Commit Graph

485 Commits

Author SHA1 Message Date
Claude Paroz 3d7a713156 Fixed typo in writing migrations docs 2015-07-01 09:16:17 +02:00
Luke Plant aef2a0ec59 Fixed #25018 -- Changed simple_tag to apply conditional_escape() to its output.
This is a security hardening fix to help prevent XSS (and incorrect HTML)
for the common use case of simple_tag.

Thanks to Tim Graham for the review.
2015-06-29 08:16:19 -04:00
Tim Graham b34d16b78d Added ALLOWED_HOSTS and SERVER_EMAIL details to deployment checklist. 2015-06-11 13:41:24 -04:00
Mark Henwood dee1bcd08a Fixed #24882 -- Documented Migration.run_before 2015-06-06 09:00:04 -04:00
Yamila Moreno f954c51720 Fixed #24926 -- Removed outdated information from deployment 2015-06-05 12:03:29 +02:00
Preston Timmons 655f524915 Fixed #17085, #24783 -- Refactored template library registration.
* Converted the ``libraries`` and ``builtins`` globals of
  ``django.template.base`` into properties of the Engine class.
* Added a public API for explicit registration of libraries and builtins.
2015-05-21 09:12:06 -05:00
Tim Graham 307acc745a Fixed #24630 -- Clarified docs about RunPython transactions.
Thanks Markus Holtermann for review.
2015-05-17 18:50:18 -04:00
Abhaya Agarwal 9de9c24017 Fixed #24105 -- Called Storage.get_valid_name() when upload_to is callable 2015-05-12 20:08:22 -04:00
Afriza N. Arief b295fcd19c Fixed typo in docs/howto/deployment/wsgi/apache-auth.txt 2015-04-13 07:50:23 -04:00
Tim Graham 6d7784a7b9 Fixed #24602 -- Removed obsolete reference to __metaclass__ in custom model fields docs.
Thanks schinckel for the report.
2015-04-08 08:35:35 -04:00
Tim Graham d9a30ed190 Updated location of database backend data_types attribute in docs. 2015-03-17 20:03:07 -04:00
Ian Lee 56cd87a5af Added link to section in docs/howto/custom-template-tags.txt. 2015-03-13 08:24:44 -04:00
Ian Lee 7614efa2f9 Fixed typo in docs/howto/custom-template-tags.txt. 2015-03-13 08:13:49 -04:00
Ian Lee 7f8588d22e Documented how to use a non-root subdirectory with mod_wsgi. 2015-03-12 20:08:37 -04:00
Erik Romijn fa350e2f30 Fixed #24464 -- Made built-in HTML template filter functions escape their input by default.
This may cause some backwards compatibility issues, but may also
resolve security issues in third party projects that fail to heed warnings
in our documentation.

Thanks Markus Holtermann for help with tests and docs.
2015-03-09 09:29:58 -04:00
Tim Graham 63f2dd4ad7 Fixed typo in docs/howto/custom-template-tags.txt 2015-03-09 07:06:09 -04:00
Ross Brunton 6b28e957df Fixed #24379 -- Documented that remote user example disables ModelBackend. 2015-03-02 19:53:11 -05:00
Ian Lee fde4857fb8 Added syntax highlighting for apache code blocks 2015-03-02 12:33:58 -05:00
Ian Lee 00fbd8fd52 Broke long lines in code examples.
The website only renders code blocks at 96 chars, and therefore
long code lines get wrapped. Manually breaking the lines prevents
the wrapping from occurring.
2015-02-23 07:45:37 -05:00
Sean Wang eba6dff581 Fixed #24358 -- Corrected code-block directives for console sessions. 2015-02-22 09:35:39 -05:00
Loic Bistuer bed504d70b Fixed #24351, #24346 -- Changed the signature of allow_migrate().
The new signature enables better support for routing RunPython and
RunSQL operations, especially w.r.t. reusable and third-party apps.

This commit also takes advantage of the deprecation cycle for the old
signature to remove the backward incompatibility introduced in #22583;
RunPython and RunSQL won't call allow_migrate() when when the router
has the old signature.

Thanks Aymeric Augustin and Tim Graham for helping shape up the patch.

Refs 22583.
2015-02-20 21:34:09 +07:00
Marc Tamlyn 32d4db66b9 Update converters to take a consistent set of parameters.
As suggested by Anssi. This has the slightly strange side effect of
passing the expression to Expression.convert_value has the expression
passed back to it, but it allows more complex patterns of expressions.
2015-02-20 11:35:52 +00:00
Aymeric Augustin 1bfcc950ab Set context.template instead of context.engine while rendering.
This opens more possibilities, like accessing context.template.origin.

It also follows the chain of objects instead of following a shortcut.
2015-02-19 22:08:11 +01:00
Aymeric Augustin 15b711b5ee Deprecated TEMPLATE_DEBUG setting. 2015-02-15 20:47:04 +01:00
Andrei Kulakov 1f9e44030e Fixed #23932 -- Added how-to on migrating unique fields. 2015-02-05 16:26:45 -05:00
darkryder 9ec8aa5e5d Fixed #24149 -- Normalized tuple settings to lists. 2015-02-03 14:59:45 -05:00
Tim Graham 570912a97d Added a "Writing migrations" how-to. 2015-02-03 13:09:54 -05:00
Preston Timmons cd4282816d Fixed #18651 -- Enabled optional assignments for simple_tag(). 2015-02-03 10:44:33 -05:00
Tim Graham c79faae761 Removed versionadded/changed notes for 1.7. 2015-02-01 21:02:40 -05:00
Tim Graham 0f169098ef Removed BaseCommand.validate() per deprecation timeline; refs #16905. 2015-01-18 14:49:51 -05:00
Tim Graham 4b8d3bbab5 Standardized indentation in docs/howto/custom-management-commands.txt. 2015-01-17 13:38:01 -05:00
Tim Graham 4a03d348c7 Removed BaseCommand.requires_model_validation per deprecation timeline. 2015-01-17 12:59:07 -05:00
Tim Graham 18192b9fa4 Replaced deprecated requires_model_validation in docs. 2015-01-17 12:51:50 -05:00
Tim Graham 00a11994a5 Removed support for AppCommand.handle_app() per deprecation timeline. 2015-01-17 12:34:34 -05:00
Tim Graham 4aa089a9a9 Removed support for custom SQL per deprecation timeline. 2015-01-17 10:16:06 -05:00
Tim Graham 67235fd4ef Removed support for initial_data fixtures per deprecation timeline. 2015-01-17 09:59:25 -05:00
Tim Graham 41f0d3d3bc Removed FastCGI support per deprecation timeline; refs #20766. 2015-01-17 08:32:31 -05:00
Carl Meyer 316b8d4974 Stripped headers containing underscores to prevent spoofing in WSGI environ.
This is a security fix. Disclosure following shortly.

Thanks to Jedediah Smith for the report.
2015-01-13 13:03:05 -05:00
Pavel Shpilev a7c256cb54 Fixed #9893 -- Allowed using a field's max_length in the Storage. 2015-01-12 09:09:18 -05:00
Aymeric Augustin 4797af2bb8 Updated custom template tags how-to.
Accounted for multiple template engines and made a few small fixes.
2015-01-10 20:17:22 +01:00
Aymeric Augustin ee8d5b91e9 Wrote main documentation for templates. 2015-01-10 20:16:19 +01:00
Anssi Kääriäinen 0c7633178f Fixed #24020 -- Refactored SQL compiler to use expressions
Refactored compiler SELECT, GROUP BY and ORDER BY generation.
While there, also refactored select_related() implementation
(get_cached_row() and get_klass_info() are now gone!).

Made get_db_converters() method work on expressions instead of
internal_type. This allows the backend converters to target
specific expressions if need be.

Added query.context, this can be used to set per-query state.

Also changed the signature of database converters. They now accept
context as an argument.
2015-01-08 14:07:54 -05:00
Claude Paroz f7c287fca9 Fixed #24073 -- Deactivated translations when leave_locale_alone is False
Thanks Tim Graham and Markus Holtermann for the reviews.
2015-01-07 20:11:24 +01:00
Daniel Pyrathon fb48eb0581 Fixed #12663 -- Formalized the Model._meta API for retrieving fields.
Thanks to Russell Keith-Magee for mentoring this Google Summer of
Code 2014 project and everyone else who helped with the patch!
2015-01-06 19:25:12 -05:00
Tim Graham d7fc6eb8ca Revert "Updated some docs for the delayed deprecation of legacy table creation; refs #22340."
This reverts commit a2e3c96948.

The deprecation was moved back to 1.9 in
61da5f3f02.
2014-12-30 11:50:50 -05:00
Aymeric Augustin cf0fd65ed4 Deprecated TEMPLATE_LOADERS. 2014-12-28 17:02:30 +01:00
Aymeric Augustin 3dc01aaaaf Deprecated ALLOWED_INCLUDE_ROOTS. 2014-12-28 17:02:30 +01:00
Christopher Grebs 508be27dbf Fixed #24057 -- Fixed typo in docs/howto/custom-lookups.txt. 2014-12-27 19:38:24 -05:00
Claude Paroz 337cd09836 Updated some other external links in the docs 2014-12-19 18:07:52 +01:00
Claude Paroz 0a4b04fc23 Used https for most *.python.org links 2014-12-19 18:07:52 +01:00
Quentin Pradet 6bc343d874 Fixed typo in docs/howto/custom-lookups.txt. 2014-12-08 07:18:54 -05:00
Vladimir Rutsky 1a408e42ee Add missing dot 2014-12-07 00:49:59 +03:00
Berker Peksag 560b4207b1 Removed redundant numbered parameters from str.format().
Since Python 2.7 and 3.1, "{0} {1}" is equivalent to "{} {}".
2014-12-03 14:27:38 -05:00
Danilo Bargen cdee865976 Fixed #23543 -- Added docs on testing management command output. 2014-11-24 10:23:25 -05:00
Daniel Roseman 524e71c9c2 Fixed #20435 -- Reordered the custom template tags docs.
Introduced the various shortcuts before explaining the more complex
parser/render functionality.

Also removed non-decorator syntax: it's been years since Django
supported a Python version without decorators.
2014-11-17 17:38:04 +01:00
Josh Smeaton f61256da3a Renamed qn to compiler 2014-11-16 13:19:34 +01:00
Berker Peksag 5c517ec218 Fixed versionchanged indentation in docs/. 2014-11-03 21:40:26 -05:00
Andy Chosak c0c78f1b70 Clarified custom lookups output_field documentation 2014-11-03 15:52:27 +02:00
James Brewer 332706eaa0 Fixed #23376 -- Made documentation about required Storage methods
consistent.

The following methods **should** be implemented, but are not required:

 * Storage.delete()
 * Storage.exists()
 * Storage.listdir()
 * Storage.size()
 * Storage.url()

Updated documentation to reflect this fact and give a couple of examples
where some methods may not be implemented. Add a warning that not
implementing some methods will result in a partial (possibly broken)
interface.

Ticket: https://code.djangoproject.com/ticket/23376
2014-11-03 03:32:41 -08:00
Berker Peksag affc04060f Converted seealso directives to use 4 space indendation. 2014-10-30 14:45:16 -04:00
Thomas Chaumeny 00aa562884 Fixed #23493 -- Added bilateral attribute to Transform 2014-10-28 10:02:10 +02:00
Tim Graham e460b1c573 Fixed #23708 -- Corrected mod_wsgi docs reference to nonexistent comment in wsgi.py.
Thanks inglesp for the report.
2014-10-27 18:17:50 -04:00
Tim Graham 4b0a45ce64 Fixed #23705 -- Removed unnecessary AliasMatch from example Apache config.
Thanks Keryn Knight for the report.
2014-10-23 08:15:54 -04:00
Collin Anderson 1b2debe896 Fixed #23637 -- Removed TUX, lighttpd, and Cherokee as common. 2014-10-15 08:28:27 -04:00
Marc Tamlyn 92a17eaae0 Fixed #23627 -- Allowed register_lookup to work as a decorator. 2014-10-09 18:44:58 +01:00
Corey Farwell 37b13033c6 Removed sudo from pip commands in docs. 2014-09-22 15:49:48 -04:00
Claude Paroz 5bf654e44b Fixed #23530 -- Specified PyYAML requirement in initial-data.txt
Thanks aks for the report.
2014-09-21 16:00:19 +02:00
Matt Robenolt b88e31348b Don't recommend using sudo when installing uwsgi 2014-09-19 22:58:49 -07:00
Tim Graham 52ef6a4726 Fixed #17101 -- Integrated django-secure and added check --deploy option
Thanks Carl Meyer for django-secure and for reviewing.

Thanks also to Zach Borboa, Erik Romijn, Collin Anderson, and
Jorge Carleitao for reviews.
2014-09-12 15:05:23 -04:00
Tim Graham c7f7432be5 Fixed #23350 -- Updated mod_wsgi auth example to use less memory.
Thanks Graham Dumpleton for the report.
2014-09-09 09:32:19 -04:00
Sébastien Fievet f36ab2d3f2 Fixed typo in docs/howto/custom-lookups.txt. 2014-09-07 11:29:20 +02:00
Collin Anderson fa74dba994 Refs #23430 -- gunicorn wants a module, not file 2014-09-06 08:13:45 -07:00
Collin Anderson 77b3907d6d Fixed #23430 -- simplified gunicorn deployment docs. 2014-09-05 20:36:35 -04:00
Marc Tamlyn e9103402c0 Fixed #18757, #14462, #21565 -- Reworked database-python type conversions
Complete rework of translating data values from database

Deprecation of SubfieldBase, removal of resolve_columns and
convert_values in favour of a more general converter based approach and
public API Field.from_db_value(). Now works seamlessly with aggregation,
.values() and raw queries.

Thanks to akaariai in particular for extensive advice and inspiration,
also to shaib, manfre and timograham for their reviews.
2014-09-03 20:36:03 +01:00
Claude Paroz 3a44e20005 Fixed #23374 -- Renamed StaticLiveServerCase to StaticLiveServerTestCase
Refs #20739. Thanks Raphaël Hertzog for the report and the initial
patch.
2014-08-28 08:44:26 +02:00
Tim Graham a3e88e64a4 Fixed spelling mistake in file docs. 2014-08-26 09:44:24 -04:00
Tim Graham 0d8d30b7dd Fixed #23157 -- Removed O(n) algorithm when uploading duplicate file names.
This is a security fix. Disclosure following shortly.
2014-08-20 14:39:40 -04:00
areski 9d6551204e Removed unnecessary code-block directives. 2014-08-19 16:44:25 -04:00
Tim Graham b6aa60f425 Fixed #14638 -- Clarified model Field.to_python() docs.
Thanks Anubhav Joshi for the patch.
2014-08-18 12:53:25 -04:00
Tim Graham 99561eef26 Fixed typo in docs/howto/custom-model-fields.txt. 2014-08-15 07:18:04 -04:00
Andreas Stocker f3ef55ea7a Fixed #23257 -- Updated docs for new django-jython release. 2014-08-08 12:31:56 -04:00
Tim Graham 75f2c65cb6 Fixed #23154 -- Removed reference to deprecated run_gunicorn command.
Thanks frewsxcv for the report.
2014-08-02 15:02:29 -04:00
Christoph Heer d47409831f Fixed #23067 -- Updated docs to use django-admin 2014-07-30 14:14:03 -04:00
Jorge C. Leitão e1fa7dffdc Fixed #22809 -- Added model Field API reference.
Thanks to @timgraham for the review.
2014-07-10 06:03:04 -04:00
Jorge C. Leitão 8780849da0 Fixed #22812 -- Refactored lookup API documentation.
Thanks Anssi and Tim for reviews.
2014-07-08 20:05:49 -04:00
Tim Graham 54546cee88 Fixed #22942 -- Noted that __init__.py files are required for management command detection.
Thanks Diego Cerdán for the suggestion.
2014-07-07 18:04:00 -04:00
Daniel Hahler 67f9f385aa Fixed various minor doc typos / references. 2014-07-05 20:26:26 -04:00
Gert Van Gool a8c5630c98 Fixed typo in parameter name doc for BaseCommand.check(). 2014-06-26 07:23:32 -04:00
Maxime Turcotte 9996158db4 Fixed #22835 -- Deprecated NoArgsCommand. 2014-06-19 08:54:59 -04:00
Claude Paroz cbff097bd9 Documented optparse to argparse changes for management commands 2014-06-14 13:42:43 +02:00
Greg Chapple 4123f55c33 Added link to data migrations in initial data deprecation note 2014-06-11 19:46:57 +01:00
Tim Graham a1be7237ca Fixed #22619 -- Corrected description of os.path.
Thanks Collin Anderson for the report.
2014-05-12 18:56:34 -04:00
Tim Graham a2e3c96948 Updated some docs for the delayed deprecation of legacy table creation; refs #22340. 2014-05-07 09:04:01 -04:00
Andrew Godwin 827d5dc189 Improve docs around deconstruction/serialisation (refs #22337) 2014-05-06 23:06:41 -07:00
Tim Graham fb7c347f7b Fixed #1349 -- Clarified docs on serving files from STATIC/MEDIA_URL. 2014-05-05 07:36:53 -04:00
Andrew Godwin 13ec89f267 Fix docs error with deconstruct() docs 2014-05-03 16:18:26 -07:00
Tim Graham b829d53b37 Fixed #22497 -- Highlighted difference between field and class deconstruction.
Thanks nliberg for the suggestion.
2014-04-28 08:18:43 -04:00
Claude Paroz 2128b3a688 Specified 'csv and unicode' note as Python 2 only 2014-04-26 16:09:19 +02:00
Erik Romijn 75c0d4ea3a Fixed queries that may return unexpected results on MySQL due to typecasting.
This is a security fix; disclosure to follow shortly.
2014-04-21 18:11:26 -04:00
Aymeric Augustin bbe818b23c Changed paths in docs that referred to Python 2. 2014-04-20 08:34:01 +02:00