Commit Graph

712 Commits

Author SHA1 Message Date
Tim Graham 56970c5b61 Fixed #28122 -- Fixed crash when overriding views.static.directory_index()'s template. 2017-04-25 11:01:21 -04:00
Tim Graham 8c6a3062dd Fixed #28079 -- Restored "No POST data" (rather than an empty table) in HTML debug page.
Regression in 7b6dccc82f
2017-04-15 09:21:35 -04:00
Abhishek Gautam 941b869135 Fixed #28008 -- Replaced getElementsByClassName() JavaScript in debug view template. 2017-04-14 08:12:14 -04:00
Claude Paroz ea542a9c72 Fixed #28007 -- Moved debug templates to the filesystem
Thanks Tim Graham for the review.
2017-04-12 11:36:47 -04:00
Tim Graham a1f948b468 Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve().
This is a security fix.
2017-04-04 10:42:06 -04:00
Ionuț Ciocîrlan 78619bcb0a Fixed #27987 -- Added default colors in debug view CSS. 2017-03-28 08:55:16 -04:00
Tim Graham b536dcf656 Fixed #27948 -- Removed incorrect unquote() in static serving views. 2017-03-17 07:55:00 -04:00
Claude Paroz 8346680e1c Refs #27795 -- Removed unneeded force_text calls
Thanks Tim Graham for the review.
2017-03-04 18:18:21 +01:00
Anton Samarchyan 711123e1cd Refs #27656 -- Updated django.views docstring verbs according to PEP 257. 2017-03-03 17:05:42 -05:00
Grzegorz Tężycki fede65260a Fixed #26911 -- Removed NoReverseMatch silencing in RedirectView. 2017-03-01 15:56:39 -05:00
Asif Saifuddin Auvi 5f3a689f71 Imported django.http classes instead of django.http. 2017-02-27 14:47:11 -05:00
Tim Graham 21f13ff5b3 Refs #23919 -- Removed an used block in ExceptionReporter.get_traceback_data().
The test from refs #20368 only runs this block on Python 2.
2017-02-09 09:03:28 -05:00
Claude Paroz c651331b34 Converted usage of ugettext* functions to their gettext* aliases
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
Tim Graham 597bfcbf8b Removed unused ExceptionReporter.format_exception() method.
Unused since its introduction in e7e4b8b0f7.
2017-02-01 19:55:31 -05:00
Tim Graham 0205e04ce7 Removed ExceptionReporter support for string exceptions.
Reverted refs #6423 since raising string exceptions is prohibited
since Python 2.5.
2017-02-01 19:47:39 -05:00
Vytis Banaitis 8838d4dd49 Refs #23919 -- Replaced kwargs.pop() with keyword-only arguments. 2017-02-01 11:41:56 -05:00
Claude Paroz fee42fd99e Refs #23919 -- Replaced usage of django.utils.http utilities with Python equivalents
Thanks Tim Graham for the review.
2017-01-26 19:49:03 +01:00
Vytis Banaitis d1bab24e01 Refs #23919, #27778 -- Removed obsolete mentions of unicode. 2017-01-26 08:19:27 -05:00
chillaranand d6eaf7c018 Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-25 12:23:46 -05:00
Tim Graham 9e6e32bf5d Refs #23919 -- Removed django.utils.decorators.available_attrs() usage.
It's only needed to workaround a bug on Python 2.
2017-01-21 13:20:17 -05:00
Claude Paroz dc8834cad4 Refs #23919 -- Removed unneeded force_str calls 2017-01-20 08:44:31 +01:00
Simon Charette cecc079168 Refs #23919 -- Stopped inheriting from object to define new style classes. 2017-01-19 08:39:46 +01:00
Aymeric Augustin 3cc5f01d9b Refs #23919 -- Stopped using django.utils.lru_cache(). 2017-01-18 21:42:40 -05:00
Claude Paroz 2b281cc35e Refs #23919 -- Removed most of remaining six usage
Thanks Tim Graham for the review.
2017-01-18 21:33:28 +01:00
Claude Paroz 7b2f2e74ad Refs #23919 -- Removed six.<various>_types usage
Thanks Tim Graham and Simon Charette for the reviews.
2017-01-18 20:18:46 +01:00
Claude Paroz c716fe8782 Refs #23919 -- Removed six.PY2/PY3 usage
Thanks Tim Graham for the review.
2017-01-18 16:21:28 +01:00
Claude Paroz d7b9aaa366 Refs #23919 -- Removed encoding preambles and future imports 2017-01-18 09:55:19 +01:00
Tim Graham d334f46b7a Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES. 2017-01-17 20:52:04 -05:00
Tim Graham 2b20e4148f Refs #19567 -- Removed deprecated javascript_catalog() and json_catalog() views. 2017-01-17 20:52:03 -05:00
Shivang Bharadwaj 6a74950513 Fixed #27258 -- Prohibited django.Template.render() with non-dict context.
Thanks Shivang Bharadwaj for the initial patch.
2016-12-28 16:03:20 -05:00
Waldemar Kornewald b24af2f405 Fixed #27418 -- Fixed occasional missing plural forms in JavaScriptCatalog. 2016-12-14 18:20:30 -05:00
Merrin Macleod eb7fb565e6 Removed an unnecessary, discouraging sentence on the "It worked!" page. 2016-12-13 13:45:09 -05:00
Collederas 07ac5d830a Added period in BaseFormView docstring. 2016-12-08 07:39:15 -05:00
Andreas Pelme 373140b07a Fixed #27567 -- Fixed crash in the debug view when request.user errors. 2016-12-06 12:28:00 -05:00
Ramin Farajpour Cami 967be82443 Fixed E305 flake8 warnings. 2016-11-14 12:30:46 -05:00
Mariusz Felisiak c7f86d3eec Fixed #27373 -- Corrected 404 debug page message for an empty request path. 2016-10-27 16:58:41 -04:00
Alvin Lindstam 6b5106b1ce Fixed #27374 -- Made JavaScriptCatalog respect the packages argument. 2016-10-22 19:26:08 -04:00
Tim Graham 8119b679eb Refs #27025 -- Fixed "invalid escape sequence" warnings in Python 3.6.
http://bugs.python.org/issue27364
2016-09-17 15:44:06 -04:00
Kevin Christopher Henry 4ef0e019b7 Fixed #27083 -- Added support for weak ETags. 2016-09-10 08:14:52 -04:00
Tim Graham ef021412d5 Normalized spelling of ETag. 2016-09-09 11:00:21 -04:00
Jon Dufresne f227b8d15d Refs #26956 -- Allowed is_safe_url() to validate against multiple hosts 2016-09-07 19:56:25 -07:00
Anatoly Burov 7b6dccc82f Fixed #27191 -- Fixed debug view crash for requests with 'items' in GET/POST/COOKIES/FILES. 2016-09-07 13:47:09 -04:00
Claude Paroz 2ced2f785d Replaced smart_* by force_* calls whenever possible
The smart_* version should only be used when a lazy string should keep
its lazy status.
2016-09-03 13:46:41 +02:00
Jon Dufresne ff1e7b4eb4 Fixed #25181 -- Added localdate() function to get date in a different time zone.
Thanks Konrad Świat for the original patch.
2016-08-31 17:19:33 -07:00
Przemysław Suliga 1f68bb5683 Refs #26902 -- Protected against insecure redirects in set_language(). 2016-08-19 19:16:00 -04:00
Tim Graham 1e32e1cc95 Fixed #26973 -- Fixed views.static.serve() crash with show_indexes enabled. 2016-08-10 11:27:03 -04:00
Jon Dufresne 348cfccd90
Fixed #26938 -- Fixed invalid HTML in template postmortem on the debug page. 2016-07-24 18:18:57 +02:00
Tim Graham 93c538694e Fixed XSS in admin's add/change related popup.
This is a security fix.
2016-07-18 11:17:01 -04:00
Florian Apolloner 9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Vasiliy Faronov ac77c55bc5 Fixed #26567 -- Updated references to obsolete RFC2616.
Didn't touch comments where it wasn't obvious that the code adhered to
the newer standard.
2016-05-03 11:14:40 -04:00