved flatpages and redirects to standalone apps in django.contrib that are NOT installed by default. See http://code.djangoproject.com/wiki/BackwardsIncompatibleChanges for full migration information.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1166 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-11-11 04:45:05 +00:00
Jacob Kaplan-Moss c3377c1eae Fixed shortcut redirect handler
git-svn-id: http://code.djangoproject.com/svn/django/trunk@1012 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-10-26 14:01:53 +00:00
Adrian Holovaty 383704ac84 Fixed #634 -- Changed shortcut view to accept get_absolute_url()s that return URLs starting with http. Thanks, Hugo
git-svn-id: http://code.djangoproject.com/svn/django/trunk@903 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-10-17 13:24:29 +00:00
Adrian Holovaty f71f854628 Fixed #626 -- Moved template modules to django.core.template package. django.core.template_loader is deprecated, in favor of django.core.template.loader.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@867 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-10-14 20:10:13 +00:00
Adrian Holovaty 25264c8604 Fixed #122 -- BIG, BACKWARDS-INCOMPATIBLE CHANGE. Changed model syntax to use fieldname=FieldClass() syntax. See ModelSyntaxChangeInstructions for important information on how to change your models
git-svn-id: http://code.djangoproject.com/svn/django/trunk@549 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-08-25 22:51:30 +00:00
Adrian Holovaty 786c750c40 Fixed #163 -- Added 'pk' database API option, which is a shorthand for (primary_key)__exact
git-svn-id: http://code.djangoproject.com/svn/django/trunk@316 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-07-26 16:11:43 +00:00
Adrian Holovaty d384870307 Changed django.views.defaults to use template.Context instead of core.extensions.DjangoContext
git-svn-id: http://code.djangoproject.com/svn/django/trunk@233 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-07-20 00:50:37 +00:00
Adrian Holovaty f4c581158d Renamed CMSRequest to DjangoRequest, and CMSContext to DjangoContext. Old code will still work.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@57 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-07-15 17:09:01 +00:00
Adrian Holovaty 2e4322123f Changed many-to-many API to be get_FOO_list instead of get_FOOs
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-07-14 03:17:09 +00:00
Adrian Holovaty ed114e1510 Imported Django from private SVN repository (created from r. 8825)
git-svn-id: http://code.djangoproject.com/svn/django/trunk@3 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2005-07-13 01:25:57 +00:00