Commit Graph

395 Commits

Author SHA1 Message Date
Jon Dufresne b3cffde555 Fixed #29324 -- Made Settings raise ImproperlyConfigured if SECRET_KEY is accessed and not set. 2018-04-17 13:02:05 -04:00
Alex Gaynor 9a56b4b13e Fixed #27863 -- Added support for the SameSite cookie flag.
Thanks Alex Gaynor for contributing to the patch.
2018-04-13 20:58:31 -04:00
Tim Graham 5b589a47b9
Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS. 2018-02-26 09:05:18 -05:00
Ashaba 95fd5cf459 Fixed #28403 -- Added missing formats in FORMAT_MODULE_PATH docs. 2018-01-24 13:38:15 -05:00
Frédéric Massart a5f1e5809f Clarified who the AdminEmailHandler emails. 2017-11-21 11:49:15 -05:00
Дилян Палаузов 6c0042430e Fixed #28776 -- Fixed a/an/and typos in docs and comments. 2017-11-06 22:41:03 -05:00
Tim Graham afd375fc34
Fixed #28741 -- Removed unnecessary leading dot from cross-domain cookie examples. 2017-11-01 10:57:59 -04:00
Tim Graham 0edff2107f Refs #28248 -- Clarified the precision of PASSWORD_RESET_TIMEOUT_DAYS. 2017-10-12 14:58:18 -04:00
Jon Ribbens 44f08422c8 Fixed #28625 -- Distinguished DATABASES['TIME_ZONE'] from settings.TIME_ZONE. 2017-09-28 09:42:08 -04:00
Tim Graham 5446b72003 Removed versionadded/changed annotations for 1.11. 2017-09-22 12:51:18 -04:00
Tim Graham 48d57788ee Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline. 2017-09-22 12:51:18 -04:00
Tim Graham c7d58c6f43 Fixed #28435 -- Removed inaccurate warning about SECURE_HSTS_PRELOAD. 2017-07-25 15:12:50 -04:00
Laura e58c87cb70 Fixed #28336 -- Fixed typo in docs/ref/settings.txt. 2017-06-27 21:41:10 -04:00
Mariusz Felisiak 516b7664dc Fixed #28260 -- Allowed customizing the test tablespace initial and autoextend size on Oracle.
Thanks Tim Graham for the review.
2017-06-02 18:35:56 +02:00
François Freitag 88336fdbb5 Fixed #28062 -- Added a setting to disable server-side cursors on PostgreSQL.
When a connection pooler is set up in transaction pooling mode, queries
relying on server-side cursors fail. The DISABLE_SERVER_SIDE_CURSORS
setting in DATABASES disables server-side cursors for this use case.
2017-05-06 06:59:04 -04:00
Mariusz Felisiak a3af8c99d9 Removed extra characters in docs header underlines. 2017-03-20 18:30:32 -04:00
Tim Graham c577d8a498 Described DEBUG_PROPAGATE_EXCEPTIONS behavior in more detail. 2017-03-09 12:18:17 -05:00
Tim Graham 80493b0871 Fixed #27829 -- Deprecated settings.DEFAULT_CONTENT_TYPE. 2017-02-16 07:59:44 -05:00
Claude Paroz c651331b34 Converted usage of ugettext* functions to their gettext* aliases
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
Tim Graham e27e4c0339 Removed versionadded/changed annotations for 1.10. 2017-01-17 20:52:05 -05:00
Tim Graham d334f46b7a Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES. 2017-01-17 20:52:04 -05:00
Tim Graham 9e734875fe Fixed #24994 -- Documented the expected type of settings.SECRET_KEY. 2016-12-28 07:36:37 -05:00
Preston Timmons b52c73008a Fixed #15667 -- Added template-based widget rendering.
Thanks Carl Meyer and Tim Graham for contributing to the patch.
2016-12-27 17:50:10 -05:00
Tim Graham c27104a9c7 Fixed #27611 -- Doc'd that CSRF_COOKIE_HTTPONLY setting offers no security. 2016-12-19 17:56:58 -05:00
Raphael Michel ddf169cdac Refs #16859 -- Allowed storing CSRF tokens in sessions.
Major thanks to Shai for helping to refactor the tests, and to
Shai, Tim, Florian, and others for extensive and helpful review.
2016-11-30 08:57:27 -05:00
Ian Lee 501c993010 Fixed typo in docs/ref/settings.txt. 2016-11-11 07:01:48 -05:00
Tim Graham 7fe2d8d940 Fixed CVE-2016-9014 -- Validated Host header when DEBUG=True.
This is a security fix.
2016-11-01 09:30:57 -04:00
Marti Raudsepp da7910d483 Fixed CVE-2016-9013 -- Generated a random database user password when running tests on Oracle.
This is a security fix.
2016-11-01 09:30:57 -04:00
Tim Graham de91c172cf Fixed #27410 -- Clarified when static files is enabled in STATIC_ROOT docs. 2016-10-31 15:17:40 -04:00
Tim Graham 414ad25b09 Fixed #27327 -- Simplified time zone handling by requiring pytz. 2016-10-27 08:53:20 -04:00
Marti Raudsepp 51fbe2a60d Updated postgresql.org links to https and made them canonical. 2016-10-25 11:43:32 -04:00
Denis Cornehl a840710e1e Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware. 2016-10-10 14:55:59 -04:00
Tim Graham 9819676676 Updated links to the current version of MySQL docs. 2016-09-30 09:14:17 -04:00
Tim Graham 43c471e81c Fixed typo in docs/ref/settings.txt. 2016-09-15 19:52:49 -04:00
Tim Graham ef021412d5 Normalized spelling of ETag. 2016-09-09 11:00:21 -04:00
Ed Morley 1d54fb4483 Made settings docs link to cache parameters more specific. 2016-08-31 12:31:30 -04:00
Chris Jerdonek a3db480393 Fixed #27061 -- Added a TEST['TEMPLATE'] setting for PostgreSQL. 2016-08-23 15:08:20 -04:00
Ed Morley 3c2447dd13 Fixed #26947 -- Added an option to enable the HSTS header preload directive. 2016-08-10 20:23:54 -04:00
Ed Morley 8c3bc5cd78 Fixed docs to refer to HSTS includeSubdomains as a directive.
The spec refers to it as a 'directive' rather than a 'tag':
https://tools.ietf.org/html/rfc6797#section-6.1.2
2016-08-08 20:20:49 -04:00
Claude Paroz 255fb99284 Fixed #17209 -- Added password reset/change class-based views
Thanks Tim Graham for the review.
2016-07-16 10:36:12 +02:00
Tim Graham 944e66cb1d Reverted "Fixed #25388 -- Added an option to allow disabling of migrations during test database creation"
This reverts commit 157d7f1f1d since it
disables migrations all the time, not just during tests.
2016-07-14 09:21:28 -04:00
Claude Paroz 78963495d0 Refs #17209 -- Added LoginView and LogoutView class-based views
Thanks Tim Graham for the review.
2016-06-24 10:45:13 +02:00
jasisz b5a1c3a6f5 Fixed #25920 -- Added support for non-uniform NUMBER_GROUPING. 2016-06-22 17:28:49 -04:00
Tobias McNulty 17e661641d Refs #26666 -- Added ALLOWED_HOSTS validation when running tests.
Also used ALLOWED_HOSTS to check for external hosts in assertRedirects().
2016-06-20 11:07:46 -04:00
Anton I. Sipos c3495bb984 Fixed #12666 -- Added EMAIL_USE_LOCALTIME setting.
When EMAIL_USE_LOCALTIME=True, send emails with a Date header
in the local time zone.
2016-06-04 09:55:50 -04:00
Tim Graham 46a38307c2 Removed versionadded/changed annotations for 1.9. 2016-05-20 11:44:29 -04:00
Tim Graham ece4d24f8e Refs #26601 -- Deprecated old-style middleware. 2016-05-17 07:22:26 -04:00
Florian Apolloner 9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Andre Cruz 929684d6ee Fixed #21231 -- Enforced a max size for GET/POST values read into memory.
Thanks Tom Christie for review.
2016-05-12 10:17:52 -04:00
Tim Graham f5ff5010cd Fixed #26483 -- Updated docs.python.org links to use Intersphinx. 2016-05-08 18:07:43 -04:00