7b6d3104f2
Fixed #25048 -- Documented that runservers strips headers with underscores.
...
refs 316b8d4974
2015-07-09 09:10:27 -04:00
3d650e80ad
Added today's security issues to the archive.
2015-07-08 17:41:48 -04:00
17d3a6d804
Fixed catastrophic backtracking in URLValidator.
...
Thanks João Silva for reporting the problem and Tim Graham for finding the
problematic RE and for review.
This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
014247ad19
Prevented newlines from being accepted in some validators.
...
This is a security fix; disclosure to follow shortly.
Thanks to Sjoerd Job Postmus for the report and draft patch.
2015-07-08 15:23:03 -04:00
df049ed77a
Fixed #19324 -- Avoided creating a session record when loading the session.
...
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.
This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:03 -04:00
125eaa19b2
Added security release note stubs.
2015-07-08 15:23:03 -04:00
bdfce4db21
Removed a confusing sentence in tutorial 5.
2015-07-08 15:11:40 -04:00
f87e552d98
Corrected example code for get_query_set upgrade in 1.6 release notes
...
The conditional setting of `get_query_set` is required for correct behaviour
if running Django 1.8. The full gory details are here:
http://lukeplant.me.uk/blog/posts/handling-django%27s-get_query_set-rename-is-hard/
2015-07-08 10:58:07 +01:00
e5cfa394d7
Refs #23882 -- Added detection for moved files when using inotify polling
...
Commit 15f82c7
2015-07-07 12:23:04 -04:00
0d71349773
Fixed #22804 -- Added warning for unsafe value of 'sep' in Signer
...
Thanks Jaap Roes for completing the patch.
2015-07-07 11:44:37 -04:00
bc98bc56a5
Fixed #25059 -- Allowed Punycode TLDs in URLValidator
2015-07-06 15:08:43 -04:00
a871cf422d
Fixed #25051 -- Clarified return type of {% now %} tag.
2015-07-04 08:46:49 -04:00
f5d5867a4a
Fixed #24877 -- Added middleware handling of response.render() errors.
2015-07-03 12:06:40 -04:00
b91a2a499f
Fixed #23190 -- Made Paginator.page_range an iterator
2015-07-03 11:34:34 -04:00
fd869cceac
Fixed mistake in Model.from_db() example.
2015-07-03 09:08:22 -04:00
0e3193a386
Updated mock note since Django no longer works with Python 3.2.
2015-07-03 08:24:58 -04:00
ca58181bac
Fixed #25056 -- Documented minimum version of jinja2 for testing.
2015-07-03 08:20:53 -04:00
a570701e02
Fixed #25029 -- Added PersistentRemoteUserMiddleware for login-page-only external authentication.
2015-07-02 17:38:10 -04:00
9a5cfa05a0
Fixed #24997 -- Enabled bulk_create() on proxy models
2015-07-02 13:53:51 -04:00
11cac1bd8e
Fixed #4960 -- Added "strip" option to CharField
2015-07-01 17:47:05 -04:00
b44dee16e6
Fixed #20916 -- Added Client.force_login() to bypass authentication.
2015-07-01 13:01:08 -04:00
839edcebb3
Fixed #21695 -- Added asvar option to blocktrans.
...
Thanks Bojan Mihelac for the initial patch.
2015-07-01 10:03:00 -04:00
3d7a713156
Fixed typo in writing migrations docs
2015-07-01 09:16:17 +02:00
2d0dead224
DEP 0003 -- Added JavaScript unit tests.
...
Setup QUnit, added tests, and measured test coverage.
Thanks to Nick Sanford for the initial tests.
2015-06-30 21:04:16 -04:00
b64c0d4d61
Fixed #23658 -- Provided the password to PostgreSQL dbshell command
...
The password from settings.py is written in a temporary .pgpass file
file whose name is given to psql using the PGPASSFILE environment
variable.
2015-06-30 18:21:51 -04:00
eecd42ea7d
Removed datetime_cast_sql, which is never overridden or used anywhere in Django.
...
Thanks Tim Graham for review.
2015-07-01 00:43:45 +03:00
00a1d4d042
Fixed #21803 -- Added support for post-commit callbacks
...
Made it possible to register and run callbacks after a database
transaction is committed with the `transaction.on_commit()` function.
This patch is heavily based on Carl Meyers django-transaction-hooks
<https://django-transaction-hooks.readthedocs.org/ >. Thanks to
Aymeric Augustin, Carl Meyer, and Tim Graham for review and feedback.
2015-06-30 14:51:00 -04:00
9f0d67137c
Fixed #25038 -- Reverted incorrect documentation about inspectdb introspecting views.
...
This reverts commit bd691f4586#24177 ).
2015-06-30 14:23:29 -04:00
aef2a0ec59
Fixed #25018 -- Changed simple_tag to apply conditional_escape() to its output.
...
This is a security hardening fix to help prevent XSS (and incorrect HTML)
for the common use case of simple_tag.
Thanks to Tim Graham for the review.
2015-06-29 08:16:19 -04:00
ec4f219ecb
Fixed #22463 -- Added code style guide and JavaScript linting (EditorConfig and ESLint)
2015-06-27 16:36:26 -04:00
f59667c121
Fixed #25033 -- Added context_processors.auth to documented admin dependencies.
2015-06-27 14:27:03 -04:00
e291fc4757
Fixed #25031 -- Fixed a regression in the unordered_list template filter.
2015-06-27 09:37:41 -04:00
2e70bf3785
Fixed #25017 -- Allowed customizing the DISALLOWED_USER_AGENTS response
2015-06-27 08:46:23 -04:00
a50b66da30
Fixed #24958 -- Fixed inline forms using UUID-PK parents with auto-PK children.
2015-06-26 09:09:09 -04:00
d3e12c9017
Fixed #25016 -- Reallowed non-ASCII values for ForeignKey.related_name on Python 3.
2015-06-26 08:30:05 -04:00
6364df6887
Refs #24127 -- Added documentation for HttpRequest.current_app.
2015-06-25 19:54:50 +02:00
aed437d567
Updated release process for new release schedule.
2015-06-25 11:36:17 -04:00
aaacaeb096
Renamed RemovedInDjangoXYWarnings for new roadmap.
...
Forwardport of ae1d663b79
2015-06-24 16:08:20 -04:00
c078021555
Refs #24840 -- Added GDALRaster Warp and transform methods
...
Thanks to Tim Graham for the review.
2015-06-24 18:31:22 +02:00
c45fbd060a
Added white-space: pre-wrap; to docs code blocks to match docs.dp.com.
2015-06-22 15:56:06 -04:00
514b69cb9e
Updated indentation of example template in docs/topics/i18n/translation.txt.
2015-06-22 15:42:09 -04:00
f1635ba433
Added Ola Sitarska to the team page.
2015-06-22 15:30:20 -04:00
5ae0dd6abf
Fixed #25001 -- Doc'd caveat about collectstatic and removing INSTALLED_APPS.
...
Thanks aRkadeFR for the initial patch.
2015-06-22 12:36:38 -04:00
256aebbdaa
Simplified wording of Python support policy.
2015-06-22 12:07:53 -04:00
34047b23e2
Fixed #24983 -- Clarified contrib.sites Site.domain is fully qualified.
2015-06-22 09:39:54 -04:00
7f155a0703
Refs #25006 -- Added a '6 p.m.' option to the admin's time picker.
2015-06-22 07:24:57 -04:00
e7b4bd48c7
Fixed #24970 -- Added --managers and --admins options to the sendtestemail management command.
2015-06-22 07:21:26 -04:00
1c90a3dcca
Fixed #24985 -- Added note about possible invalid feed content
...
Thanks Michael Wood for the report and Tim Graham for the review.
2015-06-21 20:53:01 +02:00
4a66564888
Fixed #25010 -- Documented APP_DIRS default in startproject's settings.py
2015-06-20 19:28:17 -04:00
738c0de300
Fixed #14200 -- Added a fallback if HttpRequest.urlconf is None.
...
Made BaseHandler fall back to settings.ROOT_URLCONF if
HttpRequest.urlconf is set to None, rather than raising
ImproperlyConfigured.
2015-06-20 18:52:33 -04:00
Tim Graham
Shai Berger
Carl Meyer
Luke Plant
Chris Bainbridge
David Wolever
Alexey Sveshnikov
Sylvain Fankhauser
Rigel Di Scala
Luke
Jan Pazdziora
William Schwartz
Curtis
Jon Dufresne
Matthew Somerville
Claude Paroz
Trey Hunner
Jean-Michel Vourgère
Andreas Pelme
Noam
sujayskumar
Jason Hoos
薛丞宏
Marten Kenbeek
Daniel Wiesmann
Wim Feijen
Ola Sitarska
Bipin Suresh
Rolo