Luke Plant
8e70cef9b6
Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
...
This is a large change to CSRF protection for Django. It includes:
* removing the dependency on the session framework.
* deprecating CsrfResponseMiddleware, and replacing with a core template tag.
* turning on CSRF protection by default by adding CsrfViewMiddleware to
the default value of MIDDLEWARE_CLASSES.
* protecting all contrib apps (whatever is in settings.py)
using a decorator.
For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.
Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.
Details of the rationale for these changes is found here:
http://code.djangoproject.com/wiki/CsrfProtection
As of this commit, the CSRF code is mainly in 'contrib'. The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Luke Plant
c6e8e5d9f0
Fixed non-standard introspection support in LazyObject.
...
LazyObject called a public method ``get_all_members`` on wrapped objects in
order to allow introspection. This could easily cause name clashes with
existing methods on wrapped objects, and so has been changed to use the
standard methods. This could be slightly backwards-incompatible, in obscure
cases, if the undocumented LazyObject has been used externally.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11636 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-19 21:48:06 +00:00
Russell Keith-Magee
b8b9411ffc
Fixed #11659 -- Corrected a minor typo in the v1.1 release notes. Thanks to agabel for the report.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11537 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:52:25 +00:00
James Bennett
542c33eec8
Add release date to 1.1 release notes.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11365 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-29 05:52:06 +00:00
Jacob Kaplan-Moss
91f18400cc
Added 1.1 release notes.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11362 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-29 05:31:00 +00:00
Russell Keith-Magee
6644ef72c8
Fixed #11519 -- Corrected minor typo in release notes index.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11338 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-27 01:52:23 +00:00
James Bennett
84d86c07e0
Clarify the description of URL namespacing.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11288 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-22 01:41:16 +00:00
James Bennett
d33386c584
Add draft release notes for 1.1 RC 1.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11287 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-22 01:26:47 +00:00
Russell Keith-Magee
b9d1757840
Fixed #11119 -- Corrected spelling error in 1.0 porting guide.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11050 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 13:35:36 +00:00
Jacob Kaplan-Moss
c6c25adf6d
Fixed a whole bunch of small docs typos, errors, and ommissions.
...
Fixes #8358 , #8396 , #8724 , #9043 , #9128 , #9247 , #9267 , #9267 , #9375 , #9409 , #9414 , #9416 , #9446 , #9454 , #9464 , #9503 , #9518 , #9533 , #9657 , #9658 , #9683 , #9733 , #9771 , #9835 , #9836 , #9837 , #9897 , #9906 , #9912 , #9945 , #9986 , #9992 , #10055 , #10084 , #10091 , #10145 , #10245 , #10257 , #10309 , #10358 , #10359 , #10424 , #10426 , #10508 , #10531 , #10551 , #10635 , #10637 , #10656 , #10658 , #10690 , #10699 , #19528 .
Thanks to all the respective authors of those tickets.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10371 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-03 18:30:54 +00:00
Gary Wilson Jr
b4f5655c86
Fixed #10553 -- Corrected several uses of `URLconf` in documentation and comments, according to the Django style guide. Based on patch from rduffield.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10256 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-31 16:07:07 +00:00
Jacob Kaplan-Moss
4246c832b6
Added 1.1 beta release notes.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10130 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-23 23:25:03 +00:00
Luke Plant
4e2533436e
Removed erroneous changes to 1.1 alpha 1 release notes.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10120 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-23 16:37:25 +00:00
Luke Plant
2d28724730
Added CSRF middleware to default settings and updated docs.
...
Updated docs to reflect the change, and the fact that using the
two separate middleware is preferred to using the combined one.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10094 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-19 23:14:20 +00:00
Jacob Kaplan-Moss
28605a9c26
Whitespace fix to [9896].
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9897 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-02-24 02:31:09 +00:00
Jacob Kaplan-Moss
17bb750b08
Cleaned up some reST errors in the 1.1 alpha release notes, and made a few minor edits.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9895 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-02-24 02:21:09 +00:00
James Bennett
f3a95d2d14
Add 1.1 alpha 1 release notes
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9893 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-02-24 01:42:45 +00:00
Karen Tracey
b197fa7ece
Fixed #10152 -- Fixed typo in porting guide. Thanks eagle-eyed anonymous.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9795 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-01-29 20:21:43 +00:00
Malcolm Tredinnick
d1102d63e6
Fixed #9677 -- Fixed a tiny typo in the 1.0.2 release notes.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9584 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-12-07 03:54:45 +00:00
James Bennett
e5437af89a
Forward-port docutils fix from [9497].
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9498 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-19 05:26:31 +00:00
James Bennett
5759f28947
Add 1.0.2 release notes to trunk so they show up online
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9496 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-19 05:21:58 +00:00
James Bennett
2246d526b1
One more correction to the release notes.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9456 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-15 05:57:39 +00:00
James Bennett
1d375e1472
Port [9450] forward to trunk.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9451 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-15 05:36:30 +00:00
James Bennett
f5532f7119
Add 1.0.1 release notes to trunk so they'll show up in the online docs.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9449 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-15 05:21:37 +00:00
Brian Rosner
227a5a4ee6
Corrected a typo in the 1.0 porting guide.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9219 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-09 23:35:34 +00:00
Malcolm Tredinnick
cddece2db1
Fixed #9254 -- Added information to the porting guide about the removal of
...
"core" and the new methods on model file- and image-fields.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9166 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-06 08:30:02 +00:00
James Bennett
b131462d76
Add note to 1.0 porting guide about removal of dictionary access to HTTP request objects
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9153 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-10-05 16:03:58 +00:00
Brian Rosner
2d8d69f9ae
Fixed #9050 -- Fixed a typo in the 1.0 porting guide in the admin section. Thanks ahebert.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9017 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-12 16:56:09 +00:00
Gary Wilson Jr
acf2600a4c
Fixed #8911 -- Several corrections for the 1.0 porting documentation, thanks arien.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8979 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-07 19:15:41 +00:00
Adrian Holovaty
6008485b80
Made a bunch of edits and typo corrections to 1.0-porting-guide.txt
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8966 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-05 00:48:34 +00:00
James Bennett
ca422fd89b
Now that the 1.0 release is finalized, we can fill in the revision number for it.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8962 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-04 05:26:09 +00:00
Jacob Kaplan-Moss
58fad7f9fd
Added the last notes about 1.0, including the inevitable (short!) list of known issues.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8959 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-03 23:10:07 +00:00
Jacob Kaplan-Moss
e62ab77054
A collection of improvements and cleanups to the 1.0 release notes and porting guide.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8937 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-03 19:58:34 +00:00
Jacob Kaplan-Moss
b13276b1ff
Fixed another typo in 1.0 notes.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8874 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 19:45:06 +00:00
Jacob Kaplan-Moss
0a7e454fa2
Fixed a typo in 1.0 notes.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8873 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 19:34:20 +00:00
Jacob Kaplan-Moss
e997a1c3df
Rough draft of 1.0 release notes. Not in any way finished.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8870 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 19:19:20 +00:00
Brian Rosner
6656642d36
Use a lower case 's' in URLS in the 1.0 porting guide.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8869 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 19:08:31 +00:00
Brian Rosner
5ff51f6bb3
Corrected a minor typo in the 1.0 porting guide.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8868 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 19:04:33 +00:00
Jacob Kaplan-Moss
58e3ef76db
Updated API stability document for 1.0.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8866 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 18:45:33 +00:00
Simon Willison
e00aa16e24
Fixed spelling typo in porting guide and added __str__ to __unicode__ to the model example
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8865 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 18:38:55 +00:00
Jacob Kaplan-Moss
23f012dbfa
Cleaned up a bunch of minor doc stuff:
...
* Removed flatpages/redirects README; no other contrib apps have those.
* Cleaned up top-level README to be more readable.
* Removed outdated references to old docs (Fixes #8701 )
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8857 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 16:42:13 +00:00
Jacob Kaplan-Moss
1156db790a
Added a rough draft of the 1.0 porting guide, and an obviously incomplete placeholder for the 1.0 release notes. Thanks to daonb, patrickf, and ramiro for contributions to this porting guide. Refs #8438 .
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8856 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-09-02 16:27:47 +00:00
James Bennett
a20cf7f974
Small typo in notes
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8623 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-27 11:50:02 +00:00
James Bennett
236ceea87f
1.0 beta 2 release notes
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8622 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-27 11:49:42 +00:00
Jacob Kaplan-Moss
97cb07c3a1
Massive reorganization of the docs. See the new docs online at http://docs.djangoproject.com/ .
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8506 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-23 22:25:40 +00:00