1
0
mirror of https://github.com/django/django.git synced 2024-11-19 16:04:13 +00:00
Commit Graph

4485 Commits

Author SHA1 Message Date
Jacob Kaplan-Moss
d698f319e4 Testing -- please ignore.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6725 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 21:26:11 +00:00
Malcolm Tredinnick
9130765ff9 Fixed #5890 -- fixed the far edge-case of allowing constant strings inside
template template markers: we now treat embedded, escaped double quotes
consistently with constant string arguments to filters. Patch from Dmitri
Fedortchenko.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6724 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 21:04:05 +00:00
Malcolm Tredinnick
5a5a71edcd Fixed #5991 -- Marked the generated HTML for newforms.extra.SelectDateWidget as
safe. Patch from alberto.piai@gmail.com.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6723 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 20:19:58 +00:00
Malcolm Tredinnick
1c87a7bb58 Fixed #5730: Conditionally escape widget contents in newforms to avoid
inadvertent double-escaping. This still isn't perfect behaviour (since it's
unaware of the current context's auto-escaping setting), but that's a larger
problem that needs fixing and this change at least makes the existing
behaviour consistent. Patch from SmileyChris.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6722 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 20:19:54 +00:00
Malcolm Tredinnick
dc716112a7 Fixed an edge-case for auto-escaping: if the stringfilter decorator is used and
generates a first argument that is a safe string, make the is_safe handling
work as expect.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6721 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 20:03:28 +00:00
Malcolm Tredinnick
2d0d6620e6 Fixed #6015 -- Fixed a CSS escaping issue for admin's edit-inline.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6720 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 17:58:10 +00:00
Malcolm Tredinnick
8f70eb5b50 FIxed #5951 -- Updated Polish translation. Thanks, Jarek Zgoda.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6719 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-28 16:13:09 +00:00
Russell Keith-Magee
6b626800f8 Fixed #5943 -- Modified django-admin.py to work like manage.py whenever a --settings option is provided. Thanksfor the patch, Todd O'Bryan.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6718 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-26 12:32:57 +00:00
Gary Wilson Jr
f110da91db Fixed #5993 -- Made RadioSelect easier to subclass by giving it a default renderer as a class attribute.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6717 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-26 02:39:48 +00:00
Gary Wilson Jr
183a457f5a Fixed #2086 -- Changed base.css to import null.css (added in [6197]) instead of null.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6716 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-25 20:29:26 +00:00
Gary Wilson Jr
5903b0bdcd Added a few more tests for MultiValueDict.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6715 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-25 18:16:40 +00:00
Gary Wilson Jr
c7181ec0ff Made MultiValueDict's get and getlist method docstrings more descriptive.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6714 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-25 18:14:18 +00:00
Gary Wilson Jr
891cc5df92 Minor styling fix in DotExpandedDict.__init__.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6713 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-25 18:11:44 +00:00
Gary Wilson Jr
303d22b0d2 Changed several hardcoding of dict method calls in django.utils.datastructures.py to use super instead.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6712 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-25 18:10:45 +00:00
Gary Wilson Jr
8df3d2b467 In MergeDict class, changed variable names to not clash with dict builtin.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6711 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-25 18:07:57 +00:00
Russell Keith-Magee
dab8503146 Corrected a docstring in django.test.TestCase to match the actual behavior.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6710 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-23 10:51:17 +00:00
Gary Wilson Jr
900811f401 Fixed #5981 -- Fixed failing regression test when using locmem cache backend. Changed add to pickle the value as is done in set. Based on patch from mattmcc.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6709 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-21 19:54:58 +00:00
Malcolm Tredinnick
2e9e36e297 Fixed #5983 -- Made iriencode filter respect safe strings. Patch from
SmileyChris.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6706 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-20 01:37:57 +00:00
Malcolm Tredinnick
ab69710de4 Fixed #5976 -- Handle auto-escaping correctly for empty columns in admin change
view.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6705 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-20 01:37:34 +00:00
Malcolm Tredinnick
116b9d06cc Fixed #5974 -- Added autoescaping for source code lines and local variables in
technical debug page.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6704 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-20 01:37:16 +00:00
Malcolm Tredinnick
b1d40295bc Fixed #5973 -- Fixed inadvertent allow_tags=True auto-escaping problem.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6703 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-20 01:37:01 +00:00
Gary Wilson Jr
6522e0697a Fixed #5932 -- Use self.pages and not self._pages in _get_page_range so that an exception is not raised if self.page_range is accessed before self.pages.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6702 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 06:10:23 +00:00
Gary Wilson Jr
1607acee40 Fixed #5978 -- Gave LOCALE_PATHS a default setting of an empty tuple and removed some code that was checking for its existance in settings before accessing it.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6701 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 05:59:58 +00:00
Gary Wilson Jr
331d4bba97 Fixed link to settings documentation in the i18n docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6700 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 04:36:09 +00:00
Gary Wilson Jr
42c5a91388 Made use of EMPTY_VALUES in ModelChoiceField.clean().
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6699 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 04:07:03 +00:00
Gary Wilson Jr
66576c285a Some minor changes to the patch_vary_headers function:
* Replaced a for loop with a list comprehension.
 * Used a set instead of a dict with dummy values.
 * Used a bit more readable variable names.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6698 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 04:00:41 +00:00
Gary Wilson Jr
5870ffd4b0 Made some stylistic changes in GZipMiddleware and added some notes about IE, refs #5313.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6697 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 03:41:46 +00:00
Gary Wilson Jr
34cc21983c Removed vary_delim_re in django/utils/cache.py in favor of existing cc_delim_re since the latter is more correct in parsing the header (allows whitespace before and after comma separators instead of just after). As a bonus, tests added for patch_vary_headers().
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6696 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 03:12:19 +00:00
Gary Wilson Jr
7d8ac66026 Added *.pyc ignore.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6695 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-19 03:01:20 +00:00
Gary Wilson Jr
b2b6fc8e3c Fixed #5975 -- Gave ModelChoiceField and ModelMultipleChoiceField ability to specify custom error messages.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6694 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-18 20:25:23 +00:00
Malcolm Tredinnick
86ca11dd6d Rewrote the section about writing autoescaping-aware filters, based on feedback
from Ivan Sagalaev.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6692 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-18 07:19:11 +00:00
Gary Wilson Jr
38d972b9ec Fixed #5880 -- Fixed an XSS hole in the admin interface.
* Escaped text that gets sent after saving the admin foreignkey popup form.
 * Added quotes around the second argument passed to `opener.dismissAddAnotherPopup` to make the function also work when a text field is used as the primary key.
 * Added a `html_unescape` javascript function to unescape the strings passed in to the `dismissAddAnotherPopup` function so that the added choice displays correctly in the dropdown box.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6691 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-18 06:51:20 +00:00
Malcolm Tredinnick
5f8cfe99f3 Fixed #5969 -- Corrected a problem introduced in [6682].
*sigh* As usual, the one case I forget to test turned out to be broken.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6689 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-18 03:36:03 +00:00
Malcolm Tredinnick
ce73298e26 Fixed #5960 -- Fixed some Python 2.3 incompatibilities.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6685 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 12:58:06 +00:00
Malcolm Tredinnick
4bd75e8712 Fixed a couple of chained filter tests that weren't demonstrating what they
claimed (since the "cut" filter's behaviour had changed since I originally
wrote those tests).


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6684 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 12:18:09 +00:00
Malcolm Tredinnick
4585b4d6c2 Fixed some missed auto-escaping and URL quoting cases in the urlize filter.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6683 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 12:12:40 +00:00
Malcolm Tredinnick
adcec0885d Fixed a few problems with variable resolving inside of blocktrans tags. A couple of these were exposed by the auto-escaping changes, but I suspect the other one has been hiding in plain sight for a while.
Fixed #5952, #5953


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6682 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 12:12:18 +00:00
Malcolm Tredinnick
64c0bf8677 Translating safe strings should return a safe result.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6681 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 12:11:54 +00:00
Malcolm Tredinnick
0928fa5566 Fixed #5945 -- Treat string literals in template filter arguments as safe
strings for auto-escaping purposes.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6680 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 12:11:26 +00:00
Malcolm Tredinnick
0b0ef3f0c5 Fixed #4713 -- Fixed handling of _() in template tag arguments. Based on
patched from Indy and SmileyChris.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6679 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-17 04:04:12 +00:00
Malcolm Tredinnick
d0f3c4386e Fixed #5898 -- Updated docs for r6662, as pointed out by arien.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6678 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-15 09:26:57 +00:00
Malcolm Tredinnick
84c1e78551 Fixed #5892, #5930 -- Fixed some typos pointed out by ars@iki.fi and nickl.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6677 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-15 09:21:36 +00:00
Malcolm Tredinnick
a5e960db48 Fixed #5933 -- Updated Polish translation from Jarek Zgoda.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6676 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-15 09:17:53 +00:00
Malcolm Tredinnick
b58c55fc80 Fixed #5944 -- Added safe string markings to admin error messages in one place
that was missed.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6675 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-14 22:58:24 +00:00
Malcolm Tredinnick
3322521cd6 Documented the time-saver in flatpages: title and content are marked as safe
strings.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6674 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-14 21:30:18 +00:00
Malcolm Tredinnick
bdb0b903c2 Content coming via {{ block.super }} is always going to be correctly escaped
already. We mark it as safe so that template authors don't need to.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6673 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-14 21:07:27 +00:00
Malcolm Tredinnick
356662cf74 Implemented auto-escaping of variable output in templates. Fully controllable by template authors and it's possible to write filters and templates that simulataneously work in both auto-escaped and non-auto-escaped environments if you need to. Fixed #2359
See documentation in templates.txt and templates_python.txt for how everything
works.

Backwards incompatible if you're inserting raw HTML output via template variables.

Based on an original design from Simon Willison and with debugging help from Michael Radziej.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@6671 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-14 12:58:53 +00:00
Gary Wilson Jr
babfe78494 Fixed #4787, #5913 -- Updating the queryset on a ModelChoiceField or ModelMultipleChoiceField now updates its widget's choices. The clean methods for ModelChoiceField and ModelMultipleChoiceField were changed to only allow choices in the specified queryset (instead of allowing all choices returned by the queryset model's default manager).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6670 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-13 14:36:29 +00:00
Gary Wilson Jr
5e8be6978e Simplified SortedDict.__deepcopy__ now that the its constructor can take a sequence of tuples.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6669 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-12 03:12:47 +00:00
Gary Wilson Jr
a4907be38e Fixed #5918 -- Removed SortedDictFromList since SortedDict now can do everything SortedDictFromList could do. Since SortedDict's copy method doesn't return a deepcopy as SortedDictFromList's copy method did, you will need to update your code if you were relying on SortedDictFromList.copy to return a deepcopy by using the deepcopy function from the copy module.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6668 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2007-11-11 04:44:20 +00:00