Jon Ribbens 
							
						 
					 
					
						
						
							
						
						aff2df2427 
					 
					
						
						
							
							[2.0.x]  Fixed   #28625  -- Distinguished DATABASES['TIME_ZONE'] from settings.TIME_ZONE.  
						
						... 
						
						
						
						Backport of 44f08422c8 
						
						
					 
					
						2017-09-28 10:17:46 -04:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						c7d58c6f43 
					 
					
						
						
							
							Fixed   #28435  -- Removed inaccurate warning about SECURE_HSTS_PRELOAD.  
						
						
						
						
					 
					
						2017-07-25 15:12:50 -04:00 
						 
				 
			
				
					
						
							
							
								Laura 
							
						 
					 
					
						
						
							
						
						e58c87cb70 
					 
					
						
						
							
							Fixed   #28336  -- Fixed typo in docs/ref/settings.txt.  
						
						
						
						
					 
					
						2017-06-27 21:41:10 -04:00 
						 
				 
			
				
					
						
							
							
								Mariusz Felisiak 
							
						 
					 
					
						
						
							
						
						516b7664dc 
					 
					
						
						
							
							Fixed   #28260  -- Allowed customizing the test tablespace initial and autoextend size on Oracle.  
						
						... 
						
						
						
						Thanks Tim Graham for the review. 
						
						
					 
					
						2017-06-02 18:35:56 +02:00 
						 
				 
			
				
					
						
							
							
								François Freitag 
							
						 
					 
					
						
						
							
						
						88336fdbb5 
					 
					
						
						
							
							Fixed   #28062  -- Added a setting to disable server-side cursors on PostgreSQL.  
						
						... 
						
						
						
						When a connection pooler is set up in transaction pooling mode, queries
relying on server-side cursors fail. The DISABLE_SERVER_SIDE_CURSORS
setting in DATABASES disables server-side cursors for this use case. 
						
						
					 
					
						2017-05-06 06:59:04 -04:00 
						 
				 
			
				
					
						
							
							
								Mariusz Felisiak 
							
						 
					 
					
						
						
							
						
						a3af8c99d9 
					 
					
						
						
							
							Removed extra characters in docs header underlines.  
						
						
						
						
					 
					
						2017-03-20 18:30:32 -04:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						c577d8a498 
					 
					
						
						
							
							Described DEBUG_PROPAGATE_EXCEPTIONS behavior in more detail.  
						
						
						
						
					 
					
						2017-03-09 12:18:17 -05:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						80493b0871 
					 
					
						
						
							
							Fixed   #27829  -- Deprecated settings.DEFAULT_CONTENT_TYPE.  
						
						
						
						
					 
					
						2017-02-16 07:59:44 -05:00 
						 
				 
			
				
					
						
							
							
								Claude Paroz 
							
						 
					 
					
						
						
							
						
						c651331b34 
					 
					
						
						
							
							Converted usage of ugettext* functions to their gettext* aliases  
						
						... 
						
						
						
						Thanks Tim Graham for the review. 
						
						
					 
					
						2017-02-07 09:04:04 +01:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						e27e4c0339 
					 
					
						
						
							
							Removed versionadded/changed annotations for 1.10.  
						
						
						
						
					 
					
						2017-01-17 20:52:05 -05:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						d334f46b7a 
					 
					
						
						
							
							Refs  #26601  -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES.  
						
						
						
						
					 
					
						2017-01-17 20:52:04 -05:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						9e734875fe 
					 
					
						
						
							
							Fixed   #24994  -- Documented the expected type of settings.SECRET_KEY.  
						
						
						
						
					 
					
						2016-12-28 07:36:37 -05:00 
						 
				 
			
				
					
						
							
							
								Preston Timmons 
							
						 
					 
					
						
						
							
						
						b52c73008a 
					 
					
						
						
							
							Fixed   #15667  -- Added template-based widget rendering.  
						
						... 
						
						
						
						Thanks Carl Meyer and Tim Graham for contributing to the patch. 
						
						
					 
					
						2016-12-27 17:50:10 -05:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						c27104a9c7 
					 
					
						
						
							
							Fixed   #27611  -- Doc'd that CSRF_COOKIE_HTTPONLY setting offers no security.  
						
						
						
						
					 
					
						2016-12-19 17:56:58 -05:00 
						 
				 
			
				
					
						
							
							
								Raphael Michel 
							
						 
					 
					
						
						
							
						
						ddf169cdac 
					 
					
						
						
							
							Refs  #16859  -- Allowed storing CSRF tokens in sessions.  
						
						... 
						
						
						
						Major thanks to Shai for helping to refactor the tests, and to
Shai, Tim, Florian, and others for extensive and helpful review. 
						
						
					 
					
						2016-11-30 08:57:27 -05:00 
						 
				 
			
				
					
						
							
							
								Ian Lee 
							
						 
					 
					
						
						
							
						
						501c993010 
					 
					
						
						
							
							Fixed typo in docs/ref/settings.txt.  
						
						
						
						
					 
					
						2016-11-11 07:01:48 -05:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						7fe2d8d940 
					 
					
						
						
							
							Fixed CVE-2016-9014 -- Validated Host header when DEBUG=True.  
						
						... 
						
						
						
						This is a security fix. 
						
						
					 
					
						2016-11-01 09:30:57 -04:00 
						 
				 
			
				
					
						
							
							
								Marti Raudsepp 
							
						 
					 
					
						
						
							
						
						da7910d483 
					 
					
						
						
							
							Fixed CVE-2016-9013 -- Generated a random database user password when running tests on Oracle.  
						
						... 
						
						
						
						This is a security fix. 
						
						
					 
					
						2016-11-01 09:30:57 -04:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						de91c172cf 
					 
					
						
						
							
							Fixed   #27410  -- Clarified when static files is enabled in STATIC_ROOT docs.  
						
						
						
						
					 
					
						2016-10-31 15:17:40 -04:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						414ad25b09 
					 
					
						
						
							
							Fixed   #27327  -- Simplified time zone handling by requiring pytz.  
						
						
						
						
					 
					
						2016-10-27 08:53:20 -04:00 
						 
				 
			
				
					
						
							
							
								Marti Raudsepp 
							
						 
					 
					
						
						
							
						
						51fbe2a60d 
					 
					
						
						
							
							Updated postgresql.org links to https and made them canonical.  
						
						
						
						
					 
					
						2016-10-25 11:43:32 -04:00 
						 
				 
			
				
					
						
							
							
								Denis Cornehl 
							
						 
					 
					
						
						
							
						
						a840710e1e 
					 
					
						
						
							
							Fixed   #26447  -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware.  
						
						
						
						
					 
					
						2016-10-10 14:55:59 -04:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						9819676676 
					 
					
						
						
							
							Updated links to the current version of MySQL docs.  
						
						
						
						
					 
					
						2016-09-30 09:14:17 -04:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						43c471e81c 
					 
					
						
						
							
							Fixed typo in docs/ref/settings.txt.  
						
						
						
						
					 
					
						2016-09-15 19:52:49 -04:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						ef021412d5 
					 
					
						
						
							
							Normalized spelling of ETag.  
						
						
						
						
					 
					
						2016-09-09 11:00:21 -04:00 
						 
				 
			
				
					
						
							
							
								Ed Morley 
							
						 
					 
					
						
						
							
						
						1d54fb4483 
					 
					
						
						
							
							Made settings docs link to cache parameters more specific.  
						
						
						
						
					 
					
						2016-08-31 12:31:30 -04:00 
						 
				 
			
				
					
						
							
							
								Chris Jerdonek 
							
						 
					 
					
						
						
							
						
						a3db480393 
					 
					
						
						
							
							Fixed   #27061  -- Added a TEST['TEMPLATE'] setting for PostgreSQL.  
						
						
						
						
					 
					
						2016-08-23 15:08:20 -04:00 
						 
				 
			
				
					
						
							
							
								Ed Morley 
							
						 
					 
					
						
						
							
						
						3c2447dd13 
					 
					
						
						
							
							Fixed   #26947  -- Added an option to enable the HSTS header preload directive.  
						
						
						
						
					 
					
						2016-08-10 20:23:54 -04:00 
						 
				 
			
				
					
						
							
							
								Ed Morley 
							
						 
					 
					
						
						
							
						
						8c3bc5cd78 
					 
					
						
						
							
							Fixed docs to refer to HSTS includeSubdomains as a directive.  
						
						... 
						
						
						
						The spec refers to it as a 'directive' rather than a 'tag':
https://tools.ietf.org/html/rfc6797#section-6.1.2  
						
						
					 
					
						2016-08-08 20:20:49 -04:00 
						 
				 
			
				
					
						
							
							
								Claude Paroz 
							
						 
					 
					
						
						
							
						
						255fb99284 
					 
					
						
						
							
							Fixed   #17209  -- Added password reset/change class-based views  
						
						... 
						
						
						
						Thanks Tim Graham for the review. 
						
						
					 
					
						2016-07-16 10:36:12 +02:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						944e66cb1d 
					 
					
						
						
							
							Reverted "Fixed  #25388  -- Added an option to allow disabling of migrations during test database creation"  
						
						... 
						
						
						
						This reverts commit 157d7f1f1d 
						
						
					 
					
						2016-07-14 09:21:28 -04:00 
						 
				 
			
				
					
						
							
							
								Claude Paroz 
							
						 
					 
					
						
						
							
						
						78963495d0 
					 
					
						
						
							
							Refs  #17209  -- Added LoginView and LogoutView class-based views  
						
						... 
						
						
						
						Thanks Tim Graham for the review. 
						
						
					 
					
						2016-06-24 10:45:13 +02:00 
						 
				 
			
				
					
						
							
							
								jasisz 
							
						 
					 
					
						
						
							
						
						b5a1c3a6f5 
					 
					
						
						
							
							Fixed   #25920  -- Added support for non-uniform NUMBER_GROUPING.  
						
						
						
						
					 
					
						2016-06-22 17:28:49 -04:00 
						 
				 
			
				
					
						
							
							
								Tobias McNulty 
							
						 
					 
					
						
						
							
						
						17e661641d 
					 
					
						
						
							
							Refs  #26666  -- Added ALLOWED_HOSTS validation when running tests.  
						
						... 
						
						
						
						Also used ALLOWED_HOSTS to check for external hosts in assertRedirects(). 
						
						
					 
					
						2016-06-20 11:07:46 -04:00 
						 
				 
			
				
					
						
							
							
								Anton I. Sipos 
							
						 
					 
					
						
						
							
						
						c3495bb984 
					 
					
						
						
							
							Fixed   #12666  -- Added EMAIL_USE_LOCALTIME setting.  
						
						... 
						
						
						
						When EMAIL_USE_LOCALTIME=True, send emails with a Date header
in the local time zone. 
						
						
					 
					
						2016-06-04 09:55:50 -04:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						46a38307c2 
					 
					
						
						
							
							Removed versionadded/changed annotations for 1.9.  
						
						
						
						
					 
					
						2016-05-20 11:44:29 -04:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						ece4d24f8e 
					 
					
						
						
							
							Refs  #26601  -- Deprecated old-style middleware.  
						
						
						
						
					 
					
						2016-05-17 07:22:26 -04:00 
						 
				 
			
				
					
						
							
							
								Florian Apolloner 
							
						 
					 
					
						
						
							
						
						9baf692a58 
					 
					
						
						
							
							Fixed   #26601  -- Improved middleware per DEP 0005.  
						
						... 
						
						
						
						Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP. 
						
						
					 
					
						2016-05-17 07:22:22 -04:00 
						 
				 
			
				
					
						
							
							
								Andre Cruz 
							
						 
					 
					
						
						
							
						
						929684d6ee 
					 
					
						
						
							
							Fixed   #21231  -- Enforced a max size for GET/POST values read into memory.  
						
						... 
						
						
						
						Thanks Tom Christie for review. 
						
						
					 
					
						2016-05-12 10:17:52 -04:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						f5ff5010cd 
					 
					
						
						
							
							Fixed   #26483  -- Updated docs.python.org links to use Intersphinx.  
						
						
						
						
					 
					
						2016-05-08 18:07:43 -04:00 
						 
				 
			
				
					
						
							
							
								Arnaud Limbourg 
							
						 
					 
					
						
						
							
						
						5cda4677b3 
					 
					
						
						
							
							Fixed   #26037  -- Documented precedence of USE_X_FORWARDED_HOST/PORT settings.  
						
						
						
						
					 
					
						2016-04-07 10:09:56 -04:00 
						 
				 
			
				
					
						
							
							
								Joshua Pereyda 
							
						 
					 
					
						
						
							
						
						f8b31dfdfc 
					 
					
						
						
							
							Fixed   #26419  -- Added a link in ALLOWED_HOSTS docs.  
						
						
						
						
					 
					
						2016-04-04 11:08:12 -04:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						12dee89d9c 
					 
					
						
						
							
							Removed some docs that should have been removed along with PROFANITIES_LIST.  
						
						
						
						
					 
					
						2016-03-31 13:21:32 -04:00 
						 
				 
			
				
					
						
							
							
								Berker Peksag 
							
						 
					 
					
						
						
							
						
						157d7f1f1d 
					 
					
						
						
							
							Fixed   #25388  -- Added an option to allow disabling of migrations during test database creation  
						
						
						
						
					 
					
						2016-03-23 08:21:30 +08:00 
						 
				 
			
				
					
						
							
							
								Bas Westerbaan 
							
						 
					 
					
						
						
							
						
						b4250ea04a 
					 
					
						
						
							
							Fixed   #26033  -- Added Argon2 password hasher.  
						
						
						
						
					 
					
						2016-03-08 11:22:18 -05:00 
						 
				 
			
				
					
						
							
							
								Alasdair Nicol 
							
						 
					 
					
						
						
							
						
						2404d209a5 
					 
					
						
						
							
							Fixed   #26309  -- Documented that login URL settings no longer support dotted paths.  
						
						
						
						
					 
					
						2016-03-03 07:34:14 -05:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						47b5a6a43c 
					 
					
						
						
							
							Fixed   #26187  -- Removed weak password hashers from PASSWORD_HASHERS.  
						
						
						
						
					 
					
						2016-02-22 18:59:23 -05:00 
						 
				 
			
				
					
						
							
							
								Hugo Osvaldo Barrera 
							
						 
					 
					
						
						
							
						
						dcee1dfc79 
					 
					
						
						
							
							Fixed   #12405  -- Added LOGOUT_REDIRECT_URL setting.  
						
						... 
						
						
						
						After a user logs out via auth.views.logout(), they're redirected
to LOGOUT_REDIRECT_URL if no `next_page` argument is provided. 
						
						
					 
					
						2016-02-04 10:35:37 -05:00 
						 
				 
			
				
					
						
							
							
								Tim Graham 
							
						 
					 
					
						
						
							
						
						67907ed845 
					 
					
						
						
							
							Made identation of default setting docs more consistenct.  
						
						
						
						
					 
					
						2016-02-02 11:40:28 -05:00 
						 
				 
			
				
					
						
							
							
								rowanv 
							
						 
					 
					
						
						
							
						
						a6ef025dfb 
					 
					
						
						
							
							Fixed   #26124  -- Added missing code formatting to docs headers.  
						
						
						
						
					 
					
						2016-02-01 10:42:05 -05:00