Commit Graph

38 Commits

Author SHA1 Message Date
Chris Jerdonek 7132341255 Refs #32800 -- Renamed _compare_masked_tokens() to _does_token_match(). 2021-08-03 07:10:31 +02:00
Jacob Walls 89fc144ded Fixed #27827 -- Used "raise from" when raising InvalidTemplateLibrary exceptions in get_package_libraries().
This change sets the __cause__ attribute to raised exceptions and makes
small cleanups in error messages.
2020-12-28 07:31:37 +01:00
Jon Dufresne d6aff369ad Refs #30116 -- Simplified regex match group access with Match.__getitem__().
The method has been available since Python 3.6. The shorter syntax is
also marginally faster.
2020-05-11 12:01:28 +02:00
Ram Rachum 5b09354954
Fixed #31291 -- Renamed salt to mask for CSRF tokens. 2020-02-25 14:16:19 +01:00
Claude Paroz 4d973f5939 Refs #26601 -- Deprecated passing None as get_response arg to middleware classes.
This is the new contract since middleware refactoring in Django 1.10.

Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2020-02-18 20:03:44 +01:00
Hasan Ramezani 8d32290279 Fixed #30425 -- Handled jinja2.TemplateSyntaxError when rendering a template.
Jinja raises jinja2.TemplateSyntaxError in render() not in
get_template() when it's in an included template.
2019-11-27 12:48:07 +01:00
Jon Dufresne 77aa74cb70 Refs #29983 -- Added support for using pathlib.Path in all settings. 2019-11-07 10:26:22 +01:00
Simon Charette 0f212db29d Made reused RequestFactory instances class attributes. 2018-11-27 09:49:02 -05:00
Jon Dufresne ff05de760c Fixed #29038 -- Removed closing slash from HTML void tags. 2018-01-21 02:09:10 -05:00
Tim Graham 29f607927f Fixed spelling of "nonexistent". 2017-02-03 08:01:45 -05:00
chillaranand d6eaf7c018 Refs #23919 -- Replaced super(ClassName, self) with super(). 2017-01-25 12:23:46 -05:00
Tim Graham 109b33f64c Refs #23919 -- Simplified assertRaisesRegex()'s that accounted for Python 2. 2017-01-20 08:49:47 +01:00
Claude Paroz d7b9aaa366 Refs #23919 -- Removed encoding preambles and future imports 2017-01-18 09:55:19 +01:00
Shivang Bharadwaj 6a74950513 Fixed #27258 -- Prohibited django.Template.render() with non-dict context.
Thanks Shivang Bharadwaj for the initial patch.
2016-12-28 16:03:20 -05:00
Tim Graham 412997f8ba Used assertRaisesMessage() in template_backends tests. 2016-12-15 09:32:46 -05:00
za 321e94fa41 Refs #27392 -- Removed "Tests that", "Ensures that", etc. from test docstrings. 2016-11-10 21:30:21 -05:00
Tim Graham 277fe2e8f2 Fixed #25788 -- Enabled the cached template loader if debug is False. 2016-09-03 09:06:33 -04:00
Berker Peksag 52a991d976 Fixed #24694 -- Added support for context_processors to Jinja2 backend. 2016-06-28 14:30:54 -04:00
Jon Dufresne 4f336f6652 Fixed #26747 -- Used more specific assertions in the Django test suite. 2016-06-16 14:19:18 -04:00
Shai Berger 5112e65ef2 Fixed #20869 -- made CSRF tokens change every request by salt-encrypting them
Note that the cookie is not changed every request, just the token retrieved
by the `get_token()` method (used also by the `{% csrf_token %}` tag).

While at it, made token validation strict: Where, before, any length was
accepted and non-ASCII chars were ignored, we now treat anything other than
`[A-Za-z0-9]{64}` as invalid (except for 32-char tokens, which, for
backwards-compatibility, are accepted and replaced by 64-char ones).

Thanks Trac user patrys for reporting, github user adambrenecki
for initial patch, Tim Graham for help, and Curtis Maloney,
Collin Anderson, Florian Apolloner, Markus Holtermann & Jon Dufresne
for reviews.
2016-05-19 05:02:19 +03:00
Aaron Elliot Ross 19a5f6da32 Fixed #25469 -- Added autoescape option to DjangoTemplates backend.
Thanks Aymeric for the initial patch and Carl for review.
2015-11-12 19:14:23 -05:00
Tim Graham 9114fe8ada Removed support for passing a context to a generic Template.render().
Per deprecation timeline; refs a3e783fe11.
2015-09-23 19:31:11 -04:00
Tim Graham aaacaeb096 Renamed RemovedInDjangoXYWarnings for new roadmap.
Forwardport of ae1d663b79
from stable/1.8.x plus more.
2015-06-24 16:08:20 -04:00
Preston Timmons 655f524915 Fixed #17085, #24783 -- Refactored template library registration.
* Converted the ``libraries`` and ``builtins`` globals of
  ``django.template.base`` into properties of the Engine class.
* Added a public API for explicit registration of libraries and builtins.
2015-05-21 09:12:06 -05:00
Simon Charette ead36e8a47 Refs #24652 -- Made sure template backend tests call their super setUpClass. 2015-05-20 12:50:40 -04:00
Preston Timmons adff499e47 Fixed #24119, #24120 -- Formalized debug integration for template backends. 2015-05-06 17:33:47 -05:00
Aymeric Augustin 1563b897c4 Fixed #24685 -- Fixed check for template name unicity.
Thanks Preston Timmons for the report.
2015-05-03 21:49:16 +02:00
Tim Graham a184a99123 Refs #24538 -- Simplified a test per Aymeric's feedback. 2015-04-01 13:08:43 -04:00
Tim Heap 4ea1909d3c Fixed #24538 -- Allowed self in Jinja context
Rendering a Jinja template with self in the context threw an error.
While self is a reserved variable in Jinja, including self in the
context is not an error, so Django should respect that.
2015-04-01 12:26:57 -04:00
Moritz Sichert 6bff343989 Refs #24469 -- Fixed escaping of forms, fields, and media in non-Django templates. 2015-03-18 09:11:01 -04:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Aymeric Augustin 44ad691558 Fixed #24265 -- Preserved template backend loading exceptions.
If importing or initializing a template backend fails, attempting to
access this template backend again must raise the same exception.
2015-02-05 20:06:18 +01:00
Tim Graham fed25f1105 Removed compatibility with Python 3.2. 2015-01-17 09:00:17 -05:00
Aymeric Augustin a3e783fe11 Deprecated passing a Context to a generic Template.render.
A deprecation path is required because the return type of
django.template.loader.get_template changed during the
multiple template engines refactor.

test_csrf_token_in_404 was incorrect: it tested the case when the
hardcoded template was rendered, and that template doesn't depend on the
CSRF token. This commit makes it test the case when a custom template is
rendered.
2015-01-12 21:01:34 +01:00
Aymeric Augustin 71b7668b75 Rewrapped TemplateSyntaxError in Jinja2 backend.
Changed import style to avoid confusion between Django's and Jinja2's
APIs.
2015-01-12 21:01:34 +01:00
Aymeric Augustin 0cdb09d489 Made context take priority over context processors.
This is the expected behavior, but given RequestContext's tortuous
implementation, a straightforward use of its API results in the
opposite.

This commits fixes a regression that must have happened at different
points in the multiple templates engine refactor for different features.
2015-01-06 22:02:27 +01:00
Tim Graham 40ccef16cb Silenced an ImportWarning in the template_backends tests. 2015-01-01 14:28:53 -05:00
Aymeric Augustin 332154e726 Added basic tests for template backends. 2014-12-28 16:23:00 +01:00