Mariusz Felisiak
21b1b1fc03
[4.2.x] Fixed CVE-2023-31047, Fixed #31710 -- Prevented potential bypass of validation when uploading multiple files using one form field.
...
Thanks Moataz Al-Sharida and nawaik for reports.
Co-authored-by: Shai Berger <shai@platonix.com>
Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
2023-05-03 13:43:16 +02:00
Laurens Verhoeven
bb94e1b7db
[4.2.x] Fixed #34349 -- Fixed FormSet.empty_form crash when deleting extra forms is disabled.
...
Backport of 6cbc403b8e
2023-02-20 09:33:19 +01:00
David Smith
80aae83439
[4.2.x] Refs #33476 -- Applied Black's 2023 stable style.
...
Black 23.1.0 is released which, as the first release of the year,
introduces the 2023 stable style. This incorporates most of last year's
preview style.
https://github.com/psf/black/releases/tag/23.1.0
Backport of 097e3a70c1
2023-02-01 11:37:29 +01:00
Mariusz Felisiak
60a7bd8986
Refs #34119 -- Skipped test_callable_default_hidden_widget_value_not_overridden when JSONField is not supported.
2022-11-28 09:47:52 +01:00
David Sanders
25904db915
Fixed #34119 -- Prevented callable default hidden widget value from being overridden.
...
Thanks to Benjamin Rigaud for the report.
2022-11-18 13:12:15 +01:00
Francesco Panico
51faf4bd17
Fixed #34148 -- Reverted "Fixed #32901 -- Optimized BaseForm.__getitem__()."
...
This reverts commit edde2a0699
2022-11-18 08:06:13 +01:00
Nick Pope
d3cb91db87
Used more augmented assignment statements.
...
Identified using the following command:
$ git grep -I '\(\<[_a-zA-Z0-9]\+\>\) *= *\1 *[-+/*^%&|<>@]'
2022-10-31 12:30:13 +01:00
DevilsAutumn
f3cd252cfc
Fixed #33995 -- Fixed FormSet.empty_form crash when empty_permitted is passed to form_kwargs.
2022-09-09 13:51:47 +02:00
Neeraj Kumar
9942f3fb49
Fixed #33830 -- Fixed VariableDoesNotExist when rendering ClearableFileInput.
2022-08-25 07:52:36 +02:00
Carlton Gibson
89e695a69b
Fixed #33876 , Refs #32229 -- Made management forms render with div.html template.
...
Thanks to Claude Paroz for the report.
2022-08-02 10:30:09 +02:00
Mariusz Felisiak
c18861804f
Fixed warnings per flake8 5.0.0.
2022-07-31 08:16:19 +02:00
David Smith
d126eba363
Refs #32339 -- Deprecated default.html form template.
...
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
2022-05-17 11:16:54 +02:00
Kapil Bansal
3a82b5f655
Fixed #32559 -- Added 'step_size’ to numeric form fields.
...
Co-authored-by: Jacob Rief <jacob.rief@uibk.ac.at>
2022-05-12 14:16:52 +02:00
Marc Seguí Coll
262fde94de
Fixed #33622 -- Allowed customizing error messages for invalid number of forms.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-05-10 13:42:31 +02:00
David Smith
ec5659382a
Fixed #32339 -- Added div.html form template.
2022-05-05 14:32:43 +02:00
Carlton Gibson
476d4d5087
Refs #32339 -- Allowed renderer to specify default form and formset templates.
...
Co-authored-by: David Smith <smithdc@gmail.com>
2022-04-27 10:21:04 +02:00
L
37602e4948
Fixed #33656 -- Fixed MultiWidget crash when compressed value is a tuple.
2022-04-26 07:06:26 +02:00
David
c8459708a7
Refs #32339 -- Added use_fieldset to Widget.
2022-03-30 16:28:14 +02:00
Mariusz Felisiak
abfdb4d7f3
Reverted "Fixed forms_tests.tests.test_renderers with Jinja 3.1.0+."
...
This reverts commit 1d9d082acf
2022-03-26 12:27:30 +01:00
Mariusz Felisiak
1d9d082acf
Fixed forms_tests.tests.test_renderers with Jinja 3.1.0+.
...
See https://github.com/pallets/jinja/pull/1621 .
2022-03-25 08:48:32 +01:00
Carlton Gibson
bb61f0186d
Refs #32365 -- Removed internal uses of utils.timezone.utc alias.
...
Remaining test case ensures that uses of the alias are mapped
canonically by the migration writer.
2022-03-24 06:29:50 +01:00
Claude Paroz
4c76ffc2d6
Fixed #29490 -- Added support for object-based Media CSS and JS paths.
2022-02-10 08:48:27 +01:00
Mariusz Felisiak
7119f40c98
Refs #33476 -- Refactored code to strictly match 88 characters line length.
2022-02-07 20:37:05 +01:00
django-bot
9c19aff7c7
Refs #33476 -- Reformatted code with Black.
2022-02-07 20:37:05 +01:00
Carlton Gibson
4b8e9492d9
Refs #32559 -- Added selenium test for FloatField client-side validation.
...
step="any" is required for non-integer values. See:
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/number#step
Covers behaviour added in 7ec2a21be1
2022-02-03 13:50:37 +01:00
Mariusz Felisiak
c5cd878382
Refs #33476 -- Refactored problematic code before reformatting by Black.
...
In these cases Black produces unexpected results, e.g.
def make_random_password(
self,
length=10,
allowed_chars='abcdefghjkmnpqrstuvwxyz' 'ABCDEFGHJKLMNPQRSTUVWXYZ' '23456789',
):
or
cursor.execute("""
SELECT ...
""",
[table name],
)
2022-02-03 11:20:46 +01:00
Claude Paroz
7c4f396509
Stopped including type="text/css" attributes for CSS link tags.
2022-01-22 16:38:14 +01:00
David
4c60c3edff
Fixed #33419 -- Restored marking forms.Field.help_text as HTML safe.
...
Regression in 456466d932
2022-01-07 15:35:31 +01:00
Jacob Walls
03a6488116
Refs #31026 -- Changed @jinja2_tests imports to be relative.
2022-01-03 06:11:30 +01:00
David
cb82ded4b2
Refs #32339 -- Added rendering tests for forms with CheckboxSelectMultiple and SelectMultiple widgets.
2021-12-23 07:38:05 +01:00
Baptiste Mispelon
e95e6425ac
Refs #24121 -- Added __repr__() to BaseFormSet.
2021-12-21 12:06:05 +01:00
mendespedro
e8b4feddc3
Fixed #33367 -- Fixed URLValidator crash in some edge cases.
2021-12-20 07:30:22 +01:00
mendespedro
4fd3044ca0
Fixed #33368 -- Fixed parse_duration() crash on invalid separators for decimal fractions.
2021-12-20 06:46:34 +01:00
Mariusz Felisiak
882647a82c
Used subTest() in forms.URLField() tests.
2021-12-16 06:35:44 +01:00
Adam Johnson
0d2435328a
Added test for field names of ManagementForm.
2021-12-10 10:01:33 +01:00
David Smith
eba9a9b7f7
Refs #32338 -- Added Boundfield.legend_tag().
2021-12-09 07:16:33 +01:00
Mariusz Felisiak
628b6a6869
Updated translations from Transifex.
...
This also fixes related i18n tests.
Forwardport of 4c5215ab03
2021-12-06 20:31:03 +01:00
David Smith
c6c6cd3c5a
Fixed #33235 -- Removed "for = ..." from MultiWidget's <label>.
...
This improves accessibility for screen reader users.
2021-11-05 11:05:52 +01:00
Carlton Gibson
2ccc0b22db
Fixed #33211 -- Updated tests for Selenium 4.0.0.
...
Replaced deprecated `find_element[s]_by_*()` usages, in favour of
`find_element[s]()` with an explicit `By`.
2021-10-21 14:37:16 +02:00
David Smith
4884a87e02
Fixed #33134 -- Fixed recursion depth error when rendering Form with BoundFields.
...
Regression in 456466d932
2021-09-29 08:04:42 +02:00
Jaap Roes
7fe9b6f6df
Fixed #33130 -- Restored form errors to be a dict.
...
Regression in 456466d932
2021-09-24 10:50:41 +02:00
Mariusz Felisiak
881a479911
Refs #31026 -- Fixed forms_tests if Jinja2 is not installed.
2021-09-21 10:16:44 +02:00
David Smith
456466d932
Fixed #31026 -- Switched form rendering to template engine.
...
Thanks Carlton Gibson, Keryn Knight, Mariusz Felisiak, and Nick Pope
for reviews.
Co-authored-by: Johannes Hoppe <info@johanneshoppe.com>
2021-09-20 15:50:18 +02:00
David Smith
4ca508a689
Refs #31026 -- Added extra form render tests.
2021-09-17 09:21:10 +02:00
David Smith
91e8b95d5b
Refs #31026 -- Moved Template tests to separate class.
2021-09-17 09:20:02 +02:00
Claude Paroz
676bd084f2
Fixed #32873 -- Deprecated settings.USE_L10N.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-09-14 12:05:43 +02:00
David Smith
5942ab5eb1
Refs #32338 -- Made RadioSelect/CheckboxSelectMultiple render in <div> tags.
...
This improves accessibility for screen reader users.
2021-08-27 06:14:01 +02:00
David Smith
3a6431db54
Refs #29205 -- Added MultiValueField test for rendering of optional subfields.
2021-08-10 12:49:06 +02:00
Jacob Walls
2d0ae8da80
Fixed #29205 -- Corrected rendering of required attributes for MultiValueField subfields.
2021-08-04 17:37:04 +02:00
Jacob Rief
db1fc5cd3c
Fixed #32855 -- Corrected BoundWidget.id_for_label() with custom auto_id.
2021-08-04 15:18:00 +02:00
