mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-08-21 17:29:13 +00:00
Code Issues 32 Releases Wiki Activity
33,769 Commits 29 Branches 452 Tags
Commit Graph

486 Commits

Author SHA1 Message Date
farhan
5e06b97095 Fixed #36410 -- Added support for Template Partials to the Django Template Language. 
Introduced `{% partialdef %}` and `{% partial %}` template tags to
define and render reusable named fragments within a template file.
Partials can also be accessed using the `template_name#partial_name`
syntax via `get_template()`, `render()`, `{% include %}`, and other
template-loading tools.

Adjusted `get_template()` behavior to support partial resolution, with
appropriate error handling for invalid names and edge cases. Introduced
`PartialTemplate` to encapsulate partial rendering behavior.

Includes tests and internal refactors to support partial context
binding, exception reporting, and tag validation.

Co-authored-by: Carlton Gibson <carlton@noumenal.es>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
 2025-08-14 21:53:14 -03:00
Rob Hudson
d63241ebc7 Fixed #15727 -- Added Content Security Policy (CSP) support. 
This initial work adds a pair of settings to configure specific CSP
directives for enforcing or reporting policy violations, a new
`django.middleware.csp.ContentSecurityPolicyMiddleware` to apply the
appropriate headers to responses, and a context processor to support CSP
nonces in templates for safely inlining assets.

Relevant documentation has been added for the 6.0 release notes,
security overview, a new how-to page, and a dedicated reference section.

Thanks to the multiple reviewers for their precise and valuable feedback.

Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2025-06-27 15:57:02 -03:00
Ahmed Nassar
be402891cd Fixed #36311 -- Unified spelling of "hardcode" and its variants in docs. 
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2025-04-15 14:48:55 -03:00
Giannis Terzopoulos
a39c28706a Fixed #35529 -- Added support for positional arguments in querystring template tag. 
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
 2025-03-25 12:23:41 -03:00
Natalia
0b4f2d8d39 Fixed #36268 -- Added leading ? in every querystring template tag result. 
Thanks Sarah Boyce for the report.
 2025-03-24 11:53:42 -03:00
Natalia
b1c1fd33ed Improved and reorganized querystring template tag docstring and ref docs. 2025-03-24 11:53:42 -03:00
Ahmed Nassar
ec7044c706 Fixed #36000 -- Deprecated HTTP as the default protocol in urlize and urlizetrunc. 2025-03-19 14:28:42 +01:00
Jonathan Ströbele
240421c7c4 Fixed #36186 -- Added forloop.length variable within a template for loop. 2025-02-24 16:25:53 +01:00
Sarah Boyce
582ba18d56 Added security guideline on reasonable size limitations when rendering content via the DTL. 
This also removes the need to add warnings for every Django template filter.
 2025-02-24 08:51:08 +01:00
Sarah Boyce
05002c153c Fixed #36182 -- Returned "?" if all parameters are removed in querystring template tag. 
Thank you to David Feeley for the report and Natalia Bidart for the review.
 2025-02-13 15:49:25 +01:00
Sarah Boyce
810edfd742 Removed versionadded/changed annotations for 5.1. 
This also removes remaining versionadded/changed annotations for older
versions.
 2025-01-15 22:28:37 +01:00
ssanger
df6013b2b4 Added missing alt attribute to <img> tag in docs. 2024-10-22 14:18:20 +02:00
Marc Gibbons
6765b6adf9
Fixed #35797 -- Removed debug context processor from default project template. 2024-09-30 16:52:28 -03:00
Sarah Boyce
320dd27412 Fixed CVE-2024-45230 -- Mitigated potential DoS in urlize and urlizetrunc template filters. 
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.
 2024-09-03 09:22:32 -03:00
Matthew Somerville
fb7be022cb Updated example links in urlize docs. 
goo.gl links are being removed in 2025:
https://developers.googleblog.com/en/google-url-shortener-links-will-no-longer-be-available/
 2024-07-23 14:02:30 +02:00
nessita
cf03aa4e94
Refs #10941 -- Reorganized querystring template tag docs. 2024-07-22 10:31:54 -03:00
Sarah Boyce
27043bde5b
Refs #10941 -- Renamed query_string template tag to querystring. 2024-07-15 13:28:55 -03:00
John Higgins
60acad933d Fixed #35441 -- Documented Context and RequestContext keyword arguments. 2024-06-20 09:34:55 +02:00
Natalia
05cce083ad Removed versionadded/changed annotations for 5.0. 
This also removes remaining versionadded/changed annotations for older
versions.
 2024-05-22 15:44:07 -03:00
canhuynh1998
a7baa874d8 Fixed #35280 -- Improved iriencode filter example in docs. 2024-03-10 14:54:38 +01:00
Emmanuel Katchy
12ffcfc350 Updated "Dive Into Python" links. 2024-01-20 19:43:55 +01:00
Mariusz Felisiak
0be6dde817
Corrected code-block directives in docs. 2023-12-28 19:52:15 +01:00
Tom Carrick
e67d3580ed Fixed #10941 -- Added {% query_string %} template tag. 2023-10-26 09:57:21 +02:00
Mariusz Felisiak
718b32c691
Added missing pycon directives in various docs. 2023-10-25 12:27:27 +02:00
Natalia
17b51094d7 Fixed CVE-2023-43665 -- Mitigated potential DoS in django.utils.text.Truncator when truncating HTML text. 
Thanks Wenchao Li of Alibaba Group for the report.
 2023-10-04 09:22:26 -03:00
Mariusz Felisiak
14ef92fa9e Refs #33864 -- Removed length_is template filter per deprecation timeline. 2023-09-18 22:12:40 +02:00
Mariusz Felisiak
295467c04a Removed versionadded/changed annotations for 4.2. 
This also removes remaining versionadded/changed annotations for older
versions.
 2023-09-18 22:12:40 +02:00
Jon Ribbens
adfb3dfa89 Fixed #33405, Refs #7177 -- Clarified docs for filter escapejs regarding safe and unsafe usages. 2023-07-03 12:32:58 +02:00
Akash Kumar Sen
b0a6cc7f57 Fixed #34600 -- Removed references to bleach in docs. 2023-05-31 09:52:38 +01:00
Natalia
881cc139e2 Refs #34574, Refs #34577 -- Mentioned escapeseq filter in escape/autoescape docs. 2023-05-26 06:26:38 +02:00
Natalia
1a59a324ce Fixed #34574 -- Noted unexpected outcomes in autoescape/escape docs. 2023-05-26 06:21:46 +02:00
Arthur Moreira
061a8a1bd8 Fixed #34577 -- Added escapeseq template filter. 2023-05-22 09:58:03 +02:00
Pan Dango
12ec80726f
Corrected code-block directive in docs/ref/templates/builtins.txt. 2023-05-07 14:51:27 +02:00
Jannis Vajen
024954aad4 Corrected code-block directives in docs. 2023-05-04 14:10:11 +02:00
django-bot
14459f80ee Fixed #34140 -- Reformatted code blocks in docs with blacken-docs. 2023-03-01 13:03:56 +01:00
Joseph Victor Zammit
ba755ca131 Refs #34140 -- Corrected rst code-block and various formatting issues in docs. 2023-02-28 12:21:37 +01:00
Carlton Gibson
534ac48297 Refs #34140 -- Applied rst code-block to non-Python examples. 
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for
reviews.
 2023-02-10 19:19:13 +01:00
Mariusz Felisiak
8d98f99a4a Refs #32873 -- Removed settings.USE_L10N per deprecation timeline. 2023-01-17 11:49:15 +01:00
Mariusz Felisiak
490cccbe7e Removed versionadded/changed annotations for 4.1. 2023-01-17 11:49:15 +01:00
Jarosław Wygoda
32940d390a Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings. 2023-01-12 09:58:36 +01:00
Nick Pope
4d4bf55e0e Fixed #33864 -- Deprecated length_is template filter. 2022-07-23 12:36:21 +02:00
Victor
2fac0a1808
Fixed #33317 -- Added note about unconditional evaluation of {% block %} tags. 2022-07-22 10:09:29 +02:00
Mariusz Felisiak
ac90529cc5 Fixed docs build with sphinxcontrib-spelling 7.5.0+. 
sphinxcontrib-spelling 7.5.0+ includes captions of figures in the set
of nodes for which the text is checked.
 2022-05-31 11:17:01 +02:00
Carlton Gibson
ca1c3151c3 Removed versionadded/changed annotations for 4.0. 2022-05-17 14:22:06 +02:00
Carlton Gibson
bf7c51a5f4 Fixed #33639 -- Enabled cached template loader in development. 2022-04-19 12:13:27 +02:00
David Smith
67b5f506a6
Changed some words to use inline markup. 2022-03-10 10:18:31 +01:00
David Smith
71531cc32c
Changed "bolded" to "in bold" in docs. 2022-03-09 08:03:14 +01:00
Andrey Otto
f70a875cc0
Fixed #33530 -- Fixed typo in docs/ref/templates/builtins.txt. 2022-02-21 06:13:36 +01:00
Markus Holtermann
394517f078 Fixed CVE-2022-22818 -- Fixed possible XSS via {% debug %} template tag. 
Thanks Keryn Knight for the report.

Co-authored-by: Adam Johnson <me@adamj.eu>
 2022-02-01 07:40:51 +01:00
Claude Paroz
7c4f396509 Stopped including type="text/css" attributes for CSS link tags. 2022-01-22 16:38:14 +01:00