Commit Graph

151 Commits

Author SHA1 Message Date
Ramiro Morales 26b8122087 Fixed #14675 -- Completed removal of `from django.conf.urls.default import *` usage.
This applies to both our own [test] code and documentation examples. Also:
 * Moved the functions and handlers from `django.conf.urls.defaults` up to
   `django.conf.urls` deprecating the former module.
 * Added documentation for `handler403`.
 * Tweaked the URLs topic document a bit.

Thanks to pupeno and cdestigter for their great work contributing patches.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16818 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-11 22:36:16 +00:00
Jannis Leidel 8258fe7845 Fixed #16042 -- Use the content types caching in the comments contrib app. Thanks, ptone, Julien Phalip and Thejaswi Puthraya.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16737 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-09 18:34:24 +00:00
Jannis Leidel ddaca29d3d Fixed a bunch of imports of the email stdlib module now that we are on Python 2.5 to ease the Python 3 port. Thanks, Martin von Löwis.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16731 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-09 16:18:38 +00:00
Jannis Leidel bce890ace4 Fixed #16584 -- Fixed a bunch of typos in code comments. Thanks, Bernhard Essl.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16598 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-12 14:14:15 +00:00
Jannis Leidel c6ae0fa549 Fixed #16403 -- Correctly use ungettext in comments form. Thanks, poirier.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16505 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-04 16:20:10 +00:00
Jannis Leidel c80914d0d1 Fixed #16221 -- Corrected doc string example in comments permalink template tag. Thanks, Thejaswi Puthraya.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16411 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-16 16:33:54 +00:00
Jannis Leidel 0b1a061881 Replaced old-style with new-style decorator syntax.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16138 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-01 16:46:02 +00:00
Jannis Leidel 0fa8bd3d92 Fixed #15920 -- Removed COMMENTS_BANNED_USERS_GROUP setting in favor of the established comments app customization. Thanks, Daniel Lindsley.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16124 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-29 15:11:17 +00:00
Luke Plant 1b6670dd59 Fixed #15904 - render_comment_form executes unnecessary query for object
Thanks to stefanw for report and patch!

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16103 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-26 11:28:50 +00:00
Luke Plant 26cda43012 Switched to HTML5 doctype in all Django supplied templates.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16050 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-20 17:40:53 +00:00
Russell Keith-Magee d60ae0b721 Removed deprecated 'no' translation
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15988 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-02 08:43:43 +00:00
Luke Plant 5fa11b0035 Removed Django 1.2 compatibility fallback for contrib.comments forms hash.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15953 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-30 17:35:12 +00:00
Adrian Holovaty a87be3554f Removed a bunch of Python 2.4 workarounds now that we don't support it. Refs #15702 -- thanks to jonash for the patch. Splitting this over muliple commits to make it more manageable.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15926 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-28 01:40:43 +00:00
Jannis Leidel ada8e2a6fa Pulled translation updates from Transifex again.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15886 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-20 22:16:14 +00:00
Ramiro Morales 5347bbd514 Fixed plural forms formula for the Croatian (hr) localization by manually overriding the header of affected .po files and re-generating .mo files, this seems to be a quirck in Transifex export to PO functionality. Thanks bmihelac fot the report. Refs #15634.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15875 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-17 22:56:10 +00:00
Jannis Leidel 1bbe626033 Pulled comments translation updates from Transifex.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15827 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-15 20:07:32 +00:00
Jannis Leidel 90564a156c Fixed Hungarian, Russian, Serbian and Ukranian plural forms introduced in r15680.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15752 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-04 01:07:11 +00:00
Jannis Leidel c11140d04b Fixed plural forms of Irish translation introduced in r15680.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15751 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-04 01:05:10 +00:00
Jannis Leidel 53b2a25396 Fixed plural forms of Welsh translation introduced in r15680.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15750 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-04 01:04:31 +00:00
Jannis Leidel bef353873e Fixed plural forms of Bosnian translation introduced in r15680.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15749 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-04 01:03:14 +00:00
Jannis Leidel c0fb9bd00b Fixed #13411 -- Made sure URL fragments are correctly handled by the next_redirect utility of the comments apps. Thanks, timesong, dpn and Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15720 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-03 13:03:53 +00:00
Jannis Leidel 4d30e8bccc Updated comments translations from transifex.net. Refs #15300.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15685 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-01 08:57:42 +00:00
Russell Keith-Magee c2518f55c7 Fixed #15491 -- Added a CDATA block and closed a stray tag in the comments HTML. Thanks to Jonathan Slenders for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15642 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-25 01:03:18 +00:00
Russell Keith-Magee 7536f63b32 Fixed #14768 -- Added an es_MX locale and initial translation. Thanks to Alonso Bautista Villalobos and the rest of the Mexican translation team.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15433 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-06 06:06:29 +00:00
Jannis Leidel 14e76581fa Added new translation files to comments contrib app.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15262 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-21 18:08:19 +00:00
Jannis Leidel 7655cd8eac Fixed #13743 -- Fixed CommentsAdmin to not blow up if the delete_selected action is disabled. Thanks, Daniel Lindsley.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14996 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-21 14:56:48 +00:00
Jannis Leidel 9b7be918ed Fixed #12325 -- Allows zero values for moderate_after and close_after fields of comment moderators. Thanks, Gabriel Hurley.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14556 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-13 18:42:56 +00:00
Luke Plant 45c7f427ce Fixed #14445 - Use HMAC and constant-time comparison functions where needed.
All adhoc MAC applications have been updated to use HMAC, using SHA1 to
generate unique keys for each application based on the SECRET_KEY, which is
common practice for this situation. In all cases, backwards compatibility
with existing hashes has been maintained, aiming to phase this out as per
the normal deprecation process. In this way, under most normal
circumstances the old hashes will have expired (e.g. by session expiration
etc.) before they become invalid.

In the case of the messages framework and the cookie backend, which was
already using HMAC, there is the possibility of a backwards incompatibility
if the SECRET_KEY is shorter than the default 50 bytes, but the low
likelihood and low impact meant compatibility code was not worth it.

All known instances where tokens/hashes were compared using simple string
equality, which could potentially open timing based attacks, have also been
fixed using a constant-time comparison function.

There are no known practical attacks against the existing implementations,
so these security improvements will not be backported.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@14218 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-14 20:54:30 +00:00
Russell Keith-Magee a904e55859 Fixed #11509 -- Modified usage of "Web" to match our style guide in various documentation, comments and code. Thanks to timo and Simon Meers for the work on the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14069 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-09 08:12:50 +00:00
Adrian Holovaty 157583f916 Fixed #14412 -- Pointed contrib.comments comments-url-redirect URLpattern at the actual view instead of the deprecated view. Thanks, subsume
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13995 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-06 22:56:52 +00:00
Luke Plant 763bcf8472 Fixed paste-o in [13855]
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13857 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-14 21:40:23 +00:00
Luke Plant 34a4af50be Fixed #2283 (again) - comment form templates don't validate as XHTML
Thanks to hjoreteg/thejaswi_puthraya for the report and patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@13855 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-14 14:22:35 +00:00
Karen Tracey e434573ef1 Changed the comments post view code to avoid raising an exception if handed invalid data for the object pk. Thanks to Leo for the test.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12800 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-16 22:37:45 +00:00
Russell Keith-Magee fbf00078e1 Fixed #12940 -- Modified some admin actions in contrib.comments to use ungettext in order to support Russian (and similar) pluralization rules. Thanks to void for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12770 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-12 15:32:06 +00:00
Karen Tracey 80545c3685 Fixed #12151: Ensured the comments code does not cause a server error when a request comes in for a comment specifying an invalid primary key value. Thanks thejaswi_puthraya.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12681 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-05 20:17:52 +00:00
Jacob Kaplan-Moss 8b2662c5de Fixed #10878, an error in the `Moderator` docstring.
Thanks, Travis Cline.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12639 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 20:18:52 +00:00
Russell Keith-Magee c4c27d8a04 Fixed #6188, #6304, #6618, #6969, #8758, #8989, #10334, #11069, #11973 and #12403 -- Modified the syndication framework to use class-based views. Thanks to Ben Firshman for his work on this patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12338 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-28 13:46:18 +00:00
Russell Keith-Magee 3f68d255e2 Fixed #12600 -- Added some extra search paths for comment preview templates, allowing for naming parity with other templates in comments and admin. Thanks to hvdklauw for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12337 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-28 11:30:29 +00:00
Luke Plant 48edb177ed Fixed #12053 - form examples don't validate according to w3c
Thanks to skyl for the report.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12086 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-04 21:55:52 +00:00
Jannis Leidel b9d698e9f2 Fixed #10285 - Added render_comment_list template tag to comments app. Thanks Kyle Fuller for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12082 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-04 02:29:12 +00:00
Jannis Leidel abcf997713 Fixed #11100 - Added get_comment_permalink template tag to comments app to be able to customize the anchor pattern of a comment from the template. Thanks to Idan Gazit for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12080 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-01-04 02:28:09 +00:00
Russell Keith-Magee ff60c5f9de Fixed #1142 -- Added multiple database support.
This monster of a patch is the result of Alex Gaynor's 2009 Google Summer of Code project.
Congratulations to Alex for a job well done.

Big thanks also go to:
 * Justin Bronn for keeping GIS in line with the changes,
 * Karen Tracey and Jani Tiainen for their help testing Oracle support
 * Brett Hoerner, Jon Loyens, and Craig Kimmerer for their feedback.
 * Malcolm Treddinick for his guidance during the GSoC submission process.
 * Simon Willison for driving the original design process
 * Cal Henderson for complaining about ponies he wanted.

... and everyone else too numerous to mention that helped to bring this feature into fruition.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11952 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-12-22 15:18:51 +00:00
Luke Plant 7230a995ce Moved contrib.csrf.* to core code.
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:36:34 +00:00
Luke Plant 8e70cef9b6 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
This is a large change to CSRF protection for Django.  It includes:

 * removing the dependency on the session framework.
 * deprecating CsrfResponseMiddleware, and replacing with a core template tag.
 * turning on CSRF protection by default by adding CsrfViewMiddleware to
   the default value of MIDDLEWARE_CLASSES.
 * protecting all contrib apps (whatever is in settings.py)
   using a decorator.

For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.

Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.

Details of the rationale for these changes is found here:

http://code.djangoproject.com/wiki/CsrfProtection

As of this commit, the CSRF code is mainly in 'contrib'.  The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Jacob Kaplan-Moss 8be1bb2268 Fixed #11625: added comment moderation via admin actions.
This is BACKWARDS INCOMPATIBLE if you were using the completely undocumented moderation view from 1.1. That view's been removed in favor of the admin actions.

Thanks, Thejaswi Puthraya.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11639 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-23 19:22:31 +00:00
Russell Keith-Magee 8aee95ca3e Fixed #11995 -- Modified the admin site definition for comments so that users are shown as a raw id list. Thanks to James Bennett for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11601 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-08 13:30:31 +00:00
Russell Keith-Magee f908eded21 Fixed #9268 -- Ensured that the next argument is passed on when previewing comments. Thanks to leanmeandonothingmachine for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11019 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-17 13:01:40 +00:00
Jacob Kaplan-Moss d246401552 Fixed #11113: fixed a couple of issues that slipped through the cracks when comment moderation was added to `django.contrib.comments`.
The is a potentially backwards-incompatible change for users already relying on the internals of comment moderaration. To wit:

   * The moderation system now listens to the new `comment_will_be_posted`/`comment_was_posted` signals instead of `pre/post_save`. This means that import request-based information is available to moderation as it should be.
   * Some experimental code from `django.contrib.comments.moderation` has been removed. It was never intended to be merged into Django, and was completely untested and likely buggy.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@10784 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-14 15:20:50 +00:00
Jacob Kaplan-Moss 752cc49a62 Fixed #10169: don't accidentally try to redirect to "None" after posting a comment.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10429 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-07 20:22:36 +00:00
Jacob Kaplan-Moss f2bdc14a95 Fixed #10633, #10691: marked strings in the comments app for translation. Thanks, zgoda.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10427 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-07 19:57:01 +00:00