Florian Apolloner
2a8ec7f546
[4.0.x] Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter.
...
Thanks to Dennis Brinkrolf for the report.
Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:10:14 +01:00
Mariusz Felisiak
4a43335d30
Fixed #30086 , Refs #32873 -- Made floatformat template filter independent of USE_L10N.
2021-09-08 08:37:27 +02:00
Chris Jerdonek
55cf9e93b5
Refs #32919 -- Simplified Lexer.create_token() by reorganizing blocks.
2021-08-25 13:14:35 +02:00
Chris Jerdonek
7ff72b5909
Refs #32919 -- Added assertion for token start in Lexer.create_token().
...
This adds an assertion in the code path where the method would otherwise
return None, which isn't allowed.
2021-08-25 13:07:52 +02:00
Matt Westcott
5092f7247d
Fixed #33036 -- Made simple_tag()/inclusion_tag() with takes_context raise TemplateSyntaxError when function has no parameters.
2021-08-19 07:39:55 +02:00
Chris Jerdonek
f0776a558c
Fixed #33002 -- Made DebugLexer.tokenize() more closely parallel Lexer.tokenize().
2021-08-09 13:42:52 +02:00
Chris Jerdonek
6fedd868e1
Refs #33002 -- Renamed variable from bit to token_string in Lexer.tokenize().
2021-08-09 13:42:52 +02:00
Chris Jerdonek
6242c22a2f
Refs #33002 -- Optimized Lexer.tokenize() by skipping computing lineno when not needed.
2021-08-09 13:42:52 +02:00
Greg Twohig
fc2bd40fc7
Fixed #32990 -- Simplified and optimized tag regex.
...
Thanks Chris Jerdonek for the review.
2021-08-09 08:21:43 +02:00
Chris Jerdonek
4fe3774c72
Refs #32986 -- Moved TRANSLATOR_COMMENT_MARK to django.utils.translation.template.
2021-08-05 06:11:40 +02:00
Chris Jerdonek
e79ae5c317
Fixed #32986 -- Removed unneeded str.find() call in Lexer.create_token().
...
Unnecessary since 47ddd6a408
.
2021-08-05 05:57:36 +02:00
Keryn Knight
edf184dd06
Fixed #32919 -- Optimized lexing & parsing of templates.
...
This optimizes:
- Lexer.create_token() by avoiding startswith() calls,
- Parser.parse() by re-using the token type enum's value,
- Parser.extend_nodelist() by removing unnecessary isinstance() check,
- some Node subclasses by removing the implicit "nodelist" from
"child_nodelists",
- Variable.__init__() by avoiding startswith() calls.
2021-08-02 10:57:51 +01:00
cammil
313c3d1aa1
Fixed #28935 -- Fixed display of errors in extended blocks.
...
Get the template that caused the exception and get the
exception info from that template, using the node that
caused the exception.
2021-07-02 11:38:15 +02:00
Keryn Knight
854e9b0668
Fixed #32824 -- Improved performance of NodeList.render().
...
This avoids the following:
- checking that each item in the nodelist is a subclass of Node,
- calling str() on the render_annotated() output, because it's
documented that Node.render() must return a string,
- calling mark_safe() on the output, when the value to be wrapped is
definitively known to be a string because the result of ''.join()
is always of that type,
- using an intermediate list to store each individual string.
2021-06-11 12:22:06 +02:00
saeedblanchette
66ed03e7c9
Refs #24121 -- Added __repr__() to AdminForm, BlockContext, BlockTranslateNode, and IncludeNode.
2021-06-10 12:47:53 +02:00
Keryn Knight
7f6a41d3d9
Fixed #32814 -- Improved performance of TextNode.
...
This avoids calling render() and handling exceptions, which is not
necessary for text nodes.
2021-06-07 21:02:00 +02:00
abhiabhi94
c609d5149c
Refs #24121 -- Added __repr__() to Engine
2021-06-01 07:44:36 +02:00
Hasan Ramezani
68357b2ca9
Fixed #32744 -- Normalized to pathlib.Path in autoreloader check for template changes.
2021-05-26 09:41:29 +02:00
Tiago Honorato
4f4f770f77
Refs #24121 -- Added __repr__() to Origin and Template.
2021-03-17 07:49:55 +01:00
Rohith PR
d3ecef26b9
Refs #24121 -- Added __repr__() to URLNode.
2021-03-02 12:24:49 +01:00
David Smith
179ee13eb3
Refs #24121 -- Added __repr__() to FilterExpression, Lexer, Parser, and Token.
2021-02-26 10:25:08 +01:00
Hasan Ramezani
c978dd93fd
Fixed #32290 -- Fixed TemplateNotFound in {% include %} tag for relative path in variable.
2021-01-27 10:07:31 +01:00
Mariusz Felisiak
e7208f13c0
Refs #25236 -- Removed {% ifequal %} and {% ifnotequal %} template tags per deprecation timeline.
2021-01-14 17:50:04 +01:00
Jacob Walls
89fc144ded
Fixed #27827 -- Used "raise from" when raising InvalidTemplateLibrary exceptions in get_package_libraries().
...
This change sets the __cause__ attribute to raised exceptions and makes
small cleanups in error messages.
2020-12-28 07:31:37 +01:00
Daniel Hahler
c70cd2a926
Refs #15053 -- Clarified debug message when skipping templates to avoid recursion.
2020-11-21 10:49:31 +01:00
Tom Forbes
658bcc16f1
Fixed #25791 -- Implement autoreload behaviour for cached template loader.
2020-11-05 15:30:52 +01:00
Tom Forbes
29845ecf69
Refs #25791 -- Added get_dirs() method to cached template loader.
2020-11-05 15:30:52 +01:00
Jacob Walls
ac6c426007
Fixed #20601 -- Allowed forcing format with thousand separators in floatformat filter.
...
Thanks Claude Paroz and Nick Pope for reviews.
2020-10-13 10:36:46 +02:00
Tom Carrick
dcb69043d0
Fixed #32002 -- Added headers parameter to HttpResponse and subclasses.
2020-10-07 09:19:57 +02:00
David Smith
e74b3d724e
Bumped minimum isort version to 5.1.0.
...
Fixed inner imports per isort 5.
isort 5.0.0 to 5.1.0 was unstable.
2020-07-30 10:58:59 +02:00
Jon Dufresne
d6aff369ad
Refs #30116 -- Simplified regex match group access with Match.__getitem__().
...
The method has been available since Python 3.6. The shorter syntax is
also marginally faster.
2020-05-11 12:01:28 +02:00
Jon Dufresne
72a170b4c3
Fixed #25236 -- Deprecated {% ifequal %} and {% ifnotequal %} template tags.
...
The {% if %} tag provides all features of these tags.
Since Django 1.2 (May 17, 2010), the docs have hinted that
{% ifequal %} and {% ifnotequal %} will be deprecated in a future
Django version. Time to make it official.
2020-05-11 09:07:33 +02:00
Adam Johnson
d17b380653
Refs #30573 -- Rephrased "Of Course" and "Obvious(ly)" in documentation and comments.
2020-05-04 12:10:47 +02:00
Hasan Ramezani
0538da08c5
Fixed #31172 -- Added note to translators for yesno filter.
2020-03-17 11:38:49 +01:00
Keshav Kumar
f37d548ede
Fixed #20995 -- Added support for iterables of template names to {% include %} template tag.
...
Thanks Adam Johnson for the review.
2020-02-18 06:56:05 +01:00
Patrick Seebauer
e3d546a1d9
Fixed #31128 -- Fixed TemplateSyntaxError in simple_tag() and inclusion_tag() for kwargs.
2020-01-02 10:44:07 +01:00
Mike Hansen
35d36d9462
Refs #30585 -- Updated project templates and tests to use (block)translate tags.
2019-12-18 13:15:38 +01:00
Baptiste Mispelon
09341856ed
Used Signature API instead of deprecated inspect.getcallargs().
...
inspect.getcallargs() was deprecated in Python 3.5 and the Signature
API (PEP 362) has better support for decorated functions (by default,
it follows the __wrapped__ attribute set by functools.wraps for
example).
2019-12-10 09:36:34 +01:00
Baptiste Mispelon
23af086665
Used full module import for inspect in template/base.py.
2019-12-10 08:29:30 +01:00
Hasan Ramezani
8d32290279
Fixed #30425 -- Handled jinja2.TemplateSyntaxError when rendering a template.
...
Jinja raises jinja2.TemplateSyntaxError in render() not in
get_template() when it's in an included template.
2019-11-27 12:48:07 +01:00
Jon Dufresne
aa12cf07c9
Removed unnecessary numeric indexes in format strings.
2019-11-19 08:29:47 +01:00
Jon Dufresne
77aa74cb70
Refs #29983 -- Added support for using pathlib.Path in all settings.
2019-11-07 10:26:22 +01:00
Sky
3cf907c20c
Fixed #30761 -- Prevented floatformat filter from returning a negative zero.
2019-10-31 10:48:35 +01:00
Hasan Ramezani
e3d0b4d550
Fixed #30899 -- Lazily compiled import time regular expressions.
2019-10-29 09:22:26 +01:00
Alex Gaynor
04ac9b45a3
Improved performance of django.template.base.Parser.
...
pop(0), which is used to fetch each token, is O(n) in the length of the
list. By reversing the list and operating off the end, we can perform
next_token(), prepend_token(), and delete_first_token() in constant
time.
2019-10-09 08:33:16 +02:00
Min ho Kim
103a6f4307
Fixed some typos in comments and docs.
...
Thanks to Mads Jenson for review.
2019-10-02 15:50:46 +02:00
ElizabethU
54ea290e5b
Fixed #30651 -- Made __eq__() methods return NotImplemented for not implemented comparisons.
...
Changed __eq__ to return NotImplemented instead of False if compared to
an object of the same type, as is recommended by the Python data model
reference. Now these models can be compared to ANY (or other objects
with __eq__ overwritten) without returning False automatically.
2019-10-01 17:58:19 +02:00
Mads Jensen
129583a0d3
Removed some outdated backwards compatibility imports and misleading comments.
...
EmptyResultSet moved in 46509cf13d
.
FieldDoesNotExist moved in 8958170755
.
BoundField and pretty_name moved in 8550161e53
.
EMPTY_VALUES moved in 471596fc1a
.
BaseRunserverCommand moved in 5c53e30607
.
2019-09-24 15:18:53 +02:00
Mariusz Felisiak
3d716467a9
Refs #29817 -- Removed settings.FILE_CHARSET per deprecation timeline.
2019-09-10 12:01:00 +02:00
Jon Dufresne
9e38ed0536
Fixed #27486 -- Fixed Python 3.7 DeprecationWarning in intword and filesizeformat filters.
...
intword and filesizeformat passed floats to ngettext() which is
deprecated in Python 3.7. The rationale for this warning is documented
in BPO-28692: https://bugs.python.org/issue28692 .
For filesizeformat, the filesize value is expected to be an int -- it
fills %d string formatting placeholders. It was likely coerced to a
float to ensure floating point division on Python 2. Python 3 always
does floating point division, so coerce to an int instead of a float to
fix the warning.
For intword, the number may contain a decimal component. In English, a
decimal component makes the noun plural. A helper function,
round_away_from_one(), was added to convert the float to an integer that
is appropriate for ngettext().
2019-06-11 20:34:59 +02:00