96790fc022
[1.5.x] Made a couple of selenium tests wait for page loaded
...
The admin_widgets tests were issuing click() to the browser but
didn't wait for the effects of those clicks. This caused the resulting
request to be processed concurrently with the test case. When using
in-memory SQLite this caused weird failures.
Also added wait_page_loaded() to admin selenium tests for code
reuse.
Fixed #19856 , backpatch of 50677b29af
2013-02-21 00:01:07 +02:00
8ad436636f
[1.5.x] Fixed #19672 -- Error in negated Q() filtering
...
There was a variable overwrite error in negated join filtering. This
happened when add_filter() was adding the IS NULL condition to the
WHERE clause.
This is not a backport from master as there have been some other
refactorings which made this patch irrelevant.
The patch is from Ian Kelly.
2013-02-20 21:57:39 +02:00
8d4342f2c9
[1.5.x] Fixed #19857 -- Fixed broken docs link in project template.
2013-02-19 18:43:28 -07:00
c7f80b428b
Don't characterize XML vulnerabilities as DoS-only.
2013-02-19 18:20:08 -07:00
23ef6e1baf
[1.5.X] Fixed #19728 - Updated API stability doc to reflect current meaning of "stable".
...
Backport of 132d5822b0
2013-02-19 18:20:46 -05:00
4f99b0b635
[1.5.X] Fixed typo in docs/topics/class-based-views/generic-display.txt
...
Backport of 22d5e4b4af
2013-02-19 16:32:59 -05:00
18d920ea48
[1.5.x] Bump version numbers for security release.
2013-02-19 14:15:33 -06:00
84ce990c07
[1.5.x] Update 1.5 release notes for XML and formset fixes.
2013-02-19 10:39:04 -07:00
3ef4bbf495
[1.5.x] Added a default limit to the maximum number of forms in a formset.
...
This is a security fix. Disclosure and advisory coming shortly.
2013-02-19 10:39:04 -07:00
0e46c7f7ac
[1.5.x] Checked object permissions on admin history view.
...
This is a security fix. Disclosure and advisory coming shortly.
Patch by Russell Keith-Magee.
2013-02-19 10:39:04 -07:00
2d0c22e02d
[1.5.x] Restricted the XML deserializer to prevent DoS attacks.
...
This is a security fix. Disclosure and advisory coming shortly.
2013-02-19 10:39:03 -07:00
a7e33c5bf3
[1.5.x] Added a new required ALLOWED_HOSTS setting for HTTP host header validation.
...
This is a security fix; disclosure and advisory coming shortly.
2013-02-19 10:39:03 -07:00
5d853db90e
[1.5.X] Fixed #19717 - Removed mentions of "root QuerySet" in docs.
...
Thanks julien.aubert.mail@ for the report and James Pic for the patch.
Backport of 64d0f89ab1
2013-02-18 09:36:49 -05:00
94ef17e2c2
[1.5.x] Corrected INSTALLED_APPS syntax in 1.5 release notes.
...
Backport of 9c2066d5
2013-02-18 00:55:22 +11:00
ba794f68bf
[1.5.x] Fixed #19824 - Corrected the class described for Field.primary_key from IntegerField to AutoField.
...
Thanks Keryn Knight.
Backport of 218bbef0c4
2013-02-16 18:34:18 -05:00
ad2b091c1f
[1.5.x] Fixed #19812 - Removed a duplicate phrase in the widget docs.
...
Thanks diegueus9 for the report and itsallvoodoo for the draft patch.
Backport of 7a80904b00
2013-02-16 18:25:03 -05:00
5c3c8bf09a
[1.5.x] Fixed #19719 - Removed misleading example from ModelForm documentation
...
Backport of 976dc07baf
2013-02-16 18:05:35 -05:00
41848b078a
[1.5.x] Fixed #19833 -- Fixed import parameter encoding in get_runner
...
Thanks Danilo Bargen for the report.
Backport of 63236161
2013-02-16 13:32:03 +01:00
461d6e2295
[1.5.x] Refs #14881 -- Document that User models need to have an integer primary key.
...
Thanks to Kaloian Minkov for the reminder about this undocumented requirement.
(cherry picked from commit 91c26eadc9
2013-02-16 10:21:45 +08:00
5a803ce10e
[1.5.x] Fixed geos test to prevent random failure
...
Points in the test fixtures have 20 as max coordinate.
Backport of 87854b0bdf
2013-02-15 20:15:31 +01:00
1b54c85a53
[1.5.x] Avoided unneeded assertion on Python 3
...
Fixes failure introduced in 02e5909f7a
2013-02-15 16:11:53 +01:00
5921f15c11
[1.5.x] Fixed #19807 -- Sanitized getpass input in createsuperuser
...
Python 2 getpass on Windows doesn't accept unicode, even when
containing only ascii chars.
Thanks Semmel for the report and tests.
Backport of 02e5909f7a
2013-02-15 15:51:17 +01:00
42e87c17f2
[1.5.x] Fixed #19829 -- Fixed index lookups for NumPy arrays in templates.
...
Backport of 7d5e35cdb4
2013-02-15 00:18:49 -08:00
bc6746ac30
[1.5.x] Fixed #19822 -- Added validation for uniqueness on USERNAME_FIELD on custom User models.
...
Thanks to Claude Peroz for the draft patch.
(cherry picked from commit f5e4a699ca
2013-02-15 09:02:14 +08:00
1c086df50e
[1.5.x] Fix filtering during collection of paths in setup.py
...
Thanks Marek Brzóska for the report.
f179a5198e
2013-02-14 20:47:41 -03:00
89ce55b301
[1.5.x] Mention backward relationships in aggregate docs.
...
Thanks Anssi and Marc Tamlyn for reviewing.
Fixes #19803 .
0560bfb705
2013-02-14 20:47:04 -03:00
e7ab0d35c1
[1.5.x] Typo in i18n docs.
...
112c6e987d
2013-02-14 20:46:27 -03:00
6f29147488
[1.5.x] Fixed #19729 -- Removed leftover refactoring helper variables.
...
Thanks chrismedrela for the report.
Refs #6262 , 44b90764d94c0c826d9de00e
2013-02-14 20:45:36 -03:00
cfdc003ab7
[1.5.x] Fixed #19823 -- Fixed memcached code example in cache docs
...
Backport of 668d0b8d
2013-02-14 11:25:07 +01:00
f83bec4847
[1.5.x] Fix admindocs on Python 3, where None cannot be sorted with strings.
...
This fixes two tests in admin_views which were failing on Python 3, but only if
the tests were run with docutils installed.
2013-02-12 17:12:44 -07:00
743263a105
[1.5.x] Removed try-except in django.db.close_connection()
...
The reason was that the except clause needed to remove a connection
from the django.db.connections dict, but other parts of Django do not
expect this to happen. In addition the except clause was silently
swallowing the exception messages.
Refs #19707 , special thanks to Carl Meyer for pointing out that this
approach should be taken.
2013-02-13 00:22:10 +02:00
77f6eb2a60
[1.5.x] Made custom m2m fields without through easier to use
...
The change in f105fbe52b
2013-02-10 21:54:48 +02:00
44afe44602
[1.5.x] Emphasized MyISAM pseudo-requirement for GeoDjango over MySQL
...
Refs #15295 .
Backport of 8fbc20b24
2013-02-10 20:50:11 +01:00
7b5ca126ee
[1.5.x] Fixed #19112 -- Reduced the amount of query params in a test
...
Backpatch of 604d8763dc
2013-02-10 21:09:58 +02:00
b18ad807e0
[1.5.x] Fixed #19720 -- Oracle ordering related delete regression
...
When a query had a complex where condition (a condition targeting more
than the base table) a subquery was used for deletion. However, the
query had default ordering from the model's meta and Oracle doesn't
work with ordered subqueries.
The regression was caused by fast-path deletion code introduced in
1cd6e04cd4#18676 .
Thanks to Dylan Klomparens for the report.
Backpatch of 8ef3235034
2013-02-10 19:58:22 +02:00
d8e68f421e
[1.5.x] Fixed #19638 -- Skipped tx support testing for some DBs
...
PostgreSQL and Oracle always support transactions, so the create table
and rollback test is non-necessary on those DBs.
Thanks to shai for report.
Backpatch of 0478780b8e
2013-02-10 19:08:15 +02:00
60186aa2e5
[1.5.x] Fixed #19707 -- Reset transaction state after requests
...
Backpatch of a4e97cf315
2013-02-10 14:09:58 +02:00
4c261c61f2
[1.5.x] Fixed #19645 -- Added tests for TransactionMiddleware
...
Backpatch of f556df90be#19707 .
2013-02-10 14:01:49 +02:00
bb12ea2cf1
[1.5.x] Made modwsgi groups_for_user consistent with check_password
...
2b5f848207#19061
that made the is_active attribute mandatory for user models.
The try/except was not removed for the groups_for_user function.
refs #19780
2013-02-09 09:33:34 -08:00
7b278278ab
[1.5.x] Fixed #19699 - Removed "Please see the release notes" from versionadded/changed directives
...
Thanks Aymeric for the patch.
Backport of d93edffa89
2013-02-09 09:22:33 -05:00
2d53799ca6
[1.5.x] Fixed #19749 -- Documented ending param to command's self.stdout/err
...
Thanks xian at mintchaos.com for the report.
Backport of 0201b9d6d
2013-02-09 10:19:59 +01:00
15796db507
[1.5.x] Cleaned up some lingering signals in the test suite that were causing spurious failures with Pypy and Postgres.
...
Backport of db09a2de6e
2013-02-08 12:13:43 -08:00
b8c6de31a6
[1.5.x] Fixed #19779 -- Checked contrib.sites presence in RedirectFallbackMiddleware
...
Thanks Aymeric Augustin for the report and directions for the patch.
Backport of 2ed90eac
2013-02-08 16:36:57 +01:00
830b9fde46
[1.5.x] Fixed #19776 -- Added missing import for backport
...
line was present on master from 1520748dac
2013-02-08 00:28:37 -08:00
660f80c3d6
[1.5.x] Fixed #19662 -- alter auth modelbackend to accept custom username fields
...
Thanks to Aymeric and Carl for the review.
2013-02-07 16:08:23 -08:00
833ccd4b5b
[1.5.x] Fixed #19772 -- Handled APPEND_SLASH correctly in the redirects app.
...
Backport of 64623a2
2013-02-07 22:38:14 +01:00
ad2311dfc6
[1.5.x] Fixed #19706 - Tweaks to the tutorial.
...
Thanks Daniele Procida.
Backport of aa85ccf8ce
2013-02-07 07:14:03 -05:00
a81363d85a
[1.5.x] Fixed #19756 - Corrected a ManyToMany example and added some links and markup.
...
Backport of 43efefae69
2013-02-07 07:03:46 -05:00
5ba76825cf
[1.5.x] Fixed a typo in the test suite that was causing some spurious failures with pypy.
...
Backport of 6afc85af47
2013-02-06 22:12:02 -08:00
20ac33100c
Partially revert 9efe1a721, strip_tags improvements
...
The new regex seems not stable enough for being released. Stripping
with regex might need reevaluation for the next release.
Refs #19237 .
2013-02-06 21:19:41 +01:00
Anssi Kääriäinen
Carl Meyer
Tim Graham
Stefan "hr" Berder
James Bennett
Aymeric Augustin
Simon Meers
Alex Hunley
Claude Paroz
Russell Keith-Magee
Julien Phalip
Ramiro Morales
Preston Holmes