Commit Graph

1147 Commits

Author SHA1 Message Date
Simon Charette 53ff096982 Prevented data leakage in contrib.admin via query string manipulation.
This is a security fix. Disclosure following shortly.
2014-08-20 14:39:40 -04:00
Preston Holmes 5307ce565f Fixed #23066 -- Modified RemoteUserMiddleware to logout on REMOTE_USER change.
This is a security fix. Disclosure following shortly.
2014-08-20 14:39:40 -04:00
Tim Graham 0d8d30b7dd Fixed #23157 -- Removed O(n) algorithm when uploading duplicate file names.
This is a security fix. Disclosure following shortly.
2014-08-20 14:39:40 -04:00
Florian Apolloner 28e765810d Prevented reverse() from generating URLs pointing to other hosts.
This is a security fix. Disclosure following shortly.
2014-08-20 14:39:40 -04:00
Tim Graham ec71191be0 Added release note stubs for 1.5.9 and 1.4.14. 2014-08-20 14:39:40 -04:00
Claude Paroz 12cf10cacd Fixed typo in 1.7 release notes 2014-08-20 08:57:35 +02:00
Tim Graham fca677fa43 Added sphinx extension to ease generation of ticket links. 2014-08-19 17:40:50 -04:00
Unai Zalakain 5f2542f12a Fixed #10190 -- Made HttpResponse charset customizable.
Thanks to Simon Charette, Aymeric Augustin, and Tim Graham
for reviews and contributions.
2014-08-19 17:34:38 -04:00
areski 9d6551204e Removed unnecessary code-block directives. 2014-08-19 16:44:25 -04:00
Claude Paroz fa02120d36 Fixed #22996 -- Prevented crash with unencoded query string
Thanks Jorge Carleitao for the report and Aymeric Augustin, Tim Graham
for the reviews.
2014-08-19 22:29:31 +02:00
Peter Harley 2724cdbff6 Fixed #18355 -- Added ordering options to list based generic views.
Added MultipleObjectMixin.ordering and get_ordering().

Refs #21450.
2014-08-15 11:09:47 -04:00
Tim Graham e122facbd8 Fixed #23269 -- Deprecated django.utils.remove_tags() and removetags filter.
Also the unused, undocumented django.utils.html.strip_entities() function.
2014-08-15 08:20:02 -04:00
Gabriel Muñumel deed00c0d8 Fixed #23162 -- Renamed forms.Field._has_changed() to has_changed(). 2014-08-15 08:14:45 -04:00
Claude Paroz 12adcd505e Complemented 1.6 release notes for 457c16d0d6
And accessorily added missing bits fixing #23293.
Forward port of 2cbafd814 from stable/1.7.x
2014-08-15 10:14:55 +02:00
areski 3021453285 Fixed #20133 -- Added summary to admin deletion confirmation pages.
Thanks jonash for the suggestion and initial patch.
2014-08-14 13:56:23 -04:00
Tim Graham cf79b57ad0 Fixed #21132 -- Removed the useless app_name argument to AdminSite.
Thanks MarkusH for the report and Florian for review.
2014-08-14 09:05:51 -04:00
Claude Paroz 055d95fce0 Fixed #23265 -- Used system-specific encoding in runserver
Thanks SpaceFox for the report.
2014-08-14 12:08:06 +02:00
zsoldosp 01801edd37 Fixed #22646: Added support for the MySQL ssl-ca option to dbshell. 2014-08-13 18:29:42 -04:00
Ola Sitarska 6947885926 Fixed #23283 -- Added default=False to BooleanField's in the docs.
Thanks Baptiste for the suggestion.
2014-08-13 18:23:52 -04:00
Claude Paroz 2cc8ffe258 Fixed #22985 -- Made call_command accept option name parameter
Thanks giulettamasina for the report and Tim Graham for the review.
2014-08-12 21:53:29 +02:00
Tim Graham a9fd740d22 Fixed #23276 -- Deprecated passing views as strings to url(). 2014-08-12 13:15:40 -04:00
Markus Bertheau c2d3f18874 Fixed typo in 1.8 release notes. 2014-08-11 07:06:29 -04:00
Jaap Roes e92b057e06 Fixed #23261 -- Deprecated old style list support for unordered_list filter. 2014-08-11 07:04:33 -04:00
Andrew Godwin 173d989c91 Fixed #23252: Call out removed features in release notes.
Also added StrAndUnicode mixin note to deprecation plan as it was
missing.
2014-08-07 14:14:12 +10:00
Tim Graham 0efd72dc90 Fixed broken links in docs. 2014-08-05 08:23:34 -04:00
Stanislas Guerra 98e8da3709 Fixed #16311 -- Added a RelatedOnlyFieldListFilter class in admin.filters. 2014-08-04 09:39:02 -04:00
Tim Graham 0f2ceee025 Fixed #23151 -- Deprecated RegexField.error_message.
Thanks Baptiste Mispelon for the suggestion.
2014-08-03 11:21:01 -04:00
Tim Graham d28396f526 Fixed #23144 -- Dropped support for MySQL 5.0, 5.1. 2014-08-02 10:28:40 -04:00
Tim Graham fb4f3e04b1 Updated MySQL links to version 5.6. 2014-08-02 10:27:01 -04:00
Tim Graham 8f9d6e83a0 Fixed #23145 -- Dropped support for Oracle < 11.1 2014-08-01 19:32:00 -04:00
Tim Graham a2479f46f3 Fixed #7220 -- Allowed AbstractBaseUser.last_login to be null.
Thanks veena for the suggestion and Simon Charette and Kévin Etienne for reviews.
2014-08-01 17:51:49 -04:00
Tim Graham a9bdce7e55 Fixed #23108 -- Dropped support for PostgreSQL 8.4 & PostGIS 1.3, 1.4.
Thanks Claude Paroz for the review.
2014-08-01 10:26:00 -04:00
Petras Zdanavičius 8b7347220f Fixed #23103 -- Annotated ImageField file with image and content_type attributes.
Thanks Jeremy Dunck for the suggestion and Nick Sanford for review.
2014-08-01 09:30:58 -04:00
Nick Sandford 9d9f0acd7e Fixed #13163 -- Added ability to show change links on inline objects in admin.
Thanks DrMeers for the suggestion.
2014-07-31 08:07:28 -04:00
Christoph Heer d47409831f Fixed #23067 -- Updated docs to use django-admin 2014-07-30 14:14:03 -04:00
Tim Graham 7fcfefbc4a Forwardported 1.6.6 release note for #19107. 2014-07-30 09:33:02 -04:00
Tim Graham f294f93a17 Forwardported 1.6.6 release notes for refs #20292. 2014-07-29 09:39:51 -04:00
Gabriel Muñumel 0af593dbe5 Fixed #23102 -- Documented that sql* commands now respect allow_migrate(). 2014-07-28 10:05:41 -04:00
David Hoffman e1c85167a3 Fixed #23097 -- Switched to new octal format in docs 2014-07-26 11:20:24 +02:00
Andrew Godwin f44dbf74a4 Mark initial_data as deprecated separately from syncdb. Refs #23077. 2014-07-25 09:09:15 -07:00
Tim Graham bb395a15ba Forward ported release notes for refs #23089. 2014-07-24 19:55:57 -04:00
Tim Graham 8568e7cfa4 Added backwards incompatibility note for refs #22845; refs #23082.
Thanks Kyle Owens for the report.
2014-07-23 15:23:36 -04:00
Damien Nozay 70c54a3694 Fixed #23028: Added unique_togther support to inspectdb. 2014-07-18 16:10:59 +00:00
Tim Graham c62c480b2b Added 1.6.6 release notes for #22998 (also forwardported those for #13794). 2014-07-16 13:34:53 -04:00
Loic Bistuer 671e0c937c Further fix the release notes for refs #13147.
Mention of custom user models has been removed since UserCreationForm
didn't support custom user models anyway. Refs #19353.
2014-07-15 17:59:16 +07:00
Tim Graham 38e001ab6c Fixed #22789 -- Deprecated django.contrib.webdesign.
Moved the {% lorem %} tag to built-in tags.
2014-07-14 08:45:19 -04:00
Tim Graham 7affb4ad58 Fixed/improved release note for refs #13147; thanks Loic. 2014-07-14 07:46:19 -04:00
Andrew Godwin ceb2aaf1d4 Add south upgrade note to 1.7 release notes 2014-07-10 10:00:31 -07:00
Yin Jifeng 849538d03d Fixed #13147 -- Moved User validation logic from form to model. 2014-07-10 09:36:43 -04:00
Jorge C. Leitão 8780849da0 Fixed #22812 -- Refactored lookup API documentation.
Thanks Anssi and Tim for reviews.
2014-07-08 20:05:49 -04:00