Jannis Leidel
ec193224d3
Fixed #12534 -- Loosened the the security check for "next" redirects after logins slightly to allow paths that contain spaces. Thanks for the patch, jnns and aaugustin.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15702 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-01 22:49:18 +00:00
Russell Keith-Magee
7a60b41130
Fixed #15111 -- Ensured that the auth, contenttypes and sitemaps tests will run when the sites app isn't installed. Thanks to Waldemar Kornewald for the report and draft patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15418 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-02-05 03:49:03 +00:00
Russell Keith-Magee
d053624aa8
Fixed #15067 -- Modified the range checks on base36_to_int so you are guaranteed to always get an int, avoiding possible OverflowErrors. Thanks to Garthex for the report, jboutros for the patch, and kfrazier for the feedback.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15288 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-01-24 08:02:40 +00:00
Chris Beaven
dceaa82dec
Fixed #14809 -- broken login related tests after r14733.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14764 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-12-01 22:25:17 +00:00
Chris Beaven
e74edb4d53
Fixes #11025 -- ability to specify LOGIN_URL as full qualified absolute URL.
...
auth.views.login now allows for login redirections for different schemes
with the same host (or no host even, e.g. 'https:///login/ ')
auth.decorators.login_required can now use lazy urls (refs #5925 )
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14733 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-27 22:43:33 +00:00
Luke Plant
6feef0c13e
Fixed #14612 - Password reset page leaks valid user ids publicly.
...
Thanks to PaulM for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14456 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-04 12:36:55 +00:00
Luke Plant
7d4a3991f3
Fixed a test setup and isolation bug that was causing PasswordResetTest to fail when run individually
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14455 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-11-04 12:31:57 +00:00
Luke Plant
667d832e90
Fixed #14386 , #8960 , #10235 , #10909 , #10608 , #13845 , #14377 - standardize Site/RequestSite usage in various places.
...
Many thanks to gabrielhurley for putting most of this together. Also to
bmihelac, arthurk, qingfeng, hvendelbo, petr.pulc@s-cape.cz , Hraban for
reports and some initial patches.
The patch also contains some whitespace/PEP8 fixes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13980 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-04 14:20:47 +00:00
Malcolm Tredinnick
4084bc7354
Permit custom from-email address in auth forms email.
...
Patch from cassidy and Rob Hudson. Fixed #11300 .
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13817 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-12 22:38:01 +00:00
Jannis Leidel
bb00b28399
Added login_url argument to login_required decorator. Thanks mhlakhani and ericflo for the report and patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13723 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-10 19:38:57 +00:00
Jacob Kaplan-Moss
6e748b5db4
Fixed #11457 : tightened the security check for "next" redirects after logins.
...
The new behavior still disallows redirects to off-site URLs, but now allows
redirects of the form `/some/other/view?foo=http://...`.
Thanks to brutasse.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12635 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-03-01 19:58:53 +00:00
Russell Keith-Magee
b794441951
Fixed #10976 -- Isolated contrib.auth tests so they will always pass, regardless of any local templates. Thanks to aarond10 for the report, and SmileyChris for turning that into a patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12420 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-02-13 12:02:11 +00:00
Malcolm Tredinnick
5a57a7f006
Fixed #8752 -- Fixed django.contrib.auth tests to be locale-independent.
...
Patch from Koen Biermans.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10599 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-19 03:41:33 +00:00
Jacob Kaplan-Moss
9faa1cd9b5
Fixed #10747 : fixed the auth tests to ignore broken user-supplied login/logout templates.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10482 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-10 15:50:51 +00:00
Jacob Kaplan-Moss
3e6f4674e2
Fixed #10460 : the logout view can now redirect like the rest of the auth views. Thanks, chronos and steingrd.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10332 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-01 17:02:32 +00:00
Jacob Kaplan-Moss
19b9211a3b
Fixed #9881 : Added the to the login view context, not just the site's name. Thanks, nessita.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10330 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-04-01 16:37:48 +00:00
Gary Wilson Jr
b4f5655c86
Fixed #10553 -- Corrected several uses of `URLconf` in documentation and comments, according to the Django style guide. Based on patch from rduffield.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10256 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-03-31 16:07:07 +00:00
Karen Tracey
bcd63cbfb0
Fixed #6160 , #9111 -- Consistently apply conditional_escape to form errors and labels when outputing them as HTML.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9365 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-11-06 19:49:24 +00:00
Malcolm Tredinnick
157dbe2fff
Fixed #8552 -- Use the LOGIN_REDIRECT_URL setting in the auth tests, rather than hard-coding the value.
...
This enables things to work properly when installed in other configurations.
Patch from aeby.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8613 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-27 06:02:13 +00:00
Malcolm Tredinnick
abb1c508cc
Tests for password change process. Thanks, Mike Richardson. Fixed #8402 .
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8497 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-08-23 18:20:49 +00:00
Luke Plant
fcd837cd0f
Fixed #7723 - implemented a secure password reset form that uses a token and prompts user for new password.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8162 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2008-07-31 20:47:53 +00:00