Commit Graph

102 Commits

Author SHA1 Message Date
Carl Meyer 343004c4de Fixed #16568 -- Added RequireDebugFalse filter to prevent sending 500 error emails when DEBUG is True in projects with no explicit LOGGING setting. Thanks to Andreas Pelme for report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16840 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-16 16:41:38 +00:00
Jannis Leidel f3ae496201 Fixed #16833 -- Removed undocumented `mixin` parameter from the `Storage.open()` method as this was an undocumented and obscure feature. Thanks to Marty and Russell for sanity-checking.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16824 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-13 15:10:49 +00:00
Ramiro Morales 26b8122087 Fixed #14675 -- Completed removal of `from django.conf.urls.default import *` usage.
This applies to both our own [test] code and documentation examples. Also:
 * Moved the functions and handlers from `django.conf.urls.defaults` up to
   `django.conf.urls` deprecating the former module.
 * Added documentation for `handler403`.
 * Tweaked the URLs topic document a bit.

Thanks to pupeno and cdestigter for their great work contributing patches.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16818 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-11 22:36:16 +00:00
Russell Keith-Magee 5f287f75f2 Altered the behavior of URLField to avoid a potential DOS vector, and to avoid potential leakage of local filesystem data. A security announcement will be made shortly.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16760 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-10 00:47:00 +00:00
Alex Gaynor 7deb25b8dd Fixed #7596. Added Model.objects.bulk_create, and make use of it in several places. This provides a performance benefit when inserting multiple objects. THanks to Russ for the review, and Simon Meers for the MySQl implementation.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16739 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-09 19:22:28 +00:00
Ramiro Morales 932b1b8d6d Converted links to external topics so they use intersphinx extension markup.
This allows to make these links more resilent to changes in the target URLs.
Thanks Jannis for the report and Aymeric Augustin for the patch.

Fixes #16586.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16720 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-04 21:17:30 +00:00
Julien Phalip 71f017b2a6 Fixed #16059 -- Improved the usability of the admin's vertical and horizontal "filter" widgets, in particular by providing a better visual representation of the buttons' enabled and disabled states, and by providing more elaborate, yet less cluttered, help texts.
Note that this commit is an exception to the current tacit rule that javascript code changes should be avoided until a proper javascript testing framework for Django core is in place. This exception is commanded by the fact that it is to fix a recognized usability issue and that the patch has been (manually) extensively tested in IE6+, Chrome, Safari, Firefox and Opera.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16714 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-31 08:07:07 +00:00
Jannis Leidel 3256862f5f Fixed #16717 -- Added ability to store result of trans template tag in context variable.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16712 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-30 12:09:45 +00:00
Idan Gazit 5ed2cf03bb Added admin browser support policy note.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16711 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-30 08:14:35 +00:00
Russell Keith-Magee be4acff319 Reverted r16662 -- There are bunch of problems with this patch, including failing tests, that I didn't pick up before committing.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16669 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-23 06:31:03 +00:00
Russell Keith-Magee 43024142a1 Fixed #16202 -- Added a Slovenian localflavor. Thanks to Jure Cuhalev <gandalf@owca.info>, Gasper Zejn, Domen Kozar and iElectric for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16662 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-23 04:41:56 +00:00
Jannis Leidel 1ca6e9b9e2 Fixed #9847 -- Added 403 response handler. Many thanks to kgrandis, adamnelson, vkryachko, fvox13 and Chris Beaven.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16606 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-12 14:15:31 +00:00
Jannis Leidel 1d32bdd3c9 Fixed #15252 -- Added static template tag and CachedStaticFilesStorage to staticfiles contrib app.
Many thanks to Florian Apolloner and Jacob Kaplan-Moss for reviewing and eagle eyeing.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16594 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-11 14:07:39 +00:00
Karen Tracey be87f0b0ec Fixed #3615: Added support for loading fixtures with forward references on database backends (such as MySQL/InnoDB) that do not support deferred constraint checking. Many thanks to jsdalton for coming up with a clever solution to this long-standing issue, and to jacob, ramiro, graham_king, and russellm for review/testing. (Apologies if I missed anyone else who helped here.)
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16590 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-07 00:43:26 +00:00
Jannis Leidel 2ccfb6d5c2 Fixed #16101 -- Added parameters to SingleObjectMixin to override the name of the URL keyword arguments used for pk and slug. Thanks, Andrew Ingram and Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16569 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-29 09:41:00 +00:00
Jannis Leidel 3b77458371 Fixed #5025 -- Add a "truncatechars" template filter. Many thanks to Chris Beaven.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16542 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-14 13:47:10 +00:00
Jannis Leidel 94a38dfd0e Fixed #16161 -- Added `--clear` option to `collectstatic` management command to be able to explicitly clear the files stored in the destination storage before collecting.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16509 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-04 21:34:29 +00:00
Jannis Leidel 332a485567 Fixed #16115 -- Added ModelAdmin.save_related method to be able to do pre- or post-save operations for objects related to the parent object currently displayed. Thanks, Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16498 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-03 17:56:43 +00:00
Jannis Leidel 38a2444277 Fixed #16050 -- BACKWARDS-INCOMPATIBLE CHANGE: Moved static files of the admin to conventional file system location.
This also removes the need for ADMIN_MEDIA_PREFIX and replaces it with the convention to find admin's static files at STATIC_URL + 'admin/'.

Thanks to Jacob for the review and general help.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16487 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-30 09:06:19 +00:00
Jannis Leidel c817f2f544 Fixed #16199 -- Added a Cookie based session backend. Many thanks to Eric Florenzano for his initial work and Florian Apollaner for reviewing.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16466 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-26 17:00:24 +00:00
Jannis Leidel 4a10338986 Fixed #14390 and #16262 -- Moved password related functions from auth models to utils module and stopped check_password from throwing an exception. Thanks, subsume and lrekucki.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16456 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-26 16:51:46 +00:00
Carl Meyer 43503b093a Fixed #16288 -- Enabled django.request exception logger regardless of DEBUG setting.
Thanks Matt Bennett for report and draft patch; Vinay Sajip and Russell Keith-Magee for review.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16444 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-22 06:01:44 +00:00
Ramiro Morales b870bf6b9a Fixed #16255 -- Raised minimum PostgreSQL version supported to 8.2.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16423 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-16 20:05:25 +00:00
Jannis Leidel 896e3c69c7 Fixed #11585 -- Added ability to translate and prefix URL patterns with a language code as an alternative method for language discovery. Many thanks to Orne Brocaar for his initial work and Carl Meyer for feedback.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16405 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-15 17:29:10 +00:00
Luke Plant 4047a21fa8 Noted new security overview page in the 1.4 release notes
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16402 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-14 23:37:12 +00:00
Luke Plant 06a2515145 Fixed typo in release notes regarding CSRF with PUT/DELETE etc
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16401 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-14 23:31:45 +00:00
Jannis Leidel f749bb829c Fixed #12875 -- Added get_ordering to ModelAdmin. Many thanks to Manuel Saelices.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16383 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-12 13:04:53 +00:00
Jannis Leidel d27f909d2e Fixed #12847 -- Added name parameter to simple_tag, assignment_tag and inclusion_tag helpers. Thanks, vladmos.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16373 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-11 16:05:28 +00:00
Jannis Leidel ce3c281090 Fixed #811 -- Added support for IPv6 to forms and model fields. Many thanks to Erik Romijn.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16366 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-11 13:48:24 +00:00
Ramiro Morales dff31de20a Fixed #16155 -- Removed Python 2.4 compatibility constructs from code and mentions from docs. Thanks Aymeric Augustin for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16349 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-09 20:01:28 +00:00
Idan Gazit 716601109a Fixed #11834 -- Improved technical 500 stacktrace display.
Thanks to buriy and Aleksandra for the implementation!

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16343 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-09 12:45:11 +00:00
Luke Plant 45e55b9143 Fixed #14614 - filtering of sensitive information in 500 error reports.
This adds a flexible mechanism for filtering what request/traceback
information is shown in 500 error emails and logs. It also applies
screening to some views known to be sensitive e.g. views that handle
passwords.

Thanks to oaylanc for the report and many thanks to Julien Phalip for the
patch and the rest of the work on this.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16339 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-08 22:18:46 +00:00
Luke Plant bb12a02bd8 Deprecated legacy ways of calling cache_page
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16338 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-08 11:12:01 +00:00
Alex Gaynor b67ff14208 Removed an alias for ``django.template.loader`` that had been deprecated since 2005. This should only affect World Online.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16337 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-07 21:17:41 +00:00
Luke Plant 5434ce231d Fixed #11868 - Multiple sort in admin changelist.
Many thanks to bendavis78 for the initial patch, and for input from others.

Also fixed #7309. If people were relying on the undocumented default ordering
applied by the admin before, they will need to add 'ordering = ["-pk"]' to
their ModelAdmin.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16316 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-02 16:18:47 +00:00
Jannis Leidel 632dfa2338 Fixed #9200 -- Added new form wizard to formtools based on class based views. Many thanks to Stephan Jäkel, ddurham and ElliottM for their work.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16307 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-01 13:47:00 +00:00
Luke Plant 1a951fa8d4 Added info to release notes about CSRF improvements
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16306 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-31 21:29:35 +00:00
Luke Plant 524c5fa07a Fixed #14261 - Added clickjacking protection (X-Frame-Options header)
Many thanks to rniemeyer for the patch!

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16298 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-30 22:27:47 +00:00
Jannis Leidel f60d428463 Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-21 14:41:14 +00:00
Adrian Holovaty c5cb2fabd2 Edited docs/releases/1.4.txt changes from [16124]
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16227 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-14 17:58:32 +00:00
Simon Meers 5ecb88c146 Fixed #16014 -- numerous documentation typos -- thanks psmith.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16220 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-13 04:33:42 +00:00
Luke Plant cb060f0f34 Fixed #15258 - Ajax CSRF protection doesn't apply to PUT or DELETE requests
Thanks to brodie for the report, and further input from tow21

This is a potentially backwards incompatible change - if you were doing
PUT/DELETE requests and relying on the lack of protection, you will need to
update your code, as noted in the releaste notes.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16201 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 23:45:54 +00:00
Luke Plant 171df93170 Fixed #15954 - New IGNORABLE_404_URLS setting that allows more powerful filtering of 404s to ignore
Thanks to aaugustin for implementing this.

(Technically this doesn't fix the original report, as we've decided against
having *any* default values, but the new feature makes it possible, and the
docs have an example addressing #15954).

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16160 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-05 20:49:26 +00:00
Jannis Leidel 950e05c3ff Fixed #14262 -- Added new assignment_tag as a simple way to assign the result of a template tag to a context variable. Thanks, Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16149 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-03 11:52:42 +00:00
Jannis Leidel 18d2f4a816 Fixed #5833 -- Modified the admin list filters to be easier to customize. Many thanks to Honza Král, Tom X. Tobin, gerdemb, eandre, sciyoshi, bendavis78 and Julien Phalip for working on this.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16144 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-03 10:44:23 +00:00
Jannis Leidel 0fa8bd3d92 Fixed #15920 -- Removed COMMENTS_BANNED_USERS_GROUP setting in favor of the established comments app customization. Thanks, Daniel Lindsley.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16124 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-29 15:11:17 +00:00
Jannis Leidel 79afd55278 Fixed #5925 -- Added new lazily evaluated version of django.core.urlresolvers.reverse. Thanks, SmileyChris, Preston Timmons and Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16121 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-29 11:49:59 +00:00
Luke Plant 327081f875 Added note about HTML5 to release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16061 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-21 00:00:32 +00:00
Jacob Kaplan-Moss c92e0e4765 Added notes about `select_for_update` to the 1.4 release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16059 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-20 21:00:24 +00:00
Jannis Leidel 196ac8f8b3 Fixed #6213 -- Updated the flatpages app to only append a slash if the flatpage actually exist.
The FlatpageFallbackMiddleware (and the view) now only add a trailing slash and redirect if the resulting URL refers to an existing flatpage. Previously requesting /notaflatpageoravalidurl would redirect to /notaflatpageoravalidurl/, which would then raise a 404. Requesting /notaflatpageoravalidurl now will immediately raise a 404. Also, Redirects returned by flatpages are now permanent (301 status code) to match the behaviour of the CommonMiddleware.

Thanks to Steve Losh for the initial work on the patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16048 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-20 14:41:47 +00:00
Luke Plant 1f5d684f14 Added release notes about the removal of Django 1.2 compatibility fallbacks for signed data
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15955 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-30 17:35:32 +00:00
Luke Plant 4550f95f29 Added stub release notes for 1.4
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15947 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-30 17:34:01 +00:00