django1/django/template
Markus Holtermann 0142204606 [4.0.x] Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag.
Thanks Keryn Knight for the report.

Backport of 394517f078 from main.

Co-authored-by: Adam Johnson <me@adamj.eu>
2022-02-01 07:43:45 +01:00
..
backends Fixed #27827 -- Used "raise from" when raising InvalidTemplateLibrary exceptions in get_package_libraries(). 2020-12-28 07:31:37 +01:00
loaders Refs #15053 -- Clarified debug message when skipping templates to avoid recursion. 2020-11-21 10:49:31 +01:00
__init__.py Fixed #25791 -- Implement autoreload behaviour for cached template loader. 2020-11-05 15:30:52 +01:00
autoreload.py Fixed #32744 -- Normalized to pathlib.Path in autoreloader check for template changes. 2021-05-26 09:41:29 +02:00
base.py Refs #32919 -- Simplified Lexer.create_token() by reorganizing blocks. 2021-08-25 13:14:35 +02:00
context.py Fixed #30651 -- Made __eq__() methods return NotImplemented for not implemented comparisons. 2019-10-01 17:58:19 +02:00
context_processors.py Bumped minimum isort version to 5.1.0. 2020-07-30 10:58:59 +02:00
defaultfilters.py [4.0.x] Fixed CVE-2021-45116 -- Fixed potential information disclosure in dictsort template filter. 2022-01-04 10:10:14 +01:00
defaulttags.py [4.0.x] Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag. 2022-02-01 07:43:45 +01:00
engine.py Refs #24121 -- Added __repr__() to Engine 2021-06-01 07:44:36 +02:00
exceptions.py Refs #27656 -- Updated django.template/tag docstring verbs according to PEP 257. 2017-02-17 11:29:38 -05:00
library.py Fixed #33036 -- Made simple_tag()/inclusion_tag() with takes_context raise TemplateSyntaxError when function has no parameters. 2021-08-19 07:39:55 +02:00
loader.py Refs #27656 -- Updated django.template/tag docstring verbs according to PEP 257. 2017-02-17 11:29:38 -05:00
loader_tags.py Refs #24121 -- Added __repr__() to AdminForm, BlockContext, BlockTranslateNode, and IncludeNode. 2021-06-10 12:47:53 +02:00
response.py Fixed #32002 -- Added headers parameter to HttpResponse and subclasses. 2020-10-07 09:19:57 +02:00
smartif.py Refs #27656 -- Updated django.template/tag docstring verbs according to PEP 257. 2017-02-17 11:29:38 -05:00
utils.py Refs #29983 -- Added support for using pathlib.Path in all settings. 2019-11-07 10:26:22 +01:00