1
0
mirror of https://github.com/django/django.git synced 2025-03-14 11:20:46 +00:00

3744 Commits

Author SHA1 Message Date
Florian Apolloner
18fe77e4ed [1.5.x] Fixed "Address already in use" from liveserver.
Our WSGIServer rewrapped the socket errors from server_bind into
WSGIServerExceptions, which is used later on to provide nicer
error messages in runserver and used by the liveserver to see if
the port is already in use. But wrapping server_bind isn't enough since
it only binds to the socket, socket.listen (which is called from
server_activate) could also raise "Address already in use".

Instead of overriding server_activate too I chose to just catch socket
errors, which seems to make more sense anyways and should be more robust
against changes in wsgiref.

Backport of 2ca00faa913754cd5860f6e1f23c8da2529c691a from master
2013-09-22 22:08:59 +02:00
Florian Apolloner
87c8de2a06 Revert "[1.5.x] Silenced last sporadic failure on 1.5."
This reverts commit 6a708cd654fe63278ea8a14b3e44da847c62ebf4.

Reverted since it only moved the failures to some other tests and it apperently
only worked by accident. Patched selenium for now to include:
https://github.com/SeleniumHQ/selenium/pull/118
which seems to be the root cause for sporadic extra requests to the live server,
which then cause all sorts of issues.
2013-09-18 16:54:30 +02:00
Tim Graham
72f7932cfb [1.5.x] Fixed #21118 -- Isolated a test that uses the database.
Thanks rmboggs for the report.

Backport of 4f40b97d97 from master
2013-09-18 09:43:34 -04:00
Florian Apolloner
6a708cd654 [1.5.x] Silenced last sporadic failure on 1.5.
This commit is a last resort; technically the test is correct but our testsuite
has some threading issues when LiveServer is used. Since this will never get
fixed in 1.5 and apperently doesn't get triggered on 1.6 we just make sure the
test doesn't error out. I am not 100% sure why this actually fixes the issue,
but this is still better than having failing builds wheneever we do a security
release for 1.5.

(Tested on jenkins itself, should work (tm)).
2013-09-17 22:33:11 +02:00
Florian Apolloner
4770fc1c62 [1.5.x] (Hopefully) fixed a failure in a selenium test.
No forward port to 1.6 since it has new transactionmanagement. The
wait_page_loaded should ensure that the liveserver has time to tear
down properly after the submit.
2013-09-15 10:44:29 +02:00
Minjong Chung
e66fe357b2 Fixed #21102 -- pickling a QuerySet with prefetches twice
Fixed the bug that a QuerySet that prefetches related objects cannot be
pickled and unpickled more than once (The second pickling attempt
raises an exception).

Added a new test for the queryset pickling idempotency.

The bug was introduced by
bac187c0d8e829fb3ca2ca82965eabbcbcb6ddd5.
2013-09-14 10:03:03 +03:00
Tim Graham
988b61c550 [1.5.x] Prevented arbitrary file inclusion with {% ssi %} tag and relative paths.
Thanks Rainer Koirikivi for the report and draft patch.

This is a security fix; disclosure to follow shortly.

Backport of 7fe5b656c9 from master
2013-09-10 21:05:03 -04:00
Tim Graham
616a4d385a [1.5.x] Fixed #20922 -- Allowed customizing the serializer used by contrib.sessions
Added settings.SESSION_SERIALIZER which is the import path of a serializer
to use for sessions.

Thanks apollo13, carljm, shaib, akaariai, charettes, and dstufft for reviews.

Backport of b0ce6fe656 from master
2013-08-22 17:49:11 -04:00
Jacob Kaplan-Moss
90363e388c Apply autoescaping to AdminURLFieldWidget.
This is a security fix; disclosure to follow shortly.
2013-08-13 11:04:21 -05:00
Anssi Kääriäinen
bf4c8d8c98 [1.5.x] Fixed qs ordering related randomly failing test
The failure wasn't present in 1.6+, so this is not a backpatch.
2013-07-29 14:28:41 +03:00
Florian Apolloner
41492f0f1b [1.5.x] Simplified smart_urlquote and added some basic tests.
Backport of b70c371fc1f18ea0c43b503122df3f311afc7105 from master.
2013-07-28 10:07:29 +02:00
Tim Graham
dd2a512f68 [1.5.x] assertEquals -> assertEqual 2013-07-27 18:46:55 -04:00
Luke Plant
00b39e0145 [1.5.x] Fixed #19607 - prefetch_related crash
Thanks to av@rdf.ru and flarno11@yahoo.de for the report.

Backport of 4fd94969d8 from master
2013-07-27 17:59:27 -04:00
Tim Graham
8904e9fb98 [1.5.x] Fixed #20681 -- Prevented teardown_databases from attempting to tear down aliases
Thanks simonpercivall.

Backport of d9c580306c from master
2013-07-13 18:09:24 -04:00
Tim Graham
13546cae9c [1.5.x] Fixed #19196 -- Added test/requirements
Backport of 4d92a0bd86 from master.
2013-07-10 11:32:28 -04:00
Tim Graham
95aa2182b7 [1.5.x] Fixed #19940 -- Made test.runner.setup_databases properly handle aliases for defau
Thanks simonpercivall.

Backport of 2cbd579efe from master.
2013-07-04 20:41:01 -04:00
Daniel Lindsley
cb9aaac91f [1.5.x] Fixed #20212 - __reduce__ should only be defined for Py3+. 2013-05-21 10:17:27 -07:00
Anssi Kääriäinen
bac187c0d8 [1.5.x] Fixed prefetch_related + pickle regressions
There were a couple of regressions related to field pickling. The
regressions were introduced by QuerySet._known_related_objects caching.

The regressions aren't present in master, the fix was likely in
f403653cf146384946e5c879ad2a351768ebc226.

Fixed #20157, fixed #20257. Also made QuerySets with model=None
picklable.
2013-05-21 11:45:24 +03:00
Anssi Kääriäinen
0eddedf7db [1.5.x] Fixed #20278 -- ensured .get() exceptions do not recurse infinitely
A regression caused by d5b93d3281fe93cbef5de84a52 made .get() error
reporting recurse infinitely on certain rare conditions. Fixed this by
not trying to print the given lookup kwargs.

Backpatch of 266c0bb23e9d64c47ace4d162e582febd5a1e336
2013-05-20 19:05:43 +03:00
Tai Lee
23b234a9d9 [1.5.x] Fixed #20354 -- makemessages no longer crashes with UnicodeDecodeError
Handle the `UnicodeDecodeError` exception, send a warning to `stdout` with the
file name and location, and continue processing other files.
Backport of 99a6f0e77 from master.
2013-05-07 21:36:51 +02:00
Florian Apolloner
0b0d98fd4e [1.5.x] Fixed test failures introduced in a5becad9094e5c5403b692b9a7b3a6ffaabf64a3.
Backport of 780fa48f5fb81b2f0f58de95167abff84a6149aa from master
2013-05-05 16:14:41 +02:00
Claude Paroz
abdcf81843 [1.5.x] Fixed #20237 (again) Allowed binary parameter to assertContains
Backport of b04fd579d5 from master.
2013-04-12 20:16:35 +02:00
Baptiste Mispelon
9c49e64b66 [1.5.x] Fixed #20211: Document backwards-incompatible change in BoundField.label_tag
Also cleaned up label escaping and consolidated the test suite regarding
label_tag.
Backport of ab686022f from master.
2013-04-12 10:25:44 +02:00
Claude Paroz
427b59495e [1.5.x] Fixed #20237 -- Reenabled assertContains with binary parameter
Thanks Baptiste Mispelon for the review.
Backport of fe01404bb9 from master.
2013-04-11 10:58:06 +02:00
Simon Charette
d04e8f8c78 [1.5.x] Fixed #20207 -- Handle ManyToManyField with a unicode name correctly.
Backport of 216580e034.
2013-04-05 15:21:59 -04:00
Julien Phalip
a15a3e9148 [1.5.x] Fixed #20169 -- Ensured that the WSGI request's path is correctly based on the SCRIPT_NAME environment parameter or the FORCE_SCRIPT_NAME setting, regardless of whether or not those have a trailing slash. Thanks to bmispelon for the review.
Backport of 2f81a0ca6543f
2013-04-01 12:07:58 -07:00
Jacob Kaplan-Moss
bec250211b [1.5.x] Correctly restore warning capture after logging tests.
This is a fix to the wrong behavior that 15c3906eeb introduced.

Backport of 4befef9 from trunk.
2013-03-27 17:03:12 -05:00
Jacob Kaplan-Moss
9a41045b77 [1.5.x] Fixed logging-related test failure introduced by e79b857.
Backport of 654d8e9.
2013-03-27 12:21:26 -05:00
Preston Holmes
572a300e56 [1.5.x] Fixed #18985 -- ensure module level deprecations are displayed
Also don't compete with -W CLI option.

Thanks to Aymeric Augustin for the catch, and Claude Paroz for the patch.

Backport of e79b857a07905340556f781a7d63016236b21c61 from master.
2013-03-27 10:37:47 -05:00
Anssi Kääriäinen
207117ae73 [1.5.x] Fixed #20091 -- Oracle null promotion for empty strings
Backpatch of e17fa9e877e84e93b699c2bd13ea48dbbb86e451
2013-03-26 15:05:37 +02:00
Claude Paroz
deec020bf5 [1.5.x] Fixed #20108 -- Fixed filepath_to_uri decoding error
This was a regression due to unicode_literals usage. Thanks Ivan
Virabyan for the report and the initial patch.
Backport of 164528acc8 from master.
2013-03-22 17:58:36 +01:00
Marc Tamlyn
dd897e4eeb [1.5.x] Fixed #20094 - Be more careful when checking for Iterator
Python 2.6 has some different behaviour when checking
isinstance(foo, collections.Iterator).
Backport of 829dc3c5 from master.
2013-03-22 17:45:41 +01:00
Claude Paroz
b91067d9aa [1.5.x] Revert "Fixed #19895 -- Made second iteration over invalid queryset raise an exception too"
This reverts commit d1e87eb3baf75b1b6a0ada46a9b77f7e347cdb60.
This commit was the cause of a memory leak. See ticket for more details.
Thanks Anssi Kääriäinen for identifying the source of the bug.
2013-03-20 10:43:14 +01:00
Aymeric Augustin
702d39921c [1.5.x] Fixed #19634 -- Added proper __hash__ methods.
Classes overriding __eq__ need a __hash__ such that equal objects have
the same hash.

Thanks akaariai for the report and regebro for the patch.

Backport of e76147a from master.
2013-02-25 23:37:23 +01:00
Claude Paroz
cf114cffea [1.5.x] Fixed #19903 -- Fixed unbalanced setUp/tearDown calls in LiveServerAddress test
Backport of 6d52bcbb7c from master.
2013-02-25 08:59:44 +01:00
Aymeric Augustin
455baa68eb [1.5.x] Changed testing strategy used in 6b03179e.
Avoid polluting the app cache as it causes unrelated test failures.

Refs #19688.

Backport of 7b49da1 from master.
2013-02-25 00:11:10 +01:00
Simon Charette
f8b41da431 [1.5.x] Fixed #19688 -- Allow model subclassing with a custom metaclass using six.with_metaclass
Backport of 6b03179e126d4df01623dccc162c1579f349e41e from master.

Although we're post RC 2, I'm backporting this because it's arguably a
major bug in a new feauture that will prevent several well-known
third-party apps from being ported to Python 3.
2013-02-24 17:45:48 +01:00
Grzegorz Nosek
d1e87eb3ba [1.5.x] Fixed #19895 -- Made second iteration over invalid queryset raise an exception too
When iteration over a queryset raised an exception, the result cache
remained initialized with an empty list, so subsequent iterations returned
an empty list instead of raising an exception

Backport of 2cd0edaa477b327024e4007c8eaf46646dcd0f21 from master.
2013-02-23 14:39:05 -06:00
Anssi Kääriäinen
8a99d718f7 [1.5.x] Fixed empty strings + to_field regression on Oracle
Querying the reverse side of nullable to_field relation, where both
sides can contain null values resulted in incorrect results. The reason
was not detecting '' as NULL.

Refs #17541, backpatch of 09fcb70c804b76fccc8fc0ac545873e5ab30c00a.
2013-02-23 00:09:48 +02:00
Anssi Kääriäinen
96790fc022 [1.5.x] Made a couple of selenium tests wait for page loaded
The admin_widgets tests were issuing click() to the browser but
didn't wait for the effects of those clicks. This caused the resulting
request to be processed concurrently with the test case. When using
in-memory SQLite this caused weird failures.

Also added wait_page_loaded() to admin selenium tests for code
reuse.

Fixed #19856, backpatch of 50677b29af39ca670274fb45087415c883c78b04
2013-02-21 00:01:07 +02:00
Anssi Kääriäinen
8ad436636f [1.5.x] Fixed #19672 -- Error in negated Q() filtering
There was a variable overwrite error in negated join filtering. This
happened when add_filter() was adding the IS NULL condition to the
WHERE clause.

This is not a backport from master as there have been some other
refactorings which made this patch irrelevant.

The patch is from Ian Kelly.
2013-02-20 21:57:39 +02:00
Aymeric Augustin
3ef4bbf495 [1.5.x] Added a default limit to the maximum number of forms in a formset.
This is a security fix. Disclosure and advisory coming shortly.
2013-02-19 10:39:04 -07:00
Carl Meyer
0e46c7f7ac [1.5.x] Checked object permissions on admin history view.
This is a security fix. Disclosure and advisory coming shortly.

Patch by Russell Keith-Magee.
2013-02-19 10:39:04 -07:00
Carl Meyer
2d0c22e02d [1.5.x] Restricted the XML deserializer to prevent DoS attacks.
This is a security fix. Disclosure and advisory coming shortly.
2013-02-19 10:39:03 -07:00
Carl Meyer
a7e33c5bf3 [1.5.x] Added a new required ALLOWED_HOSTS setting for HTTP host header validation.
This is a security fix; disclosure and advisory coming shortly.
2013-02-19 10:39:03 -07:00
Claude Paroz
41848b078a [1.5.x] Fixed #19833 -- Fixed import parameter encoding in get_runner
Thanks Danilo Bargen for the report.
Backport of 63236161 from master.
2013-02-16 13:32:03 +01:00
Julien Phalip
42e87c17f2 [1.5.x] Fixed #19829 -- Fixed index lookups for NumPy arrays in templates.
Backport of 7d5e35cdb46124e2471
2013-02-15 00:18:49 -08:00
Anssi Kääriäinen
743263a105 [1.5.x] Removed try-except in django.db.close_connection()
The reason was that the except clause needed to remove a connection
from the django.db.connections dict, but other parts of Django do not
expect this to happen. In addition the except clause was silently
swallowing the exception messages.

Refs #19707, special thanks to Carl Meyer for pointing out that this
approach should be taken.
2013-02-13 00:22:10 +02:00
Anssi Kääriäinen
7b5ca126ee [1.5.x] Fixed #19112 -- Reduced the amount of query params in a test
Backpatch of 604d8763dc2c901a3557e15880895d88af5c4127.
2013-02-10 21:09:58 +02:00
Anssi Kääriäinen
b18ad807e0 [1.5.x] Fixed #19720 -- Oracle ordering related delete regression
When a query had a complex where condition (a condition targeting more
than the base table) a subquery was used for deletion. However, the
query had default ordering from the model's meta and Oracle doesn't
work with ordered subqueries.

The regression was caused by fast-path deletion code introduced in
1cd6e04cd4f768bcd4385b75de433d497d938f82 for fixing #18676.

Thanks to Dylan Klomparens for the report.

Backpatch of 8ef3235034a1a7616714a5d61486dc68536f74ee
2013-02-10 19:58:22 +02:00