Natalia
bf4888d317
[4.2.x] Fixed CVE-2024-45231 -- Avoided server error on password reset when email sending fails.
...
On successful submission of a password reset request, an email is sent
to the accounts known to the system. If sending this email fails (due to
email backend misconfiguration, service provider outage, network issues,
etc.), an attacker might exploit this by detecting which password reset
requests succeed and which ones generate a 500 error response.
Thanks to Thibaut Spriet for the report, and to Mariusz Felisiak, Adam
Johnson, and Sarah Boyce for the reviews.
2024-09-03 09:42:25 -03:00
Markus Amalthea Magnuson
47f9b8dca1
[4.2.x] Fixed #34970 -- Clarified Password Validation docs regarding the password_changed callback.
...
Backport of 61c305f298
from main
2023-11-15 21:51:32 -03:00
Natalia
3fae5d92da
[4.2.x] Refs #30601 -- Fixed typos in docs/topics/db/transactions.txt.
...
Backport of 9b18af4f6f
from main
2023-10-30 13:50:20 -03:00
Natalia
a8aa94062b
[4.2.x] Refs #15578 -- Made cosmetic edits to fixtures docs.
...
Backport of b412e5645a
from main
2023-10-30 10:33:40 -03:00
lufafajoshua
696fbc32d6
[4.2.x] Fixed #30601 -- Doc'd the need to manually revert all app state on transaction rollbacks.
...
Backport of aa80b357fb
from main
2023-10-27 23:33:45 -03:00
Leo Suarez
43a3646070
[4.2.x] Fixed #15578 -- Stated the processing order of fixtures in the fixtures docs.
...
Also, added details about loading multiple fixtures and unified line wrapping
at 79 cols.
Co-Authored-By: Aniketh Babu <anikethbabu@gmail.com>
Co-Authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Co-Authored-By: Natalia Bidart <124304+nessita@users.noreply.github.com>
Backport of 334dc073b1
from main
2023-10-26 21:52:24 -03:00
lufafajoshua
e8fe48d3a0
[4.2.x] Fixed #34808 -- Doc'd aggregate function's default argument.
...
Backport of 8adc7c86ab
from main
2023-10-11 16:11:09 -03:00
Mariusz Felisiak
8e8c318449
[4.2.x] Avoided counting exceptions in AsyncClient docs.
...
Follow up to ad6bb20557
.
Backport of 9942a3e49b
from main
2023-08-24 05:21:00 +02:00
Luca Allulli
dcb9d7a0e4
[4.2.x] Improved formset docs by using a set instead of a list in the custom validation example.
...
Backport of c59be9f1da
from main
2023-08-23 22:26:05 -03:00
Mariusz Felisiak
1f9d00ef9f
[4.2.x] Added missing backticks in docs.
...
Backport of 02376f1f53
from main
2023-07-21 12:55:10 +02:00
Ashwin Dharne
fabd0510a0
[4.2.x] Fixed typo in docs/topics/db/fixtures.txt.
...
Backport of 5762b839ff
from main
2023-06-16 19:34:32 +02:00
Mariusz Felisiak
4b433ef236
[4.2.x] Refs #30220 -- Bumped required version of Selenium to 3.8.0.
...
Follow up to 8d010f3986
.
Backport of 06881341d4
from main
2023-06-13 10:13:15 +02:00
Akash Kumar Sen
eb84c068ed
[4.2.x] Fixed #30355 -- Doc'd interaction between custom managers and prefetch_related().
...
Backport of 5f2308710b
from main
2023-06-07 19:32:18 +02:00
Mariusz Felisiak
66d9fa4371
[4.2.x] Refs #23528 -- Made cosmetic edits to swappable_dependency() docs.
...
Backport of 1136aa5005
from main
2023-06-03 12:02:08 +02:00
DevilsAutumn
92ad551afd
[4.2.x] Fixed #23528 -- Doc'd django.db.migrations.swappable_dependency().
...
Backport of 7d96ce68ae
from main
2023-06-02 21:47:33 +02:00
Sarah Boyce
37ba4c3a94
[4.2.x] Fixed references to django.core.cache in docs.
...
Backport of c3862735cd
from main
2023-05-22 14:02:28 +02:00
Mariusz Felisiak
21b1b1fc03
[4.2.x] Fixed CVE-2023-31047, Fixed #31710 -- Prevented potential bypass of validation when uploading multiple files using one form field.
...
Thanks Moataz Al-Sharida and nawaik for reports.
Co-authored-by: Shai Berger <shai@platonix.com>
Co-authored-by: nessita <124304+nessita@users.noreply.github.com>
2023-05-03 13:43:16 +02:00
Ran Benita
4c68482c3e
[4.2.x] Fixed #34530 -- Improved docs when customizing storage for FileField.
...
Backport of 506f93f0c3
from main
2023-05-02 15:50:12 -03:00
Mariusz Felisiak
a4f7d935a2
[4.2.x] Added meaningful titles to ..admonition:: directives.
...
Backport of c487634c10
from main
2023-04-21 12:04:21 +02:00
Mariusz Felisiak
d1eb9b2994
[4.2.x] Improved examples in docs about raw SQL queries.
...
Regression in 14459f80ee
.
Backport of 498195bda4
from main
2023-04-20 12:25:02 +02:00
Tim Graham
26f181939e
[4.2.x] Used extlinks for PyPI links.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Backport of 2c4dc64760
from main
2023-04-17 07:44:29 +02:00
Yahya Ali
e68da20596
[4.2.x] Fixed #34463 -- Corrected code-block directives in docs.
...
Thanks ExTexan for the report.
Backport of 263db8af46
from main
2023-04-06 13:08:44 +02:00
Jesper Olsson
b0b769769e
[4.2.x] Fixed #34409 -- Doc'd limitation of dictfetchall() and namedtuplefetchall() examples.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Backport of 216eb63883
from main
2023-03-22 19:23:26 +01:00
Carlton Gibson
d118cbb1ed
[4.2.x] Doc'd use of asgiref.sync adapters with sensitive variables.
...
Backport of 6087bc4e15
from main.
2023-03-22 16:24:56 +01:00
amirsoroush
e4fad1372d
[4.2.x] Fixed typo in docs/topics/class-based-views/mixins.txt.
...
Backport of 6087bc4e15
from main
2023-03-22 09:56:06 +01:00
David Wobrock
6937c92169
[4.2.x] Fixed #34384 -- Fixed session validation when rotation secret keys.
...
Bug in 0dcd549bbe
.
Thanks Eric Zarowny for the report.
Backport of 2396933ca9
from main
2023-03-08 11:33:03 +01:00
django-bot
62510f01e7
[4.2.x] Fixed #34140 -- Reformatted code blocks in docs with blacken-docs.
2023-03-01 13:39:03 +01:00
Mariusz Felisiak
8d2ac000e4
[4.2.x] Refs #34140 -- Made minor edits to rst code-blocks.
...
Backport of 9cf2a5df70
from main
2023-03-01 13:34:13 +01:00
Joseph Victor Zammit
5bdd6223a2
[4.2.x] Refs #34140 -- Corrected rst code-block and various formatting issues in docs.
...
Backport of ba755ca131
from main
2023-02-28 12:54:33 +01:00
David Smith
ce10686604
[4.2.x] Refs #32339 -- Doc'd BaseFormSet.as_div()
...
Backport of 4038a8df0b
from main
2023-02-15 09:24:59 +01:00
Carlton Gibson
b7aab1fb3a
[4.2.x] Fixed #34328 -- Added async-only class-based middleware example.
...
Backport of ce8189eea0
from main
2023-02-14 14:16:19 +01:00
Sarah Boyce
de42d51361
[4.2.x] Fixed #29994 -- Added warning about performance of FileBasedCache with a large number of files.
...
Co-authored-by: sheenarbw <699166+sheenarbw@users.noreply.github.com>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Backport of 1eb94bc8da
from main
2023-02-13 21:09:55 +01:00
Carlton Gibson
b784768eef
[4.2.x] Refs #34140 -- Applied rst code-block to non-Python examples.
...
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for
reviews.
Backport of 534ac48297
from main.
2023-02-10 21:12:06 +01:00
Willem Van Onsem
7a88b1f5aa
[4.2.x] Fixed #34311 -- Updated serialization docs from unique_together to UniqueConstraint.
...
Backport of 292aacaf6c
from main
2023-02-09 05:56:31 +01:00
Marcelo Galigniana
9306a8d18f
[4.2.x] Fixed #34310 -- Added deletion example to one-to-one topic.
...
Backport of 7c6195ef81
from main
2023-02-07 08:05:17 +01:00
Durval Carvalho
af396ce3f9
[4.2.x] Fixed #34180 -- Added note about resetting language in test tear-downs.
...
Co-authored-by: Faris Naimi <farisfaris66@gmail.com>
Backport of 40217d1a82
from main
2023-01-31 07:29:21 +01:00
fschwebel
5159e05e40
[4.2.x] Fixed typo in docs/topics/auth/passwords.txt.
...
Wrapped hashing is only possible if the inner wrapped function is the
same as the previous hasher.
Backport of 0265b1b49b
from main
2023-01-30 08:32:13 +01:00
sarahboyce
0fbdb9784d
Fixed #23718 -- Doc'd that test mirrors require TransactionTestCase.
...
Co-authored-by: Christian Bundy <me@christianbundy.com>
2023-01-16 09:31:34 +01:00
Jarosław Wygoda
32940d390a
Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings.
2023-01-12 09:58:36 +01:00
Jarosław Wygoda
1ec3f0961f
Fixed #26029 -- Allowed configuring custom file storage backends.
2023-01-12 06:20:57 +01:00
Francesco Panico
72efd840a8
Fixed #34110 -- Added in-memory file storage.
...
Thanks Paolo Melchiorre, Carlton Gibson, and Mariusz Felisiak for
reviews.
2023-01-10 10:56:59 +01:00
David Wobrock
99bd5fb4c2
Refs #34074 -- Used headers argument for RequestFactory and Client in docs and tests.
2023-01-04 09:11:36 +01:00
Paul Schilling
298d02a77a
Fixed #25617 -- Added case-insensitive unique username validation in UserCreationForm.
...
Co-Authored-By: Neven Mundar <nmundar@gmail.com>
2022-12-29 09:42:22 +01:00
Carlton Gibson
0bd2c0c901
Fixed #33735 -- Added async support to StreamingHttpResponse.
...
Thanks to Florian Vazelle for initial exploratory work, and to Nick
Pope and Mariusz Felisiak for review.
2022-12-22 10:41:12 +01:00
Carlton Gibson
32d70b2f55
Refs #34118 -- Adopted asgiref coroutine detection shims.
...
Thanks to Mariusz Felisiak for review.
2022-12-20 11:10:48 +01:00
Mariusz Felisiak
0c60d11bdb
Fixed typo in docs/topics/async.txt.
2022-12-19 20:25:38 +01:00
TAKAHASHI Shuuji
05d70fb92b
Fixed typo in docs/topics/http/sessions.txt.
2022-12-16 09:55:21 +01:00
Daniele Varrazzo
09ffc5c121
Fixed #33308 -- Added support for psycopg version 3.
...
Thanks Simon Charette, Tim Graham, and Adam Johnson for reviews.
Co-authored-by: Florian Apolloner <florian@apolloner.eu>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-12-15 06:17:57 +01:00
SirAbhi13
b8738aea14
Fixed #33199 -- Deprecated passing positional arguments to Signer/TimestampSigner.
...
Thanks Jacob Walls for the implementation idea.
2022-12-09 12:44:48 +01:00
Simon Charette
0ff46591ac
Refs #33308 -- Deprecated support for passing encoded JSON string literals to JSONField & co.
...
JSON should be provided as literal Python objects an not in their
encoded string literal forms.
2022-12-01 19:14:00 +01:00