innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
django1/django
History
Simon Charette 065caafa70 [1.4.x] Fixed #23431 -- Allowed inline and hidden references to admin fields. 
This fixes a regression introduced by the 53ff096982 security fix.

Thanks to @a1tus for the report and Tim for the review.

refs #23329.

Backport of 342ccbd from master
 		2014-09-08 14:22:29 -04:00
..
bin Fixed #16225 -- Removed unused imports. Many thanks to Aymeric Augustin for the work on the patch and Alex for reviewing. 2011-07-13 09:35:51 +00:00
conf [1.4.x] Fixed #18144 -- Restored compatibility with SHA1 hashes with empty salt. 2013-02-25 20:18:04 +01:00
contrib [1.4.x] Fixed #23431 -- Allowed inline and hidden references to admin fields. 2014-09-08 14:22:29 -04:00
core [1.4.x] Fixed #23157 -- Removed O(n) algorithm when uploading duplicate file names. 2014-08-11 10:14:06 -04:00
db [1.4.x] Fixed queries that may return unexpected results on MySQL due to typecasting. 2014-04-21 18:31:44 -04:00
dispatch Fixed #16225 -- Removed unused imports. Many thanks to Aymeric Augustin for the work on the patch and Alex for reviewing. 2011-07-13 09:35:51 +00:00
forms [1.4.x] Revert "Fixed #13794 -- Fixed to_field usage in BaseInlineFormSet." 2014-07-14 21:09:38 -03:00
http [1.4.x] Dropped fix_IE_for_vary/attach. 2014-05-12 09:46:22 -04:00
middleware [1.4.x] Prevented leaking the CSRF token through caching. 2014-04-21 18:31:44 -04:00
shortcuts Fixed #15010 -- Added current_app parameter to close gap between TemplateResponse and render method. Thanks, acdha. 2011-01-05 22:41:43 +00:00
template [1.4.x] Prevented arbitrary file inclusion with {% ssi %} tag and relative paths. 2013-09-10 21:05:47 -04:00
templatetags Fixed #17255 -- Removed "as" prefix from new timezone template filter names for the sake of clarity. Cheers to Aymeric Augustin for bearing with me. 2011-11-18 15:00:08 +00:00
test [1.4.x] Fixed oversight in e3b6fed3. Refs #20636. 2013-06-24 21:00:28 +02:00
utils [1.4.x] Added additional checks in is_safe_url to account for flexible parsing. 2014-05-12 09:46:40 -04:00
views Fixed #18923 -- Corrected usage of sensitive_post_parameters in contrib.auth 2013-09-13 10:18:55 -04:00
__init__.py [1.4.x] Post release version bump. 2014-09-02 21:07:29 -04:00