Commit Graph

858 Commits

Author SHA1 Message Date
Florian Apolloner 2a8ec7f546 [4.0.x] Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter.
Thanks to Dennis Brinkrolf for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-01-04 10:10:14 +01:00
Mariusz Felisiak 4a43335d30
Fixed #30086, Refs #32873 -- Made floatformat template filter independent of USE_L10N. 2021-09-08 08:37:27 +02:00
Chris Jerdonek 55cf9e93b5 Refs #32919 -- Simplified Lexer.create_token() by reorganizing blocks. 2021-08-25 13:14:35 +02:00
Chris Jerdonek 7ff72b5909 Refs #32919 -- Added assertion for token start in Lexer.create_token().
This adds an assertion in the code path where the method would otherwise
return None, which isn't allowed.
2021-08-25 13:07:52 +02:00
Matt Westcott 5092f7247d Fixed #33036 -- Made simple_tag()/inclusion_tag() with takes_context raise TemplateSyntaxError when function has no parameters. 2021-08-19 07:39:55 +02:00
Chris Jerdonek f0776a558c Fixed #33002 -- Made DebugLexer.tokenize() more closely parallel Lexer.tokenize(). 2021-08-09 13:42:52 +02:00
Chris Jerdonek 6fedd868e1 Refs #33002 -- Renamed variable from bit to token_string in Lexer.tokenize(). 2021-08-09 13:42:52 +02:00
Chris Jerdonek 6242c22a2f Refs #33002 -- Optimized Lexer.tokenize() by skipping computing lineno when not needed. 2021-08-09 13:42:52 +02:00
Greg Twohig fc2bd40fc7 Fixed #32990 -- Simplified and optimized tag regex.
Thanks Chris Jerdonek for the review.
2021-08-09 08:21:43 +02:00
Chris Jerdonek 4fe3774c72 Refs #32986 -- Moved TRANSLATOR_COMMENT_MARK to django.utils.translation.template. 2021-08-05 06:11:40 +02:00
Chris Jerdonek e79ae5c317 Fixed #32986 -- Removed unneeded str.find() call in Lexer.create_token().
Unnecessary since 47ddd6a408.
2021-08-05 05:57:36 +02:00
Keryn Knight edf184dd06 Fixed #32919 -- Optimized lexing & parsing of templates.
This optimizes:
- Lexer.create_token() by avoiding startswith() calls,
- Parser.parse() by re-using the token type enum's value,
- Parser.extend_nodelist() by removing unnecessary isinstance() check,
- some Node subclasses by removing the implicit "nodelist" from
  "child_nodelists",
- Variable.__init__() by avoiding startswith() calls.
2021-08-02 10:57:51 +01:00
cammil 313c3d1aa1 Fixed #28935 -- Fixed display of errors in extended blocks.
Get the template that caused the exception and get the
exception info from that template, using the node that
caused the exception.
2021-07-02 11:38:15 +02:00
Keryn Knight 854e9b0668 Fixed #32824 -- Improved performance of NodeList.render().
This avoids the following:
 - checking that each item in the nodelist is a subclass of Node,
 - calling str() on the render_annotated() output, because it's
   documented that Node.render() must return a string,
 - calling mark_safe() on the output, when the value to be wrapped is
   definitively known to be a string because the result of ''.join()
   is always of that type,
 - using an intermediate list to store each individual string.
2021-06-11 12:22:06 +02:00
saeedblanchette 66ed03e7c9 Refs #24121 -- Added __repr__() to AdminForm, BlockContext, BlockTranslateNode, and IncludeNode. 2021-06-10 12:47:53 +02:00
Keryn Knight 7f6a41d3d9
Fixed #32814 -- Improved performance of TextNode.
This avoids calling render() and handling exceptions, which is not
necessary for text nodes.
2021-06-07 21:02:00 +02:00
abhiabhi94 c609d5149c Refs #24121 -- Added __repr__() to Engine 2021-06-01 07:44:36 +02:00
Hasan Ramezani 68357b2ca9 Fixed #32744 -- Normalized to pathlib.Path in autoreloader check for template changes. 2021-05-26 09:41:29 +02:00
Tiago Honorato 4f4f770f77 Refs #24121 -- Added __repr__() to Origin and Template. 2021-03-17 07:49:55 +01:00
Rohith PR d3ecef26b9 Refs #24121 -- Added __repr__() to URLNode. 2021-03-02 12:24:49 +01:00
David Smith 179ee13eb3 Refs #24121 -- Added __repr__() to FilterExpression, Lexer, Parser, and Token. 2021-02-26 10:25:08 +01:00
Hasan Ramezani c978dd93fd Fixed #32290 -- Fixed TemplateNotFound in {% include %} tag for relative path in variable. 2021-01-27 10:07:31 +01:00
Mariusz Felisiak e7208f13c0 Refs #25236 -- Removed {% ifequal %} and {% ifnotequal %} template tags per deprecation timeline. 2021-01-14 17:50:04 +01:00
Jacob Walls 89fc144ded Fixed #27827 -- Used "raise from" when raising InvalidTemplateLibrary exceptions in get_package_libraries().
This change sets the __cause__ attribute to raised exceptions and makes
small cleanups in error messages.
2020-12-28 07:31:37 +01:00
Daniel Hahler c70cd2a926 Refs #15053 -- Clarified debug message when skipping templates to avoid recursion. 2020-11-21 10:49:31 +01:00
Tom Forbes 658bcc16f1 Fixed #25791 -- Implement autoreload behaviour for cached template loader. 2020-11-05 15:30:52 +01:00
Tom Forbes 29845ecf69 Refs #25791 -- Added get_dirs() method to cached template loader. 2020-11-05 15:30:52 +01:00
Jacob Walls ac6c426007 Fixed #20601 -- Allowed forcing format with thousand separators in floatformat filter.
Thanks Claude Paroz and Nick Pope for reviews.
2020-10-13 10:36:46 +02:00
Tom Carrick dcb69043d0 Fixed #32002 -- Added headers parameter to HttpResponse and subclasses. 2020-10-07 09:19:57 +02:00
David Smith e74b3d724e Bumped minimum isort version to 5.1.0.
Fixed inner imports per isort 5.
isort 5.0.0 to 5.1.0 was unstable.
2020-07-30 10:58:59 +02:00
Jon Dufresne d6aff369ad Refs #30116 -- Simplified regex match group access with Match.__getitem__().
The method has been available since Python 3.6. The shorter syntax is
also marginally faster.
2020-05-11 12:01:28 +02:00
Jon Dufresne 72a170b4c3 Fixed #25236 -- Deprecated {% ifequal %} and {% ifnotequal %} template tags.
The {% if %} tag provides all features of these tags.

Since Django 1.2 (May 17, 2010), the docs have hinted that
{% ifequal %} and {% ifnotequal %} will be deprecated in a future
Django version. Time to make it official.
2020-05-11 09:07:33 +02:00
Adam Johnson d17b380653 Refs #30573 -- Rephrased "Of Course" and "Obvious(ly)" in documentation and comments. 2020-05-04 12:10:47 +02:00
Hasan Ramezani 0538da08c5
Fixed #31172 -- Added note to translators for yesno filter. 2020-03-17 11:38:49 +01:00
Keshav Kumar f37d548ede Fixed #20995 -- Added support for iterables of template names to {% include %} template tag.
Thanks Adam Johnson for the review.
2020-02-18 06:56:05 +01:00
Patrick Seebauer e3d546a1d9 Fixed #31128 -- Fixed TemplateSyntaxError in simple_tag() and inclusion_tag() for kwargs. 2020-01-02 10:44:07 +01:00
Mike Hansen 35d36d9462 Refs #30585 -- Updated project templates and tests to use (block)translate tags. 2019-12-18 13:15:38 +01:00
Baptiste Mispelon 09341856ed Used Signature API instead of deprecated inspect.getcallargs().
inspect.getcallargs() was deprecated in Python 3.5 and the Signature
API (PEP 362) has better support for decorated functions (by default,
it follows the __wrapped__ attribute set by functools.wraps for
example).
2019-12-10 09:36:34 +01:00
Baptiste Mispelon 23af086665 Used full module import for inspect in template/base.py. 2019-12-10 08:29:30 +01:00
Hasan Ramezani 8d32290279 Fixed #30425 -- Handled jinja2.TemplateSyntaxError when rendering a template.
Jinja raises jinja2.TemplateSyntaxError in render() not in
get_template() when it's in an included template.
2019-11-27 12:48:07 +01:00
Jon Dufresne aa12cf07c9 Removed unnecessary numeric indexes in format strings. 2019-11-19 08:29:47 +01:00
Jon Dufresne 77aa74cb70 Refs #29983 -- Added support for using pathlib.Path in all settings. 2019-11-07 10:26:22 +01:00
Sky 3cf907c20c Fixed #30761 -- Prevented floatformat filter from returning a negative zero. 2019-10-31 10:48:35 +01:00
Hasan Ramezani e3d0b4d550 Fixed #30899 -- Lazily compiled import time regular expressions. 2019-10-29 09:22:26 +01:00
Alex Gaynor 04ac9b45a3 Improved performance of django.template.base.Parser.
pop(0), which is used to fetch each token, is O(n) in the length of the
list. By reversing the list and operating off the end, we can perform
next_token(), prepend_token(), and delete_first_token() in constant
time.
2019-10-09 08:33:16 +02:00
Min ho Kim 103a6f4307 Fixed some typos in comments and docs.
Thanks to Mads Jenson for review.
2019-10-02 15:50:46 +02:00
ElizabethU 54ea290e5b Fixed #30651 -- Made __eq__() methods return NotImplemented for not implemented comparisons.
Changed __eq__ to return NotImplemented instead of False if compared to
an object of the same type, as is recommended by the Python data model
reference. Now these models can be compared to ANY (or other objects
with __eq__ overwritten) without returning False automatically.
2019-10-01 17:58:19 +02:00
Mads Jensen 129583a0d3 Removed some outdated backwards compatibility imports and misleading comments.
EmptyResultSet moved in 46509cf13d.
FieldDoesNotExist moved in 8958170755.
BoundField and pretty_name moved in 8550161e53.
EMPTY_VALUES moved in 471596fc1a.
BaseRunserverCommand moved in 5c53e30607.
2019-09-24 15:18:53 +02:00
Mariusz Felisiak 3d716467a9 Refs #29817 -- Removed settings.FILE_CHARSET per deprecation timeline. 2019-09-10 12:01:00 +02:00
Jon Dufresne 9e38ed0536 Fixed #27486 -- Fixed Python 3.7 DeprecationWarning in intword and filesizeformat filters.
intword and filesizeformat passed floats to ngettext() which is
deprecated in Python 3.7. The rationale for this warning is documented
in BPO-28692: https://bugs.python.org/issue28692.

For filesizeformat, the filesize value is expected to be an int -- it
fills %d string formatting placeholders. It was likely coerced to a
float to ensure floating point division on Python 2. Python 3 always
does floating point division, so coerce to an int instead of a float to
fix the warning.

For intword, the number may contain a decimal component. In English, a
decimal component makes the noun plural. A helper function,
round_away_from_one(), was added to convert the float to an integer that
is appropriate for ngettext().
2019-06-11 20:34:59 +02:00