7785e03ba8
Fixed #30137 -- Replaced OSError aliases with the canonical OSError.
...
Used more specific errors (e.g. FileExistsError) as appropriate.
2019-01-28 11:15:06 -05:00
8045dff98c
Refs #27829 -- Removed settings.DEFAULT_CONTENT_TYPE per deprecation timeline.
2019-01-17 10:50:25 -05:00
876dc306cd
Refs #30102 -- Added comment on use of Template without placeholders in page_not_found() view.
2019-01-16 16:19:56 +01:00
1ecc0a395b
Fixed #30070 , CVE-2019-3498 -- Fixed content spoofing possiblity in the default 404 page.
...
Co-Authored-By: Tim Graham <timograham@gmail.com>
2019-01-03 21:21:55 -05:00
e671337e8b
Fixed #29750 -- Added View.setup() hook for class-based views.
2018-12-21 19:01:11 -05:00
19e863a844
Fixed #29995 -- Used higher contrast colors in debug page.
2018-12-21 18:00:13 -05:00
226a26cf34
Removed an overridden CSS rule in debug page.
2018-12-21 18:00:03 -05:00
4f8f1b2f24
Fixed #29903 -- Added error message for invalid WeekArchiveView week_format.
2018-10-29 14:22:42 -04:00
82f286cf6f
Refs #29784 -- Switched to https:// links where available.
2018-09-26 08:48:47 +02:00
50b8493581
Refs #29654 -- Replaced three dots with ellipsis character in output strings.
2018-08-22 09:13:58 -04:00
f52b026168
Refs #28457 -- Tweaked colors/layout of the congrats page for readability.
2018-06-27 10:47:59 -04:00
7cdeb23ae7
Fixed #29511 -- Added charset to JavaScriptCatalog's Content-Type header.
2018-06-22 09:15:29 +02:00
238ed313c5
Removed views.i18n.null_javascript_catalog().
...
Unused since de40cfbe74
2018-06-21 11:06:14 -04:00
a177f854c3
Fixed #16470 -- Allowed FileResponse to auto-set some Content headers.
...
Thanks Simon Charette, Jon Dufresne, and Tim Graham for the reviews.
2018-05-15 18:12:11 +02:00
10b44e4525
Fixed #26688 -- Fixed HTTP request logging inconsistencies.
...
* Added logging of 500 responses for instantiated responses.
* Added logging of all 4xx and 5xx responses.
2018-05-04 20:55:03 -04:00
11b8c30b9e
Ref #23919 -- Replaced some os.path usage with pathlib.Path.
2018-04-19 21:30:00 -04:00
ff05de760c
Fixed #29038 -- Removed closing slash from HTML void tags.
2018-01-21 02:09:10 -05:00
3c34452ab5
Refs #23668 -- Removed passing default argument of current TZ to make_aware()/naive.
2018-01-18 11:21:12 -05:00
fcd431c6c3
Improved generic detail view error message for when pk or slug is missing.
2018-01-17 10:58:05 -05:00
1b753b2d60
Fixed #28885 -- Fixed hidden content at the bottom of the "The install worked successfully!" page for some languages.
2018-01-12 19:09:54 -05:00
d7b2aa24f7
Fixed #28982 -- Simplified code with and/or.
2018-01-03 20:12:23 -05:00
d79cf1e9e2
Fixed #28985 -- Removed unneeded None checks before hasattr().
2018-01-03 11:37:06 -05:00
b3cd9fb18b
Refs #15902 -- Made set_language() view always set the current language in a cookie.
...
The plan is to later deprecate/remove storing the language in the session.
2018-01-03 11:25:40 -05:00
a862af3839
Fixed #28893 -- Removed unnecessary dict.items() calls.
2017-12-06 17:17:59 -05:00
d2afa5eb23
Fixed #28860 -- Removed unnecessary len() calls.
2017-12-04 10:35:23 -05:00
23bf4ad87f
Fixed #28795 -- Removed 'not in' checks and used dict.setdefault().
2017-11-14 10:52:52 -05:00
ac6a4eb9f9
Fixed #28719 -- Added a helpful exception if MultipleObjectTemplateResponseMixin doesn't generate any template names.
2017-11-07 18:46:52 -05:00
6c0042430e
Fixed #28776 -- Fixed a/an/and typos in docs and comments.
2017-11-06 22:41:03 -05:00
73241132f2
Refs #28457 -- Removed unused .next-step CSS in django/views/templates/default_urlconf.html.
2017-10-28 07:59:59 -04:00
f6b5cecc71
Refs #28457 -- Updated the colors of the 'Congrats' page for WCAG AA compliance.
2017-10-28 07:57:27 -04:00
6642a646f0
Fixed #28735 -- Fixed typo in django/views/templates/default_urlconf.html.
2017-10-24 11:17:47 -04:00
347551c2a1
Fixed #28508 -- Set the foreground color to black in CSRF and 404 error templates.
2017-09-21 10:23:23 -04:00
df41b5a05d
Fixed #28593 -- Added a simplified URL routing syntax per DEP 0201.
...
Thanks Aymeric Augustin for shepherding the DEP and patch review.
Thanks Marten Kenbeek and Tim Graham for contributing to the code.
Thanks Tom Christie, Shai Berger, and Tim Graham for the docs.
2017-09-20 18:04:42 -04:00
6e4c6281db
Reverted "Fixed #27818 -- Replaced try/except/pass with contextlib.suppress()."
...
This reverts commit 550cb3a365
2017-09-07 08:16:21 -04:00
46e2b9e059
Fixed CVE-2017-12794 -- Fixed XSS possibility in traceback section of technical 500 debug page.
...
This is a security fix.
2017-09-05 10:58:38 -04:00
5848305218
Fixed #28082 -- Made BaseDateListView pass context from get_dated_items() to subclasses.
...
Thanks leon-matthews for the report and fix.
2017-09-04 10:55:18 -04:00
f2b93b509c
Removed unneeded iter() calls.
...
A few of these were unnecessarily added in 2b281cc35e
2017-08-23 16:48:29 -04:00
9229e005aa
Django -> django when styled as a logo with font. This was pointed out at DjangoCon US.
2017-08-21 08:00:54 +02:00
71d39571f4
Fixed #28485 -- Made ExceptionReporter.get_traceback_frames() include frames without source code.
2017-08-12 20:32:39 -04:00
5fe9b7b40a
Fixed #28457 -- Updated the design of the 'Congrats' page for new Django projects.
...
Developed by Timothy Allen and Chad Whitman of The Wharton School with
shepherding from Aymeric Augustin and Collin Anderson.
2017-08-07 10:33:55 -04:00
293608a2e0
Refs #7697 -- Removed unnecessary force_escape of technical 500 debug view "unicode hint".
...
The test passes before and after the removal. unicode_hint will never
be SafeText, so normal autoescaping is sufficient.
2017-08-02 15:16:22 -04:00
8df7681d0e
Removed unneeded escape filter in templates where autoescaping is enabled.
2017-08-01 10:52:29 -04:00
604341c85f
Fixed #28331 -- Added ContextMixin.extra_context to allowing passing context in as_view().
2017-07-06 10:34:54 -04:00
550cb3a365
Fixed #27818 -- Replaced try/except/pass with contextlib.suppress().
2017-06-28 14:07:55 -04:00
0af14b2eaa
Refs #16870 -- Doc'd that CSRF protection requires the Referer header.
2017-06-22 11:50:00 -04:00
37c9b81ebc
Fixed #28104 -- Prevented condition decorator from setting ETag/Last-Modified headers for non-safe requests.
2017-06-06 15:37:14 -04:00
23142eea85
Fixed #18394 -- Added error for invalid JavaScriptCatalog packages
...
Thanks Tim Graham for the review.
2017-06-06 18:02:22 +02:00
ff099f9db8
Fixed #28271 -- Added charset to technical_500_response() AJAX response.
2017-06-05 14:43:40 -04:00
2c69824e5a
Refs #23968 -- Removed unnecessary lists, generators, and tuple calls.
2017-06-01 19:08:59 -04:00
c2eea61dff
Fixed #28209 -- Made date-based generic views return a 404 rather than crash when given an out of range date.
2017-05-30 13:20:35 -04:00
7afb476469
Fixed #28226 -- Replaced use of str.join() with concatenation.
2017-05-27 13:59:05 -04:00
2cbb095bec
Fixed #28221 -- Fixed plural fallback translations in JavaScriptCatalog view
...
Thanks Waldemar Kornewald for the report and initial patch.
2017-05-25 22:47:21 +02:00
eb66057c1e
Refs #28221 -- Honor plural number in JavaScriptCatalog
2017-05-20 13:23:54 +02:00
d842ada305
Refs #27795 -- Stopped converting integer format settings to str in JS/JSON i18n views
...
Thanks Tim Graham for the review.
2017-05-08 19:32:03 +02:00
301de774c2
Refs #27795 -- Replaced many force_text() with str()
...
Thanks Tim Graham for the review.
2017-04-27 09:10:02 +02:00
56970c5b61
Fixed #28122 -- Fixed crash when overriding views.static.directory_index()'s template.
2017-04-25 11:01:21 -04:00
8c6a3062dd
Fixed #28079 -- Restored "No POST data" (rather than an empty table) in HTML debug page.
...
Regression in 7b6dccc82f
2017-04-15 09:21:35 -04:00
941b869135
Fixed #28008 -- Replaced getElementsByClassName() JavaScript in debug view template.
2017-04-14 08:12:14 -04:00
ea542a9c72
Fixed #28007 -- Moved debug templates to the filesystem
...
Thanks Tim Graham for the review.
2017-04-12 11:36:47 -04:00
a1f948b468
Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve().
...
This is a security fix.
2017-04-04 10:42:06 -04:00
78619bcb0a
Fixed #27987 -- Added default colors in debug view CSS.
2017-03-28 08:55:16 -04:00
b536dcf656
Fixed #27948 -- Removed incorrect unquote() in static serving views.
2017-03-17 07:55:00 -04:00
8346680e1c
Refs #27795 -- Removed unneeded force_text calls
...
Thanks Tim Graham for the review.
2017-03-04 18:18:21 +01:00
711123e1cd
Refs #27656 -- Updated django.views docstring verbs according to PEP 257.
2017-03-03 17:05:42 -05:00
fede65260a
Fixed #26911 -- Removed NoReverseMatch silencing in RedirectView.
2017-03-01 15:56:39 -05:00
5f3a689f71
Imported django.http classes instead of django.http.
2017-02-27 14:47:11 -05:00
21f13ff5b3
Refs #23919 -- Removed an used block in ExceptionReporter.get_traceback_data().
...
The test from refs #20368 only runs this block on Python 2.
2017-02-09 09:03:28 -05:00
c651331b34
Converted usage of ugettext* functions to their gettext* aliases
...
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
597bfcbf8b
Removed unused ExceptionReporter.format_exception() method.
...
Unused since its introduction in e7e4b8b0f7
2017-02-01 19:55:31 -05:00
0205e04ce7
Removed ExceptionReporter support for string exceptions.
...
Reverted refs #6423 since raising string exceptions is prohibited
since Python 2.5.
2017-02-01 19:47:39 -05:00
8838d4dd49
Refs #23919 -- Replaced kwargs.pop() with keyword-only arguments.
2017-02-01 11:41:56 -05:00
fee42fd99e
Refs #23919 -- Replaced usage of django.utils.http utilities with Python equivalents
...
Thanks Tim Graham for the review.
2017-01-26 19:49:03 +01:00
d1bab24e01
Refs #23919 , #27778 -- Removed obsolete mentions of unicode.
2017-01-26 08:19:27 -05:00
d6eaf7c018
Refs #23919 -- Replaced super(ClassName, self) with super().
2017-01-25 12:23:46 -05:00
9e6e32bf5d
Refs #23919 -- Removed django.utils.decorators.available_attrs() usage.
...
It's only needed to workaround a bug on Python 2.
2017-01-21 13:20:17 -05:00
dc8834cad4
Refs #23919 -- Removed unneeded force_str calls
2017-01-20 08:44:31 +01:00
cecc079168
Refs #23919 -- Stopped inheriting from object to define new style classes.
2017-01-19 08:39:46 +01:00
3cc5f01d9b
Refs #23919 -- Stopped using django.utils.lru_cache().
2017-01-18 21:42:40 -05:00
2b281cc35e
Refs #23919 -- Removed most of remaining six usage
...
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
7b2f2e74ad
Refs #23919 -- Removed six.<various>_types usage
...
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
c716fe8782
Refs #23919 -- Removed six.PY2/PY3 usage
...
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
d334f46b7a
Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES.
2017-01-17 20:52:04 -05:00
2b20e4148f
Refs #19567 -- Removed deprecated javascript_catalog() and json_catalog() views.
2017-01-17 20:52:03 -05:00
6a74950513
Fixed #27258 -- Prohibited django.Template.render() with non-dict context.
...
Thanks Shivang Bharadwaj for the initial patch.
2016-12-28 16:03:20 -05:00
b24af2f405
Fixed #27418 -- Fixed occasional missing plural forms in JavaScriptCatalog.
2016-12-14 18:20:30 -05:00
eb7fb565e6
Removed an unnecessary, discouraging sentence on the "It worked!" page.
2016-12-13 13:45:09 -05:00
07ac5d830a
Added period in BaseFormView docstring.
2016-12-08 07:39:15 -05:00
373140b07a
Fixed #27567 -- Fixed crash in the debug view when request.user errors.
2016-12-06 12:28:00 -05:00
967be82443
Fixed E305 flake8 warnings.
2016-11-14 12:30:46 -05:00
c7f86d3eec
Fixed #27373 -- Corrected 404 debug page message for an empty request path.
2016-10-27 16:58:41 -04:00
6b5106b1ce
Fixed #27374 -- Made JavaScriptCatalog respect the packages argument.
2016-10-22 19:26:08 -04:00
8119b679eb
Refs #27025 -- Fixed "invalid escape sequence" warnings in Python 3.6.
...
http://bugs.python.org/issue27364
2016-09-17 15:44:06 -04:00
4ef0e019b7
Fixed #27083 -- Added support for weak ETags.
2016-09-10 08:14:52 -04:00
ef021412d5
Normalized spelling of ETag.
2016-09-09 11:00:21 -04:00
f227b8d15d
Refs #26956 -- Allowed is_safe_url() to validate against multiple hosts
2016-09-07 19:56:25 -07:00
7b6dccc82f
Fixed #27191 -- Fixed debug view crash for requests with 'items' in GET/POST/COOKIES/FILES.
2016-09-07 13:47:09 -04:00
2ced2f785d
Replaced smart_* by force_* calls whenever possible
...
The smart_* version should only be used when a lazy string should keep
its lazy status.
2016-09-03 13:46:41 +02:00
ff1e7b4eb4
Fixed #25181 -- Added localdate() function to get date in a different time zone.
...
Thanks Konrad Świat for the original patch.
2016-08-31 17:19:33 -07:00
1f68bb5683
Refs #26902 -- Protected against insecure redirects in set_language().
2016-08-19 19:16:00 -04:00
1e32e1cc95
Fixed #26973 -- Fixed views.static.serve() crash with show_indexes enabled.
2016-08-10 11:27:03 -04:00
348cfccd90
Fixed #26938 -- Fixed invalid HTML in template postmortem on the debug page.
2016-07-24 18:18:57 +02:00
93c538694e
Fixed XSS in admin's add/change related popup.
...
This is a security fix.
2016-07-18 11:17:01 -04:00
9baf692a58
Fixed #26601 -- Improved middleware per DEP 0005.
...
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
ac77c55bc5
Fixed #26567 -- Updated references to obsolete RFC2616.
...
Didn't touch comments where it wasn't obvious that the code adhered to
the newer standard.
2016-05-03 11:14:40 -04:00
7f51876f99
Fixed #26207 -- Replaced dynamic classes with non-data descriptors for deferred instance loading.
2016-04-29 13:06:32 -04:00
0d8b523422
Fixed #26553 -- Removed unneeded loop in views/i18n.py
2016-04-28 09:15:34 -04:00
de40cfbe74
Fixed #19567 -- Added JavaScriptCatalog and JSONCatalog class-based views
...
Thanks Cristiano Coelho and Tim Graham for the reviews.
2016-04-15 17:28:54 +02:00
9e3f141701
Fixed #26466 -- Added HTTP_REFERER decoding to i18n set_language() view.
2016-04-09 10:57:43 -04:00
df8d8d4292
Fixed E128 flake8 warnings in django/.
2016-04-08 09:51:06 -04:00
369fa471f4
Fixed #26201 -- Documented the consequences of rotating the CSRF token on login.
2016-04-05 11:02:38 -04:00
2cd2d18851
Fixed W503 flake8 warnings.
2016-04-04 17:14:26 -04:00
940b7fd5cb
Fixed #21446 -- Allowed not performing redirect in set_language view
...
Thanks Claude Paroz and Tim Graham for polishing the patch.
2016-03-29 22:15:14 +02:00
11c60b5298
Reused the DjangoTranslation class for the javascript_catalog view
...
Thanks Tim Graham and Cristiano Coelho for the reviews.
Refs #26328 , #26319 .
2016-03-08 21:39:59 +01:00
e81d1c995c
Fixed #25670 -- Allowed dictsort to sort a list of lists.
...
Thanks Tim Graham for the review.
2016-02-23 12:15:08 -05:00
16a88b4429
Fixed #26209 -- Masked sensitive settings in debug reports regardless of case.
2016-02-11 18:13:03 -05:00
406675b1a0
Fixed #26176 -- Fixed E123 flake8 warnings.
2016-02-05 15:11:07 -05:00
60586dd737
Fixed #26125 -- Fixed E731 flake warnings.
2016-01-25 14:23:43 -05:00
21bf685f5e
Fixed #25697 -- Made default error views error when passed a nonexistent template_name.
2016-01-14 07:05:38 -05:00
3d6474e1a5
Fixed #25385 -- Allowed importing views.generic.View from views.View.
2016-01-11 08:18:44 -05:00
c8d970a548
Refs #25755 -- Unified a couple more spellings of 'website'.
2016-01-11 06:13:16 -05:00
98839e9066
Removed British/Austrialian word: whilist.
2015-12-31 14:29:52 -05:00
16411b8400
Fixed #26013 -- Moved django.core.urlresolvers to django.urls.
...
Thanks to Tim Graham for the review.
2015-12-31 14:21:29 -05:00
e429c5186c
Fixed #26018 -- Prevented unecessary get_form() call in FormMixin.get_context_data().
...
Changed "dict.setdefault" to "if x in dict" pattern so that get_form() would not
be called unnecessarily, specifically in the case where FormMixin.form_invalid()
calls get_context_data() with the current form.
2015-12-30 17:29:39 -05:00
4b2dcfe04f
Fixed #26006 -- Fixed incorrect object reference in SingleObjectMixin.get_context_object_name().
2015-12-30 09:56:45 -05:00
acd3606049
Removed blank line to appease isort.
2015-11-17 19:01:06 -05:00
16945f0e9c
Fixed #25695 -- Added template_name parameter to csrf_failure() view.
2015-11-17 14:28:18 -05:00
e171a83b15
Fixed #25548 -- Prevented FormView.form_invalid() from discarding its form argument.
2015-11-11 13:28:34 -05:00
37ea3cb03e
Fixed "URLconf" spelling in code comments.
2015-10-22 14:46:42 -04:00
2b6344e944
Fixed #25037 -- Added request.user to the debug view.
2015-10-05 09:36:42 -04:00
fd1e54b923
Removed unused views.debug.linebreak_iter() function.
2015-09-24 09:15:55 -04:00
491de4f07c
Refs #23656 -- Required FormMixin.get_form() form_class parameter to be optional.
...
Per deprecation timeline.
2015-09-23 19:31:10 -04:00
6eed9ae747
Refs #24133 -- Removed legacy formatting syntax in success_url placeholders.
...
Per deprecation timeline.
2015-09-23 19:31:10 -04:00
b1e33ceced
Fixed #23395 -- Limited line lengths to 119 characters.
2015-09-12 11:40:50 -04:00
cf29b6b561
Fixed #25099 -- Fixed crash in AdminEmailHandler on DisallowedHost.
2015-09-04 09:24:21 -04:00
5153a3bfdc
Fixed #25331 -- Removed trailing blank lines in docstrings.
2015-08-31 17:37:21 -04:00
7a40fef17a
Fixed #24935 -- Refactored common conditional GET handling.
2015-08-15 09:08:45 -04:00
a3830f6d66
Refs #25236 -- Removed ifequal/ifnotequal usage.
2015-08-08 07:33:15 -04:00
244404227e
Fixed #22404 -- Added a view that exposes i18n catalog as a JSON
...
Added django.views.i18n.json_catalog() view, which returns a JSON
response containing translations, formats, and a plural expression
for the specified language.
2015-08-05 09:05:21 -04:00
d7848c11e0
Fixed #25147 -- Fixed debug view copy-paste/interactive toggle.
...
The whitespace added in 1101467ce0
2015-07-20 11:52:21 -04:00
8f8c54f70b
Fixed #25099 -- Cleaned up HttpRequest representations in error reporting.
2015-07-13 19:22:39 -04:00
6bdd3840be
Improved whitespace in debug templates.
...
Removed extra blank lines in the template text debug template,
and prevented overindentation in the HTML debug template.
2015-07-13 19:22:39 -04:00
7da3923ba0
Sorted imports in __init__.py files.
2015-06-27 11:53:33 -04:00
aaacaeb096
Renamed RemovedInDjangoXYWarnings for new roadmap.
...
Forwardport of ae1d663b79
2015-06-24 16:08:20 -04:00
59383f1e3a
Ref #23643 -- Added plain text report of exception chain.
2015-06-01 08:23:54 -04:00
38eacbde62
Refs #23643 -- Fixed debug view regression on Python 2.
...
Thanks Tomáš Ehrlich for help with the patch.
2015-05-29 11:29:32 -04:00
0b0bb6100d
Fixed typos in HTTP decorator docs.
2015-05-25 07:38:08 -04:00
4157c502a5
Removed unnecessary arguments in .get method calls
2015-05-13 20:51:18 +02:00
70779d9c1c
Fixed #24733 -- Passed the triggering exception to 40x error handlers
...
Thanks Tim Graham for the review.
2015-05-11 22:02:14 +02:00
adff499e47
Fixed #24119 , #24120 -- Formalized debug integration for template backends.
2015-05-06 17:33:47 -05:00
Jon Dufresne
Tim Graham
Carlton Gibson
Tom Hacohen
François Freitag
Zach Garwood
Hasan Ramezani
Claude Paroz
Timothy Allen
Samir Shah
Tom
Vincent Poulailleau
Himanshu Chauhan
Дилян Палаузов
Дилян Палаузов
Bjorn Kristinsson
Tim Baxter
Scot Hacker
Stefan Sinca
Sjoerd Job Postmus
Sebastian Sassi
Sergey Fedoseev
Allen, Timothy
Martin von Gagern
Bruno Alla
Mads Jensen
Flávio Juvenal
Josh Schneier
partizan
Adit Biswas
Abhishek Gautam
Ionuț Ciocîrlan
Anton Samarchyan
Grzegorz Tężycki
Asif Saifuddin Auvi
Vytis Banaitis
chillaranand
Simon Charette
Aymeric Augustin
Shivang Bharadwaj
Waldemar Kornewald
Merrin Macleod
Collederas
Andreas Pelme
Ramin Farajpour Cami
Mariusz Felisiak
Alvin Lindstam
Kevin Christopher Henry
Anatoly Burov
Przemysław Suliga
Florian Apolloner
Vasiliy Faronov
Anssi Kääriäinen
Miikka Salminen
Vaclav Ehrlich
Krzysztof Jurewicz
Andrew Kuchev
François Freitag
userimack
Iacopo Spalletti
Varun Sharma
pp
Marten Kenbeek
Chris Cogdon
Raphael Michel
Alex Morozov
John Moses
Dražen Odobašić
Vlastimil Zíma
Maxime Lorant
Denis Cornehl
Sergey Kolosov
Vlastimil Zíma
Tomáš Ehrlich
Luca Ferroni
I am Clinton
Piotr Jakimiak
Preston Timmons