868cd56f05
Added CVE-2019-12781 to the security release archive.
2019-07-01 10:14:36 +02:00
fc41401f33
Added release date for 2.2.3.
2019-07-01 07:48:45 +02:00
54d0f5e62f
Fixed CVE-2019-12781 -- Made HttpRequest always trust SECURE_PROXY_SSL_HEADER if set.
...
An HTTP request would not be redirected to HTTPS when the
SECURE_PROXY_SSL_HEADER and SECURE_SSL_REDIRECT settings were used if
the proxy connected to Django via HTTPS.
HttpRequest.scheme will now always trust the SECURE_PROXY_SSL_HEADER if
set, rather than falling back to the request scheme when the
SECURE_PROXY_SSL_HEADER did not have the secure value.
Thanks to Gavin Wahl for the report and initial patch suggestion, and
Shai Berger for review.
2019-07-01 07:48:04 +02:00
30b3ee9d0b
Added stub release notes for security releases.
2019-07-01 06:57:27 +02:00
8fc8c958a5
Fixed broken selenium tests after 42b9a23267.
2019-06-30 20:35:05 +02:00
d54baf6970
Updated translations from Transifex
...
Forward port of b3f7262e6e
2019-06-29 16:17:16 +02:00
42b9a23267
Fixed #30400 -- Improved typography of user facing strings.
...
Thanks Claude Paroz for assistance with translations.
2019-06-28 16:46:18 +02:00
2b03e8e9e8
Fixed #30584 -- Fixed management command when using subparsers with dest parameter.
2019-06-28 12:51:26 +02:00
f03b7bd114
Fixed #28408 -- Added error message when updating with annotated expressions on joined fields.
...
Co-Authored-By: Simon Charette <charette.s@gmail.com>
2019-06-28 07:55:32 +02:00
fb54aca540
Added test for serializing child model without inherited fields.
2019-06-27 15:10:22 +02:00
895b15771e
Fixed #28725 -- Prevented serializing inherited ManyToManyFields in child model.
2019-06-27 15:10:22 +02:00
4305fbe8b1
Fixed GeoIPTest.test04_city() failure with the latest GeoIP2 database.
2019-06-27 15:09:28 +02:00
26d16c07fd
Fixed #30578 - Made SelectDateWidget respect a custom date format when USE_L10N is disabled.
2019-06-26 11:07:11 +02:00
a289e79679
Fixed #30594 -- Added 'private' Cache-Control directive to never_cache() decorator.
2019-06-26 09:25:24 +02:00
8454f6dea4
Fixed #30588 -- Fixed crash of autoreloader when __main__ module doesn't have __file__ attribute.
2019-06-26 06:44:10 +02:00
698df6a009
Fixed typos in test comments.
2019-06-25 11:12:45 +02:00
325d5d6445
Fixed #30477 -- Made reverse lookup use Field.get_db_prep_value() from the target field.
2019-06-25 10:20:33 +02:00
76b993a117
Fixed #26431 -- Prevented django.urls.resolve() from returning missing optional parameters.
...
Previous behavior was inconsistent with django.urls.reverse() and
caused that translate_url() created an incorrect URL when an optional
parameter was missing.
2019-06-24 11:47:56 +02:00
d640c71fa3
Refs #26431 -- Added tests for resolving URL and translate_url() with provided optional parameter.
2019-06-24 11:30:26 +02:00
b24e763846
Added tests for terminated path with optional arguments in django.urls.reverse().
2019-06-24 11:30:26 +02:00
e286711879
Simplified handling of non-existent paths in autoreloader with Path.resolve(strict=True).
2019-06-24 09:48:59 +02:00
833878411c
Fixed typo in docs/topics/db/models.txt.
2019-06-24 09:04:33 +02:00
2f91e7832f
Fixed typo in docs/ref/models/indexes.txt.
2019-06-24 08:58:56 +02:00
19895e897c
Refs #30451 -- Added asgiref to the tests requirements.
2019-06-24 08:10:23 +02:00
8590726a5d
Removed unneeded non-breaking spaces added in 00169bc36
2019-06-22 10:26:14 +02:00
ad7b438002
Bumped minimum ESLint version to 4.18.2.
2019-06-21 17:57:35 +02:00
87b1ad6e73
Fixed #30421 -- Allowed symmetrical intermediate table for self-referential ManyToManyField.
2019-06-21 15:03:17 +02:00
a9179ab032
Fixed typo in BasicExpressionsTests.test_object_update_fk() test.
2019-06-21 12:00:42 +02:00
2ef6f209f7
Fixed typos in 1.11.19, 2.0.11, 2.1.6 release notes.
2019-06-21 07:07:23 +02:00
a387ef1117
Added missing form argument in modelform_factory() docstring.
2019-06-20 15:13:22 +02:00
9aeac29949
Removed unnecessary backslashes from docs.
2019-06-20 14:04:36 +02:00
7f19e37135
Refs #30451 -- Added more tests for ASGIRequest and ASGIHandler.
2019-06-20 12:29:58 +02:00
a415ce70be
Fixed #30451 -- Added ASGI handler and coroutine-safety.
...
This adds an ASGI handler, asgi.py file for the default project layout,
a few async utilities and adds async-safety to many parts of Django.
2019-06-20 12:29:43 +02:00
cce47ff65a
Fixed #30565 -- Closed HttpResponse when wsgi.file_wrapper closes file-like object.
2019-06-20 11:48:49 +02:00
533311782f
Refs #30565 -- Doc'd HttpResponse.close() method.
2019-06-20 11:48:49 +02:00
00169bc361
Fixed #30547 -- Doc'd how Meta.constraints affect model validation.
2019-06-20 10:44:02 +02:00
b903bb438f
Refs #30485 -- Removed non-representative test that emitted a warning.
...
Previously, when running the Django test suite with warnings enabled,
the following was emitted:
/usr/lib64/python3.7/urllib/parse.py:915: BytesWarning: str() on a bytearray instance
v = quote_via(str(v), safe, encoding, errors)
This occurred due to the bytearray() being passed to
urllib.parse.urlencode() which eventually calls str() on it. The test
does not represent desired real world behavior. Rather than test for and
assert strange unspecified behavior that emits a warning, remove it.
This was also discussed in PR #11374 .
2019-06-19 13:03:52 +02:00
2cbd3967e0
Fixed #29834 -- Fixed column mismatch crash with QuerySet.values()/values_list() and order_by() on combined querysets.
2019-06-19 12:11:28 +02:00
14d026cccb
Fixed #30572 -- Prevented values()/values_list() on combined queryset from mutating the list of columns in querysets.
2019-06-19 10:44:53 +02:00
a7038adbd0
Fixed typos in signals and custom management commands docs.
2019-06-19 08:40:46 +02:00
036362e0cf
Fixed typos and example in signals.pre_init docs.
2019-06-18 14:51:17 +02:00
b08a18f17b
Fixed LiveWidgetTests.test_textarea_trailing_newlines() crash on Chrome 75+.
2019-06-18 11:38:51 +02:00
6e8303d49b
Fixed typos in FakePayload docstring and SimplifiedURLTests test name.
2019-06-17 12:38:04 +02:00
415e899dc4
Refs #30451 -- Added HttpRequest._set_content_type_params() hook.
2019-06-15 10:29:02 -07:00
87f5d07eed
Fixed #12952 -- Adjusted admin log change messages to use form labels instead of field names.
2019-06-14 18:20:29 +02:00
1564e42ad3
Refs #30512 , #15042 -- Added local-only address to sanitize_email() tests cases.
...
email.headerregistry.parser.get_mailbox() returns a token with a `token_type` attribute.
If `token_type` is `’invalid-mailbox’` then RFC violations have been detected. Emails with only the local part, and no domain, are correctly parsed but are marked as `’invalid-mailbox’`.
As per #15042 , local-only are supported, to enable sending to addresses on localhost.
sanitize_email() does not currently check `token_type`. This test is added to avoid a regression in case this is revisited in the future.
2019-06-13 17:29:58 +02:00
2628ea9515
Fixed #30512 -- Used email.headerregistry.parser for parsing emails in sanitize_address().
2019-06-13 16:22:15 +02:00
0c2ffdd526
Fixed an example of email with display name in EmailMessage.from_email.
2019-06-13 16:22:15 +02:00
fc2536fe66
Refs #29548 -- Doc'd MariaDB support for GIS database functions.
2019-06-13 10:26:21 +02:00
fde9b7d35e
Fixed #30128 -- Fixed handling timedelta timezone in database functions.
2019-06-13 09:29:43 +02:00
Mariusz Felisiak
Carlton Gibson
Claude Paroz
Jon Dufresne
Hasan Ramezani
can
Nadège Michel
Shubham Bhagat
nsasaki128
Tom Forbes
Tim Gates
daniel a rios
Meysam
Alexey Opalev
Markus Holtermann
Tobias Kunze
Andrew Godwin
Chris Jerdonek
Swat009
Min ho Kim
Sanyam Khurana
Joachim Jablon