Commit Graph

3737 Commits

Author SHA1 Message Date
Tim Graham 616a4d385a [1.5.x] Fixed #20922 -- Allowed customizing the serializer used by contrib.sessions
Added settings.SESSION_SERIALIZER which is the import path of a serializer
to use for sessions.

Thanks apollo13, carljm, shaib, akaariai, charettes, and dstufft for reviews.

Backport of b0ce6fe656 from master
2013-08-22 17:49:11 -04:00
Jacob Kaplan-Moss 90363e388c Apply autoescaping to AdminURLFieldWidget.
This is a security fix; disclosure to follow shortly.
2013-08-13 11:04:21 -05:00
Anssi Kääriäinen bf4c8d8c98 [1.5.x] Fixed qs ordering related randomly failing test
The failure wasn't present in 1.6+, so this is not a backpatch.
2013-07-29 14:28:41 +03:00
Florian Apolloner 41492f0f1b [1.5.x] Simplified smart_urlquote and added some basic tests.
Backport of b70c371fc1 from master.
2013-07-28 10:07:29 +02:00
Tim Graham dd2a512f68 [1.5.x] assertEquals -> assertEqual 2013-07-27 18:46:55 -04:00
Luke Plant 00b39e0145 [1.5.x] Fixed #19607 - prefetch_related crash
Thanks to av@rdf.ru and flarno11@yahoo.de for the report.

Backport of 4fd94969d8 from master
2013-07-27 17:59:27 -04:00
Tim Graham 8904e9fb98 [1.5.x] Fixed #20681 -- Prevented teardown_databases from attempting to tear down aliases
Thanks simonpercivall.

Backport of d9c580306c from master
2013-07-13 18:09:24 -04:00
Tim Graham 13546cae9c [1.5.x] Fixed #19196 -- Added test/requirements
Backport of 4d92a0bd86 from master.
2013-07-10 11:32:28 -04:00
Tim Graham 95aa2182b7 [1.5.x] Fixed #19940 -- Made test.runner.setup_databases properly handle aliases for defau
Thanks simonpercivall.

Backport of 2cbd579efe from master.
2013-07-04 20:41:01 -04:00
Daniel Lindsley cb9aaac91f [1.5.x] Fixed #20212 - __reduce__ should only be defined for Py3+. 2013-05-21 10:17:27 -07:00
Anssi Kääriäinen bac187c0d8 [1.5.x] Fixed prefetch_related + pickle regressions
There were a couple of regressions related to field pickling. The
regressions were introduced by QuerySet._known_related_objects caching.

The regressions aren't present in master, the fix was likely in
f403653cf1.

Fixed #20157, fixed #20257. Also made QuerySets with model=None
picklable.
2013-05-21 11:45:24 +03:00
Anssi Kääriäinen 0eddedf7db [1.5.x] Fixed #20278 -- ensured .get() exceptions do not recurse infinitely
A regression caused by d5b93d3281 made .get() error
reporting recurse infinitely on certain rare conditions. Fixed this by
not trying to print the given lookup kwargs.

Backpatch of 266c0bb23e
2013-05-20 19:05:43 +03:00
Tai Lee 23b234a9d9 [1.5.x] Fixed #20354 -- `makemessages` no longer crashes with `UnicodeDecodeError`
Handle the `UnicodeDecodeError` exception, send a warning to `stdout` with the
file name and location, and continue processing other files.
Backport of 99a6f0e77 from master.
2013-05-07 21:36:51 +02:00
Florian Apolloner 0b0d98fd4e [1.5.x] Fixed test failures introduced in a5becad909.
Backport of 780fa48f5f from master
2013-05-05 16:14:41 +02:00
Claude Paroz abdcf81843 [1.5.x] Fixed #20237 (again) Allowed binary parameter to assertContains
Backport of b04fd579d5 from master.
2013-04-12 20:16:35 +02:00
Baptiste Mispelon 9c49e64b66 [1.5.x] Fixed #20211: Document backwards-incompatible change in BoundField.label_tag
Also cleaned up label escaping and consolidated the test suite regarding
label_tag.
Backport of ab686022f from master.
2013-04-12 10:25:44 +02:00
Claude Paroz 427b59495e [1.5.x] Fixed #20237 -- Reenabled assertContains with binary parameter
Thanks Baptiste Mispelon for the review.
Backport of fe01404bb9 from master.
2013-04-11 10:58:06 +02:00
Simon Charette d04e8f8c78 [1.5.x] Fixed #20207 -- Handle ManyToManyField with a unicode name correctly.
Backport of 216580e034.
2013-04-05 15:21:59 -04:00
Julien Phalip a15a3e9148 [1.5.x] Fixed #20169 -- Ensured that the WSGI request's path is correctly based on the `SCRIPT_NAME` environment parameter or the `FORCE_SCRIPT_NAME` setting, regardless of whether or not those have a trailing slash. Thanks to bmispelon for the review.
Backport of 2f81a0ca65
2013-04-01 12:07:58 -07:00
Jacob Kaplan-Moss bec250211b [1.5.x] Correctly restore warning capture after logging tests.
This is a fix to the wrong behavior that 15c3906eeb introduced.

Backport of 4befef9 from trunk.
2013-03-27 17:03:12 -05:00
Jacob Kaplan-Moss 9a41045b77 [1.5.x] Fixed logging-related test failure introduced by e79b857.
Backport of 654d8e9.
2013-03-27 12:21:26 -05:00
Preston Holmes 572a300e56 [1.5.x] Fixed #18985 -- ensure module level deprecations are displayed
Also don't compete with -W CLI option.

Thanks to Aymeric Augustin for the catch, and Claude Paroz for the patch.

Backport of e79b857a07 from master.
2013-03-27 10:37:47 -05:00
Anssi Kääriäinen 207117ae73 [1.5.x] Fixed #20091 -- Oracle null promotion for empty strings
Backpatch of e17fa9e877
2013-03-26 15:05:37 +02:00
Claude Paroz deec020bf5 [1.5.x] Fixed #20108 -- Fixed filepath_to_uri decoding error
This was a regression due to unicode_literals usage. Thanks Ivan
Virabyan for the report and the initial patch.
Backport of 164528acc8 from master.
2013-03-22 17:58:36 +01:00
Marc Tamlyn dd897e4eeb [1.5.x] Fixed #20094 - Be more careful when checking for Iterator
Python 2.6 has some different behaviour when checking
isinstance(foo, collections.Iterator).
Backport of 829dc3c5 from master.
2013-03-22 17:45:41 +01:00
Claude Paroz b91067d9aa [1.5.x] Revert "Fixed #19895 -- Made second iteration over invalid queryset raise an exception too"
This reverts commit d1e87eb3ba.
This commit was the cause of a memory leak. See ticket for more details.
Thanks Anssi Kääriäinen for identifying the source of the bug.
2013-03-20 10:43:14 +01:00
Aymeric Augustin 702d39921c [1.5.x] Fixed #19634 -- Added proper __hash__ methods.
Classes overriding __eq__ need a __hash__ such that equal objects have
the same hash.

Thanks akaariai for the report and regebro for the patch.

Backport of e76147a from master.
2013-02-25 23:37:23 +01:00
Claude Paroz cf114cffea [1.5.x] Fixed #19903 -- Fixed unbalanced setUp/tearDown calls in LiveServerAddress test
Backport of 6d52bcbb7c from master.
2013-02-25 08:59:44 +01:00
Aymeric Augustin 455baa68eb [1.5.x] Changed testing strategy used in 6b03179e.
Avoid polluting the app cache as it causes unrelated test failures.

Refs #19688.

Backport of 7b49da1 from master.
2013-02-25 00:11:10 +01:00
Simon Charette f8b41da431 [1.5.x] Fixed #19688 -- Allow model subclassing with a custom metaclass using six.with_metaclass
Backport of 6b03179e12 from master.

Although we're post RC 2, I'm backporting this because it's arguably a
major bug in a new feauture that will prevent several well-known
third-party apps from being ported to Python 3.
2013-02-24 17:45:48 +01:00
Grzegorz Nosek d1e87eb3ba [1.5.x] Fixed #19895 -- Made second iteration over invalid queryset raise an exception too
When iteration over a queryset raised an exception, the result cache
remained initialized with an empty list, so subsequent iterations returned
an empty list instead of raising an exception

Backport of 2cd0edaa47 from master.
2013-02-23 14:39:05 -06:00
Anssi Kääriäinen 8a99d718f7 [1.5.x] Fixed empty strings + to_field regression on Oracle
Querying the reverse side of nullable to_field relation, where both
sides can contain null values resulted in incorrect results. The reason
was not detecting '' as NULL.

Refs #17541, backpatch of 09fcb70c80.
2013-02-23 00:09:48 +02:00
Anssi Kääriäinen 96790fc022 [1.5.x] Made a couple of selenium tests wait for page loaded
The admin_widgets tests were issuing click() to the browser but
didn't wait for the effects of those clicks. This caused the resulting
request to be processed concurrently with the test case. When using
in-memory SQLite this caused weird failures.

Also added wait_page_loaded() to admin selenium tests for code
reuse.

Fixed #19856, backpatch of 50677b29af
2013-02-21 00:01:07 +02:00
Anssi Kääriäinen 8ad436636f [1.5.x] Fixed #19672 -- Error in negated Q() filtering
There was a variable overwrite error in negated join filtering. This
happened when add_filter() was adding the IS NULL condition to the
WHERE clause.

This is not a backport from master as there have been some other
refactorings which made this patch irrelevant.

The patch is from Ian Kelly.
2013-02-20 21:57:39 +02:00
Aymeric Augustin 3ef4bbf495 [1.5.x] Added a default limit to the maximum number of forms in a formset.
This is a security fix. Disclosure and advisory coming shortly.
2013-02-19 10:39:04 -07:00
Carl Meyer 0e46c7f7ac [1.5.x] Checked object permissions on admin history view.
This is a security fix. Disclosure and advisory coming shortly.

Patch by Russell Keith-Magee.
2013-02-19 10:39:04 -07:00
Carl Meyer 2d0c22e02d [1.5.x] Restricted the XML deserializer to prevent DoS attacks.
This is a security fix. Disclosure and advisory coming shortly.
2013-02-19 10:39:03 -07:00
Carl Meyer a7e33c5bf3 [1.5.x] Added a new required ALLOWED_HOSTS setting for HTTP host header validation.
This is a security fix; disclosure and advisory coming shortly.
2013-02-19 10:39:03 -07:00
Claude Paroz 41848b078a [1.5.x] Fixed #19833 -- Fixed import parameter encoding in get_runner
Thanks Danilo Bargen for the report.
Backport of 63236161 from master.
2013-02-16 13:32:03 +01:00
Julien Phalip 42e87c17f2 [1.5.x] Fixed #19829 -- Fixed index lookups for NumPy arrays in templates.
Backport of 7d5e35cdb4
2013-02-15 00:18:49 -08:00
Anssi Kääriäinen 743263a105 [1.5.x] Removed try-except in django.db.close_connection()
The reason was that the except clause needed to remove a connection
from the django.db.connections dict, but other parts of Django do not
expect this to happen. In addition the except clause was silently
swallowing the exception messages.

Refs #19707, special thanks to Carl Meyer for pointing out that this
approach should be taken.
2013-02-13 00:22:10 +02:00
Anssi Kääriäinen 7b5ca126ee [1.5.x] Fixed #19112 -- Reduced the amount of query params in a test
Backpatch of 604d8763dc.
2013-02-10 21:09:58 +02:00
Anssi Kääriäinen b18ad807e0 [1.5.x] Fixed #19720 -- Oracle ordering related delete regression
When a query had a complex where condition (a condition targeting more
than the base table) a subquery was used for deletion. However, the
query had default ordering from the model's meta and Oracle doesn't
work with ordered subqueries.

The regression was caused by fast-path deletion code introduced in
1cd6e04cd4 for fixing #18676.

Thanks to Dylan Klomparens for the report.

Backpatch of 8ef3235034
2013-02-10 19:58:22 +02:00
Anssi Kääriäinen 60186aa2e5 [1.5.x] Fixed #19707 -- Reset transaction state after requests
Backpatch of a4e97cf315
2013-02-10 14:09:58 +02:00
Anssi Kääriäinen 4c261c61f2 [1.5.x] Fixed #19645 -- Added tests for TransactionMiddleware
Backpatch of f556df90be. Backpatching
these tests so that it will be easier to backpatch the fix for #19707.
2013-02-10 14:01:49 +02:00
Julien Phalip 15796db507 [1.5.x] Cleaned up some lingering signals in the test suite that were causing spurious failures with Pypy and Postgres.
Backport of db09a2de6e
2013-02-08 12:13:43 -08:00
Julien Phalip 5ba76825cf [1.5.x] Fixed a typo in the test suite that was causing some spurious failures with pypy.
Backport of 6afc85af47
2013-02-06 22:12:02 -08:00
Claude Paroz 20ac33100c Partially revert 9efe1a721, strip_tags improvements
The new regex seems not stable enough for being released. Stripping
with regex might need reevaluation for the next release.
Refs #19237.
2013-02-06 21:19:41 +01:00
Nick Sandford e18bd68dbc [1.5.x] Fixed #19445 -- Skip admin fieldsets validation when the ModelAdmin.get_form() method is overridden.
Backport of 0694d2196f
2013-02-02 14:55:59 -08:00
Aymeric Augustin db49b6d2b2 [1.5.x] Fixed #19708 -- Exception in timezone.override(None).
Thanks rafales.

Backport of 9a4a1ce.
2013-01-31 16:02:03 +01:00