Tim Graham
24fc935218
Added CVE-2016-2512/2513 to security release archive.
2016-03-01 12:32:42 -05:00
Florian Apolloner
67b46ba701
Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
...
This is a security fix.
2016-03-01 11:25:28 -05:00
Mark Striemer
c5544d2892
Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.
...
This is a security fix.
2016-03-01 11:25:28 -05:00
Tim Graham
f43291639b
Added stub release notes for security issues.
2016-03-01 11:25:28 -05:00
Michal Petrucha
fe8ea3ba3b
Fixed #26217 -- Added a warning about format strings to WeekArchiveView docs.
2016-03-01 10:29:52 -05:00
acemaster
a1b1688c7d
Fixed #26165 -- Added some FAQs about CSRF protection.
...
Thanks Florian Apolloner and Shai Berger for review.
2016-03-01 08:45:05 -05:00
Taranjeet
11a8207d42
Fixed typos in docs/ref/models/meta.txt.
2016-03-01 08:33:27 -05:00
Simon Charette
0223e213dd
Fixed #26186 -- Documented how app relative relationships of abstract models behave.
...
This partially reverts commit bc7d201bdb
.
Thanks Tim for the review.
Refs #25858 .
2016-02-29 22:07:05 -05:00
Shai Berger
72e5778b23
Minor fixes for release-process doc fix
...
As suggested by Tim Graham
2016-02-28 19:30:18 +02:00
Shai Berger
3dd4e9203a
Fixed docs: release-process, Supported Versions section, concrete example
...
Security & data loss fixes are applied to the two last feature releases,
not just one.
Thanks Loic Bistuer for review
2016-02-28 18:44:47 +02:00
chenesan
b84f5ab4ec
Fixed #26230 -- Made default_related_name affect related_query_name.
2016-02-27 08:48:32 -05:00
inondle
5fb9756eba
Fixed #26275 -- Noted difference between o and Y date format chars.
2016-02-27 08:05:12 -05:00
Simon Charette
3938b3ccaa
Fixed #26286 -- Prevented content type managers from sharing their cache.
...
This should prevent managers methods from returning content type instances
registered to foreign apps now that these managers are also attached to models
created during migration phases.
Thanks Tim for the review.
Refs #23822 .
2016-02-26 16:18:16 -05:00
Tim Graham
b9519b2730
Added 'prefetches to docs/spelling_wordlist.
2016-02-26 16:06:34 -05:00
Adam Chainz
ef33bc2d4d
Fixed #25279 -- Made prefetch_related_objects() public.
2016-02-26 14:55:01 -05:00
Simon Charette
766afc22a1
Fixed #24793 -- Unified temporal difference support.
2016-02-26 12:25:12 -05:00
Ivan Tsouvarev
8890c533e0
Fixed #26280 -- Fixed cached template loader crash when loading nonexistent template.
2016-02-26 08:02:10 -05:00
Sjoerd Job Postmus
bbe136e1a2
Fixed #26231 -- Used .get_username in admin login template.
2016-02-25 19:29:53 -05:00
Tim Graham
22d2a5b00a
Corrected a run on sentence in doc/topics/db/models.txt.
2016-02-25 14:22:41 -05:00
Tim Graham
1f8cfcf3b4
Fixed #26278 -- Clarified apps.ready docs.
2016-02-25 08:55:10 -05:00
Tim Graham
7a7e403325
Refs #26270 -- Reorganized TestCase docs.
2016-02-25 07:58:22 -05:00
Olivier Le Thanh Duong
10781b4c6f
Fixed #12233 -- Allowed redirecting authenticated users away from the login view.
...
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.
Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
2016-02-25 07:18:33 -05:00
Tim Graham
441c537b66
Fixed a function signature in docs/topics/auth/default.txt.
2016-02-24 16:24:33 -05:00
Claude Paroz
c5517b9e74
Fixed #26266 -- Output the primary key in the GeoJSON serializer properties
...
Thanks Tim Graham for the review.
2016-02-24 16:10:46 +01:00
Tim Graham
6637cd0ef2
Removed docs of deprecated SimpleTestCase warnings behavior.
...
Removed in Django 1.7 (4f6be9a0c4
).
2016-02-24 09:57:39 -05:00
Jon Dufresne
b412681359
Fixed #26267 -- Fixed BoundField to reallow slices of subwidgets.
2016-02-24 07:02:51 -05:00
James Aylett
1ff6e37de4
Fixed #23832 -- Added timezone aware Storage API.
...
New Storage.get_{accessed,created,modified}_time() methods convert the
naive time from now-deprecated {accessed,created_modified}_time()
methods into aware objects in UTC if USE_TZ=True.
2016-02-23 18:51:43 -05:00
Andrew Kuchev
e81d1c995c
Fixed #25670 -- Allowed dictsort to sort a list of lists.
...
Thanks Tim Graham for the review.
2016-02-23 12:15:08 -05:00
Tim Graham
cdbd8745f6
Fixed #26263 -- Deprecated Context.has_key()
2016-02-23 08:08:55 -05:00
Claude Paroz
b46c0ea6c8
Fixed #26190 -- Returned handle() result from call_command
...
Thanks Tim Graham for the review.
2016-02-23 09:12:12 +01:00
Tim Graham
47b5a6a43c
Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS.
2016-02-22 18:59:23 -05:00
Markus Holtermann
b14470c7b7
Fixed spelling error
2016-02-23 10:24:38 +11:00
Tim Graham
5a541e2e6c
Fixed #26188 -- Documented how to wrap password hashers.
2016-02-22 17:21:45 -05:00
Tim Graham
33a4040d07
Refs #26253 -- Forwardported release note.
2016-02-22 17:19:08 -05:00
Daniel Quinn
de7edc005f
Fixed import location of check_password() in docs.
2016-02-22 12:42:47 -05:00
Claude Paroz
d43156e1e9
Fixed #26238 -- Raised explicit error for non-editable field in ModelForm
...
Thanks Luke Crouch for the report and Simon Charette for the review.
2016-02-21 00:24:20 +01:00
Akshesh
6670da75ff
Fixed #25653 -- Made --selenium run only the selenium tests.
2016-02-19 14:21:00 -05:00
Tim Graham
032f5a7896
Refs #25735 -- Made @tag decorator importable from django.test.
2016-02-19 14:21:00 -05:00
Raphael Michel
5c31d8d189
Fixed #26243 -- Noted that 'python -R' is enabled by default in Python 3.3.
2016-02-19 10:50:15 -05:00
Sergey Fedoseev
23e1ad537a
Fixed #25974 -- Switched GIS docs to 4 spaces indentation.
2016-02-19 09:27:32 -05:00
Sergey Fedoseev
dbaa1a6b59
Fixed some code blocks indentation in GIS docs.
2016-02-19 08:34:38 -05:00
Tim Graham
b1afebf882
Fixed #26204 -- Reallowed dashes in top-level domains for URLValidator.
...
Thanks Shai Berger for the review.
2016-02-18 19:06:49 -05:00
Akshesh
d58aaa24e3
Fixed #26107 -- Added option to int_list_validator() to allow negative integers.
2016-02-18 18:58:18 -05:00
Tim Graham
b954ad0640
Added intended use in the admin's introduction.
2016-02-18 08:50:22 -05:00
Akshesh
fdccc02576
Fixed #26219 -- Fixed crash when filtering by Decimal in RawQuery.
2016-02-17 13:56:42 -05:00
Tim Graham
88034c9938
Fixed #25687 -- Documented how to add database function support to third-party backends.
...
Thanks Kristof Claes for the initial patch.
2016-02-17 13:36:12 -05:00
Berker Peksag
f0425c7260
Refs #19353 -- Added tests for using custom user models with built-in auth forms.
...
Also updated topics/auth/customizing.txt to reflect that subclasses of
UserCreationForm and UserChangeForm can be used with custom user models.
Thanks Baptiste Mispelon for the initial documentation.
2016-02-17 10:26:07 -05:00
Jakub Paczkowski
d4dc775620
Fixed #25735 -- Added support for test tags to DiscoverRunner.
...
Thanks Carl Meyer, Claude Paroz, and Simon Charette for review.
2016-02-17 09:44:18 -05:00
Jon Dufresne
0db7e61076
Followed recommended ValidationError use in docs.
2016-02-17 09:05:33 -05:00
Juan José Conti
bb7042cdab
Used relative models imports in the GIS tutorial.
2016-02-16 23:24:29 -05:00