Commit Graph

2183 Commits

Author SHA1 Message Date
Krzysztof Jurewicz 940b7fd5cb Fixed #21446 -- Allowed not performing redirect in set_language view
Thanks Claude Paroz and Tim Graham for polishing the patch.
2016-03-29 22:15:14 +02:00
Alex Hill 4b2cf1cd27 Fixed #26384 -- Fixed renaming the PK on a model with a self-referential FK on SQLite. 2016-03-29 13:25:09 -04:00
Daniel Wiesmann 870dd1d38b Fixed #26417 -- Allowed setting GDALBand data with partial values. 2016-03-29 11:08:36 -04:00
Claude Paroz 03b6947728 Fixed #24932 -- Added Cast database function.
Thanks Ian Foote for the initial patch.
2016-03-29 08:14:33 -04:00
Kai Feldhoff 5336158990 Fixed #25759 -- Added keyword arguments to customize Expressions' as_sql(). 2016-03-29 08:09:58 -04:00
Simon Charette 67cf5efa31 Fixed #26413 -- Fixed a regression with abstract model inheritance and explicit parent links.
Thanks Trac alias trkjgrdg for the report and Tim for investigation and review.
2016-03-28 21:11:37 -04:00
Tim Graham acfaec3db5 Fixed #26387 -- Restored the functionality of the admin's raw_id_fields in list_editable. 2016-03-25 13:47:42 -04:00
ieatkittens 9390da7fb6 Fixed #26293 -- Fixed CommonMiddleware to process PREPEND_WWW and APPEND_SLASH independently. 2016-03-23 09:23:19 -04:00
Alexander Gaevsky 107165c4b0 Fixed #24987 -- Allowed inactive users to login with the test client. 2016-03-23 09:01:52 -04:00
Alexander Gaevsky e0a3d93730 Fixed #25232 -- Made ModelBackend/RemoteUserBackend reject inactive users. 2016-03-23 09:01:48 -04:00
Berker Peksag 157d7f1f1d Fixed #25388 -- Added an option to allow disabling of migrations during test database creation 2016-03-23 08:21:30 +08:00
Jason Parrott 4c1c93032f Fixed #26373 -- Fixed reverse lookup crash with a ForeignKey to_field in a subquery. 2016-03-19 17:54:29 -04:00
José Tomás Tocino 39a16dd2e0 Fixed #25658 -- Allowed inspectdb to inspect a specific set of tables. 2016-03-18 08:41:15 -04:00
Berker Peksag 28bcff82c5 Fixed #26297 -- Fixed `collectstatic --clear` crash if storage doesn't implement path(). 2016-03-17 09:49:57 -04:00
Alex Hill ecb59cc657 Fixed #26306 -- Fixed memory leak in cached template loader. 2016-03-16 12:37:57 -04:00
Collin Anderson 93a135d111 Fixed #26158 -- Rewrote http.parse_cookie() to better match browsers. 2016-03-15 12:24:06 -04:00
Vincenzo Pandolfo d0fe6c9156 Fixed #26334 -- Removed whitespace stripping from contrib.auth password fields. 2016-03-14 20:20:24 -04:00
Jakub Wilk 402da9ab7b Fixed typos in docs. 2016-03-13 19:48:24 +01:00
Tim Graham 4f0cd0fd16 Fixed #26324 -- Fixed DurationField with fractional seconds on SQLite. 2016-03-10 12:18:29 -05:00
Przemysław Suliga 96ec67a7cf Fixed #26332 -- Fixed a race condition in BaseCache.get_or_set(). 2016-03-08 11:44:37 -05:00
Bas Westerbaan b4250ea04a Fixed #26033 -- Added Argon2 password hasher. 2016-03-08 11:22:18 -05:00
Saúl Ibarra Corretgé 6c33e73333 Fixed #26289 -- Enabled shell tab completion on systems using libedit. 2016-03-08 08:37:14 -05:00
Krzysztof Urbaniak 839a955d08 Fixed #25933 -- Allowed an unprefixed default language in i18n_patterns(). 2016-03-08 08:14:10 -05:00
John-Mark Bell 4b129ac81f Fixed #26325 -- Made MultiPartParser ignore filenames that normalize to an empty string. 2016-03-07 13:19:39 -05:00
Jon Dufresne 1845bc1d10 Refs #26315 -- Cleaned up argparse options in commands.
* Removed type coercion. Options created by argparse are already coerced
  to the correct type.
* Removed fallback default values. Options created by argparse already
  have a default value.
* Used direct indexing. Options created by argparse are always set. This
  eliminates the need to use dict.get().
2016-03-05 13:19:29 -05:00
Jon Dufresne 4115288b4f Fixed #26315 -- Allowed call_command() to accept a Command object as the first argument. 2016-03-05 13:05:10 -05:00
Tim Graham bc0410d98a Fixed typo in docs/releases/1.8.12.txt. 2016-03-05 10:02:29 -05:00
Tim Graham c960af4adb Added stub release notes for 1.9.5/1.8.12. 2016-03-05 10:00:40 -05:00
Claude Paroz 552f03869e Added safety to URL decoding in is_safe_url() on Python 2
The errors='replace' parameter to force_text altered the URL before checking
it, which wasn't considered sane. Refs 24fc935218 and ada7a4aef.
2016-03-04 23:33:35 +01:00
Claude Paroz ada7a4aefb Fixed #26308 -- Prevented crash with binary URLs in is_safe_url()
This fixes a regression introduced by c5544d2892.
Thanks John Eskew for the reporti and Tim Graham for the review.
2016-03-04 21:14:14 +01:00
Tim Graham cecbf1bdef Fixed typo in docs/releases/1.9.1.txt. 2016-03-04 14:16:56 -05:00
Tim Graham 2f0c785a4c Added stub release notes for 1.8.11. 2016-03-04 09:47:43 -05:00
Simon Charette d0451e4cad Fixed #26295 -- Allowed using i18n_patterns() in any root URLconf.
Thanks Tim for the review.
2016-03-03 12:08:49 -05:00
Alasdair Nicol 2404d209a5 Fixed #26309 -- Documented that login URL settings no longer support dotted paths. 2016-03-03 07:34:14 -05:00
Simon Charette c92123cc1d Fixed #26226 -- Made related managers honor the queryset used for prefetching their results.
Thanks Loïc for the suggested improvements and Tim for the review.
2016-03-02 16:10:18 -05:00
Marc Tamlyn 8ddc79a799 Fixed #26285 -- Deprecated the MySQL-specific __search lookup. 2016-03-02 14:41:56 -05:00
acrefoot 04240b2365 Refs #19527 -- Allowed QuerySet.bulk_create() to set the primary key of its objects.
PostgreSQL support only.

Thanks Vladislav Manchev and alesasnouski for working on the patch.
2016-03-02 14:29:09 -05:00
Dmitry Dygalo 5155c2b458 Fixed typo in 1.9.3/1.8.10 release date. 2016-03-02 07:08:36 -05:00
Tim Graham 2e895d2870 Added stub release notes for 1.9.4. 2016-03-01 12:39:01 -05:00
Tim Graham 24fc935218 Added CVE-2016-2512/2513 to security release archive. 2016-03-01 12:32:42 -05:00
Florian Apolloner 67b46ba701 Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
This is a security fix.
2016-03-01 11:25:28 -05:00
Mark Striemer c5544d2892 Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.
This is a security fix.
2016-03-01 11:25:28 -05:00
Tim Graham f43291639b Added stub release notes for security issues. 2016-03-01 11:25:28 -05:00
Simon Charette 0223e213dd Fixed #26186 -- Documented how app relative relationships of abstract models behave.
This partially reverts commit bc7d201bdb.

Thanks Tim for the review.

Refs #25858.
2016-02-29 22:07:05 -05:00
chenesan b84f5ab4ec Fixed #26230 -- Made default_related_name affect related_query_name. 2016-02-27 08:48:32 -05:00
Simon Charette 3938b3ccaa Fixed #26286 -- Prevented content type managers from sharing their cache.
This should prevent managers methods from returning content type instances
registered to foreign apps now that these managers are also attached to models
created during migration phases.

Thanks Tim for the review.

Refs #23822.
2016-02-26 16:18:16 -05:00
Adam Chainz ef33bc2d4d Fixed #25279 -- Made prefetch_related_objects() public. 2016-02-26 14:55:01 -05:00
Simon Charette 766afc22a1 Fixed #24793 -- Unified temporal difference support. 2016-02-26 12:25:12 -05:00
Ivan Tsouvarev 8890c533e0 Fixed #26280 -- Fixed cached template loader crash when loading nonexistent template. 2016-02-26 08:02:10 -05:00
Sjoerd Job Postmus bbe136e1a2 Fixed #26231 -- Used .get_username in admin login template. 2016-02-25 19:29:53 -05:00