innov
/
django1
1
0
Fork 0
Code Issues Pull Requests 1 Projects Releases Wiki Activity
django1/django/contrib
History
Jacob Kaplan-Moss 6e748b5db4 Fixed #11457: tightened the security check for "next" redirects after logins. 
The new behavior still disallows redirects to off-site URLs, but now allows
redirects of the form `/some/other/view?foo=http://...`.

Thanks to brutasse.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12635 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 		2010-03-01 19:58:53 +00:00
..
admin Fixed #11791: Put hidden input elements in the change list inside td elements so they're valid HTML. Thanks panni and mlavin. 2010-03-01 18:43:27 +00:00
admindocs Fixed #6587 -- Removed nasty __path__ hacking in templatetag loading. Thanks to Øyvind Satvik and Andrew Badr for their work on this patch. 2010-01-26 01:38:50 +00:00
auth Fixed #11457: tightened the security check for "next" redirects after logins. 2010-03-01 19:58:53 +00:00
comments Fixed #6188, #6304, #6618, #6969, #8758, #8989, #10334, #11069, #11973 and #12403 -- Modified the syndication framework to use class-based views. Thanks to Ben Firshman for his work on this patch. 2010-01-28 13:46:18 +00:00
contenttypes Fixed #12561. InlineAdmin now respects can_delete=False. Thanks, nessita. 2010-02-23 17:14:50 +00:00
csrf Moved contrib.csrf.* to core code. 2009-10-27 00:36:34 +00:00
databrowse Fixed #12443 - Don't use thousand separators on year numbers. 2010-01-01 21:40:19 +00:00
flatpages Fixed #12358 - csrf_token template tag does not work with flatpages. 2010-02-04 21:47:19 +00:00
formtools Fixed #12981 -- Removed some stray tabs. Thanks to loewis for the report. 2010-02-27 05:38:17 +00:00
gis Removed more stray tabs in Python files. 2010-02-27 16:30:27 +00:00
humanize Fixed #11783 -- ordinal template tag now catches TypeError. Thanks, realpolitik and punteney 2010-01-10 21:37:20 +00:00
localflavor Changed a whole bunch of places to raise exception instances instead of old-style raising exception classes plus a comma. Good for the future Python 3 conversion 2010-01-10 18:36:20 +00:00
markup Changed a whole bunch of places to raise exception instances instead of old-style raising exception classes plus a comma. Good for the future Python 3 conversion 2010-01-10 18:36:20 +00:00
messages Small optimization on r12285 2010-01-25 18:14:30 +00:00
redirects Cleaned up a bunch of minor doc stuff: 2008-09-02 16:42:13 +00:00
sessions Changed a whole bunch of places to raise exception instances instead of old-style raising exception classes plus a comma. Good for the future Python 3 conversion 2010-01-10 18:36:20 +00:00
sitemaps Fixed #8574 -- Made Sitemap a new-style class 2008-09-17 04:56:04 +00:00
sites Changed a whole bunch of places to raise exception instances instead of old-style raising exception classes plus a comma. Good for the future Python 3 conversion 2010-01-10 18:36:20 +00:00
syndication Fixed #6188, #6304, #6618, #6969, #8758, #8989, #10334, #11069, #11973 and #12403 -- Modified the syndication framework to use class-based views. Thanks to Ben Firshman for his work on this patch. 2010-01-28 13:46:18 +00:00
webdesign Fixed #6481 -- Fixed a bunch of import problems (and some whitespace cleanups). 2008-02-19 00:08:08 +00:00
__init__.py Created django.contrib and moved comments into it 2005-07-14 18:20:03 +00:00