Commit Graph

132 Commits

Author SHA1 Message Date
Julien Phalip 34e248efec Fixed #17258 -- Moved `threading.local` from `DatabaseWrapper` to the `django.db.connections` dictionary. This allows connections to be explicitly shared between multiple threads and is particularly useful for enabling the sharing of in-memory SQLite connections. Many thanks to Anssi Kääriäinen for the excellent suggestions and feedback, and to Alex Gaynor for the reviews. Refs #2879.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17205 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-16 13:40:19 +00:00
Aymeric Augustin 19cbdf8c8f Fixed #17348 -- Implemented {% elif %}. Refs #3100.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17187 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-12-09 22:13:27 +00:00
Luke Plant 0d0f874d21 Punctuation fix in the 1.4 release notes
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17163 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-29 14:20:23 +00:00
Luke Plant 16ad0530c5 Clarified release note about the removal of 'mixin' parameter to Storage.open, and added a note in the deprecation timeline.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17161 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-29 12:01:38 +00:00
Aymeric Augustin 7872fc0dab Fixed #16247 -- Removed wildcard expansion of application names in INSTALLED_APPS.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17158 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-27 20:13:37 +00:00
Paul McMillan e13dc49053 Improved release notes about session cookie httponly flag (#16847) per Luke's comments.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17140 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-22 01:05:14 +00:00
Paul McMillan 0506facd86 Fixed #16378. Locmem now uses pickle.HIGHEST_PROTOCOL for better compatibility with other hash backends. Thanks aaugustin for the initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17136 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-21 22:25:49 +00:00
Paul McMillan 4d975b4f88 Fixed #16847. Session Cookies now default to httponly = True.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17135 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-21 22:03:03 +00:00
Aymeric Augustin 9b1cb755a2 Added support for time zones. Thanks Luke Plant for the review. Fixed #2626.
For more information on this project, see this thread:
http://groups.google.com/group/django-developers/browse_thread/thread/cf0423bbb85b1bbf



git-svn-id: http://code.djangoproject.com/svn/django/trunk@17106 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-18 13:01:06 +00:00
Luke Plant eb81f979a8 Fixed typo in 1.4 release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17087 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-12 18:50:50 +00:00
Julien Phalip c3df840c20 Fixed #16903 -- Added `--no-location` option to the `makemessages` command to not write '#: filename:line' comment lines in language files. Thanks to alpar for the suggestion and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17081 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-11 13:07:14 +00:00
Aymeric Augustin d71b4309ca Used yaml.safe_load instead of yaml.load, because safety should be the default.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17062 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-11-01 20:07:42 +00:00
Aymeric Augustin 422f6e8e17 Mentionned changes from r17056 in the release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17058 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-31 09:10:25 +00:00
Julien Phalip 9796f69533 Fixed #16257 -- Added new `ModelAdmin.get_list_display_links()` method to allow for the dynamic display of links on the admin changelist. Thanks to graveyboat for the suggestion and initial patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17037 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-26 12:19:18 +00:00
Alex Gaynor ac88f048c9 Fixed the grammar of a sentence in the docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17024 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-22 06:13:01 +00:00
Carl Meyer 145a77edc9 Fixed #16360 -- Added WSGI entrypoint to startproject layout, and enabled internal servers (runserver and runfcgi) to use an externally-defined WSGI application. Thanks to Armin Ronacher, Jannis Leidel, Alex Gaynor, ptone, and Jacob Kaplan-Moss.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17022 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-22 04:30:10 +00:00
Julien Phalip 26698bc851 Fixed #14806 -- Added support for contextual translations to the `trans` and `blocktrans` template tags. Thanks to jtiai for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17015 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-19 04:59:47 +00:00
Aymeric Augustin 246580573d Fixed #12308 -- Added tablespace support to the PostgreSQL backend.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16987 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-14 21:49:43 +00:00
Carl Meyer 9a5262b037 Fixed a missed typo in the 1.4 release notes. Oops.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16965 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-13 06:41:40 +00:00
Carl Meyer 38f1fe3b35 Fixed #15372 -- Switched to a startproject default layout that allows us to avoid sys.path hacks.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16964 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-13 05:56:15 +00:00
Julien Phalip 17659adf93 Fixed #16371 -- Added a prefix "field-" to all CSS class names automatically generated from field names in admin forms to avoid conflicts with other common class names (e.g. "button"). This is backwards-incompatible for those who previously used plain field names as selector in custom style sheets or javascript transformations.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16953 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-10 12:35:06 +00:00
Luke Plant 052a011ee6 Fixed #17003 - prefetch_related should support foreign keys/one-to-one
Support for `GenericForeignKey` is also included.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16939 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-07 16:05:53 +00:00
Carl Meyer b1b1da1eac Fixed #8060 - Added permissions-checking for admin inlines. Thanks p.patruno for report and Stephan Jaensch for work on the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16934 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-07 00:41:25 +00:00
Luke Plant 662eea116f Fixed #16937 - added `QuerySet.prefetch_related` to prefetch many related objects.
Many thanks to akaariai for lots of review and feedback, bug finding,
additional unit tests and performance testing.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16930 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-05 23:14:52 +00:00
Ramiro Morales 0d9b6a5bc4 Fixed #10841 -- Switched response served when DEBUG=True and request.is_ajax() returns True (indicating request has been generated by a JS library) to a plain text version for easier debugging.
Contents of this response are similar to its HTML counterpart modulo frame variables values in the Python traceback section.

Thanks to Riz for the report, to SmileyChris for the patch and to Julien for reviewing.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16921 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-02 02:53:58 +00:00
Luke Plant 28ee7a9df3 Attempted to sort new features in 1.4 release notes into related topics
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16920 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-10-01 15:43:01 +00:00
Julien Phalip 8137027fd7 Fixed #13956 -- Enabled `*args` and `**kwargs` support for `simple_tag`, `inclusion_tag` and `assignment_tag`. Many thanks to Stephen Burrows for the report and initial patch, to Gregor Müllegger for the initial tests, to SamBull for the suggestions, and to Jannis Leidel for the review and PEP8 cleanup.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16908 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-27 12:15:15 +00:00
Julien Phalip f2ed107b07 Simplified the admin changelist multi-sort interface specifically by removing the popup window, adding explicit tooltip help texts, improving the hover visual states and allowing all operations (i.e. removing a column from sorting and toggling the sorting with and without changing the sorting priority) to be actionable with just one click. Many thanks to Idan Gazit for the feedback and direction. Refs #16212.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16899 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-24 06:17:53 +00:00
Paul McMillan 5a01324f20 Fixed #16907 -- Deprecate databrowse.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16871 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-22 04:10:02 +00:00
Carl Meyer d1d6109229 Added release note and updated TEMPLATE_DEBUG documentation for r16833. Thanks jezdez for the reminder.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16841 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-16 17:07:19 +00:00
Carl Meyer 343004c4de Fixed #16568 -- Added RequireDebugFalse filter to prevent sending 500 error emails when DEBUG is True in projects with no explicit LOGGING setting. Thanks to Andreas Pelme for report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16840 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-16 16:41:38 +00:00
Jannis Leidel f3ae496201 Fixed #16833 -- Removed undocumented `mixin` parameter from the `Storage.open()` method as this was an undocumented and obscure feature. Thanks to Marty and Russell for sanity-checking.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16824 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-13 15:10:49 +00:00
Ramiro Morales 26b8122087 Fixed #14675 -- Completed removal of `from django.conf.urls.default import *` usage.
This applies to both our own [test] code and documentation examples. Also:
 * Moved the functions and handlers from `django.conf.urls.defaults` up to
   `django.conf.urls` deprecating the former module.
 * Added documentation for `handler403`.
 * Tweaked the URLs topic document a bit.

Thanks to pupeno and cdestigter for their great work contributing patches.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16818 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-11 22:36:16 +00:00
Russell Keith-Magee 5f287f75f2 Altered the behavior of URLField to avoid a potential DOS vector, and to avoid potential leakage of local filesystem data. A security announcement will be made shortly.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16760 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-10 00:47:00 +00:00
Alex Gaynor 7deb25b8dd Fixed #7596. Added Model.objects.bulk_create, and make use of it in several places. This provides a performance benefit when inserting multiple objects. THanks to Russ for the review, and Simon Meers for the MySQl implementation.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16739 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-09 19:22:28 +00:00
Ramiro Morales 932b1b8d6d Converted links to external topics so they use intersphinx extension markup.
This allows to make these links more resilent to changes in the target URLs.
Thanks Jannis for the report and Aymeric Augustin for the patch.

Fixes #16586.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16720 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-09-04 21:17:30 +00:00
Julien Phalip 71f017b2a6 Fixed #16059 -- Improved the usability of the admin's vertical and horizontal "filter" widgets, in particular by providing a better visual representation of the buttons' enabled and disabled states, and by providing more elaborate, yet less cluttered, help texts.
Note that this commit is an exception to the current tacit rule that javascript code changes should be avoided until a proper javascript testing framework for Django core is in place. This exception is commanded by the fact that it is to fix a recognized usability issue and that the patch has been (manually) extensively tested in IE6+, Chrome, Safari, Firefox and Opera.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16714 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-31 08:07:07 +00:00
Jannis Leidel 3256862f5f Fixed #16717 -- Added ability to store result of trans template tag in context variable.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16712 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-30 12:09:45 +00:00
Idan Gazit 5ed2cf03bb Added admin browser support policy note.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16711 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-30 08:14:35 +00:00
Russell Keith-Magee be4acff319 Reverted r16662 -- There are bunch of problems with this patch, including failing tests, that I didn't pick up before committing.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16669 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-23 06:31:03 +00:00
Russell Keith-Magee 43024142a1 Fixed #16202 -- Added a Slovenian localflavor. Thanks to Jure Cuhalev <gandalf@owca.info>, Gasper Zejn, Domen Kozar and iElectric for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16662 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-23 04:41:56 +00:00
Jannis Leidel 1ca6e9b9e2 Fixed #9847 -- Added 403 response handler. Many thanks to kgrandis, adamnelson, vkryachko, fvox13 and Chris Beaven.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16606 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-12 14:15:31 +00:00
Jannis Leidel 1d32bdd3c9 Fixed #15252 -- Added static template tag and CachedStaticFilesStorage to staticfiles contrib app.
Many thanks to Florian Apolloner and Jacob Kaplan-Moss for reviewing and eagle eyeing.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16594 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-11 14:07:39 +00:00
Karen Tracey be87f0b0ec Fixed #3615: Added support for loading fixtures with forward references on database backends (such as MySQL/InnoDB) that do not support deferred constraint checking. Many thanks to jsdalton for coming up with a clever solution to this long-standing issue, and to jacob, ramiro, graham_king, and russellm for review/testing. (Apologies if I missed anyone else who helped here.)
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16590 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-08-07 00:43:26 +00:00
Jannis Leidel 2ccfb6d5c2 Fixed #16101 -- Added parameters to SingleObjectMixin to override the name of the URL keyword arguments used for pk and slug. Thanks, Andrew Ingram and Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16569 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-29 09:41:00 +00:00
Jannis Leidel 3b77458371 Fixed #5025 -- Add a "truncatechars" template filter. Many thanks to Chris Beaven.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16542 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-14 13:47:10 +00:00
Jannis Leidel 94a38dfd0e Fixed #16161 -- Added `--clear` option to `collectstatic` management command to be able to explicitly clear the files stored in the destination storage before collecting.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16509 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-04 21:34:29 +00:00
Jannis Leidel 332a485567 Fixed #16115 -- Added ModelAdmin.save_related method to be able to do pre- or post-save operations for objects related to the parent object currently displayed. Thanks, Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16498 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-07-03 17:56:43 +00:00
Jannis Leidel 38a2444277 Fixed #16050 -- BACKWARDS-INCOMPATIBLE CHANGE: Moved static files of the admin to conventional file system location.
This also removes the need for ADMIN_MEDIA_PREFIX and replaces it with the convention to find admin's static files at STATIC_URL + 'admin/'.

Thanks to Jacob for the review and general help.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16487 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-30 09:06:19 +00:00
Jannis Leidel c817f2f544 Fixed #16199 -- Added a Cookie based session backend. Many thanks to Eric Florenzano for his initial work and Florian Apollaner for reviewing.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16466 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-26 17:00:24 +00:00
Jannis Leidel 4a10338986 Fixed #14390 and #16262 -- Moved password related functions from auth models to utils module and stopped check_password from throwing an exception. Thanks, subsume and lrekucki.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16456 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-26 16:51:46 +00:00
Carl Meyer 43503b093a Fixed #16288 -- Enabled django.request exception logger regardless of DEBUG setting.
Thanks Matt Bennett for report and draft patch; Vinay Sajip and Russell Keith-Magee for review.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16444 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-22 06:01:44 +00:00
Ramiro Morales b870bf6b9a Fixed #16255 -- Raised minimum PostgreSQL version supported to 8.2.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16423 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-16 20:05:25 +00:00
Jannis Leidel 896e3c69c7 Fixed #11585 -- Added ability to translate and prefix URL patterns with a language code as an alternative method for language discovery. Many thanks to Orne Brocaar for his initial work and Carl Meyer for feedback.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16405 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-15 17:29:10 +00:00
Luke Plant 4047a21fa8 Noted new security overview page in the 1.4 release notes
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16402 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-14 23:37:12 +00:00
Luke Plant 06a2515145 Fixed typo in release notes regarding CSRF with PUT/DELETE etc
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16401 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-14 23:31:45 +00:00
Jannis Leidel f749bb829c Fixed #12875 -- Added get_ordering to ModelAdmin. Many thanks to Manuel Saelices.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16383 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-12 13:04:53 +00:00
Jannis Leidel d27f909d2e Fixed #12847 -- Added name parameter to simple_tag, assignment_tag and inclusion_tag helpers. Thanks, vladmos.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16373 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-11 16:05:28 +00:00
Jannis Leidel ce3c281090 Fixed #811 -- Added support for IPv6 to forms and model fields. Many thanks to Erik Romijn.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16366 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-11 13:48:24 +00:00
Ramiro Morales dff31de20a Fixed #16155 -- Removed Python 2.4 compatibility constructs from code and mentions from docs. Thanks Aymeric Augustin for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16349 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-09 20:01:28 +00:00
Idan Gazit 716601109a Fixed #11834 -- Improved technical 500 stacktrace display.
Thanks to buriy and Aleksandra for the implementation!

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16343 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-09 12:45:11 +00:00
Luke Plant 45e55b9143 Fixed #14614 - filtering of sensitive information in 500 error reports.
This adds a flexible mechanism for filtering what request/traceback
information is shown in 500 error emails and logs. It also applies
screening to some views known to be sensitive e.g. views that handle
passwords.

Thanks to oaylanc for the report and many thanks to Julien Phalip for the
patch and the rest of the work on this.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16339 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-08 22:18:46 +00:00
Luke Plant bb12a02bd8 Deprecated legacy ways of calling cache_page
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16338 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-08 11:12:01 +00:00
Alex Gaynor b67ff14208 Removed an alias for ``django.template.loader`` that had been deprecated since 2005. This should only affect World Online.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16337 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-07 21:17:41 +00:00
Luke Plant 5434ce231d Fixed #11868 - Multiple sort in admin changelist.
Many thanks to bendavis78 for the initial patch, and for input from others.

Also fixed #7309. If people were relying on the undocumented default ordering
applied by the admin before, they will need to add 'ordering = ["-pk"]' to
their ModelAdmin.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16316 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-02 16:18:47 +00:00
Jannis Leidel 632dfa2338 Fixed #9200 -- Added new form wizard to formtools based on class based views. Many thanks to Stephan Jäkel, ddurham and ElliottM for their work.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16307 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-06-01 13:47:00 +00:00
Luke Plant 1a951fa8d4 Added info to release notes about CSRF improvements
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16306 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-31 21:29:35 +00:00
Luke Plant 524c5fa07a Fixed #14261 - Added clickjacking protection (X-Frame-Options header)
Many thanks to rniemeyer for the patch!

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16298 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-30 22:27:47 +00:00
Jannis Leidel f60d428463 Fixed #12417 -- Added signing functionality, including signing cookies. Many thanks to Simon, Stephan, Paul and everyone else involved.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16253 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-21 14:41:14 +00:00
Adrian Holovaty c5cb2fabd2 Edited docs/releases/1.4.txt changes from [16124]
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16227 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-14 17:58:32 +00:00
Simon Meers 5ecb88c146 Fixed #16014 -- numerous documentation typos -- thanks psmith.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16220 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-13 04:33:42 +00:00
Luke Plant cb060f0f34 Fixed #15258 - Ajax CSRF protection doesn't apply to PUT or DELETE requests
Thanks to brodie for the report, and further input from tow21

This is a potentially backwards incompatible change - if you were doing
PUT/DELETE requests and relying on the lack of protection, you will need to
update your code, as noted in the releaste notes.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16201 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-09 23:45:54 +00:00
Luke Plant 171df93170 Fixed #15954 - New IGNORABLE_404_URLS setting that allows more powerful filtering of 404s to ignore
Thanks to aaugustin for implementing this.

(Technically this doesn't fix the original report, as we've decided against
having *any* default values, but the new feature makes it possible, and the
docs have an example addressing #15954).

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16160 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-05 20:49:26 +00:00
Jannis Leidel 950e05c3ff Fixed #14262 -- Added new assignment_tag as a simple way to assign the result of a template tag to a context variable. Thanks, Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16149 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-03 11:52:42 +00:00
Jannis Leidel 18d2f4a816 Fixed #5833 -- Modified the admin list filters to be easier to customize. Many thanks to Honza Král, Tom X. Tobin, gerdemb, eandre, sciyoshi, bendavis78 and Julien Phalip for working on this.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16144 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-03 10:44:23 +00:00
Jannis Leidel 0fa8bd3d92 Fixed #15920 -- Removed COMMENTS_BANNED_USERS_GROUP setting in favor of the established comments app customization. Thanks, Daniel Lindsley.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16124 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-29 15:11:17 +00:00
Jannis Leidel 79afd55278 Fixed #5925 -- Added new lazily evaluated version of django.core.urlresolvers.reverse. Thanks, SmileyChris, Preston Timmons and Julien Phalip.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16121 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-29 11:49:59 +00:00
Luke Plant 327081f875 Added note about HTML5 to release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16061 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-21 00:00:32 +00:00
Jacob Kaplan-Moss c92e0e4765 Added notes about `select_for_update` to the 1.4 release notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16059 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-20 21:00:24 +00:00
Jannis Leidel 196ac8f8b3 Fixed #6213 -- Updated the flatpages app to only append a slash if the flatpage actually exist.
The FlatpageFallbackMiddleware (and the view) now only add a trailing slash and redirect if the resulting URL refers to an existing flatpage. Previously requesting /notaflatpageoravalidurl would redirect to /notaflatpageoravalidurl/, which would then raise a 404. Requesting /notaflatpageoravalidurl now will immediately raise a 404. Also, Redirects returned by flatpages are now permanent (301 status code) to match the behaviour of the CommonMiddleware.

Thanks to Steve Losh for the initial work on the patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16048 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-20 14:41:47 +00:00
Luke Plant 1f5d684f14 Added release notes about the removal of Django 1.2 compatibility fallbacks for signed data
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15955 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-30 17:35:32 +00:00
Luke Plant 4550f95f29 Added stub release notes for 1.4
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15947 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-03-30 17:34:01 +00:00