1
0
mirror of https://github.com/django/django.git synced 2024-12-30 13:05:45 +00:00
Commit Graph

506 Commits

Author SHA1 Message Date
Markus Holtermann
7ac5ff37b8 [4.2.x] Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files.
Thanks to Jakob Ackermann for the report.
2023-02-14 08:21:18 +01:00
Carlton Gibson
b784768eef [4.2.x] Refs #34140 -- Applied rst code-block to non-Python examples.
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for
reviews.

Backport of 534ac48297 from main.
2023-02-10 21:12:06 +01:00
sarahboyce
0fbdb9784d Fixed #23718 -- Doc'd that test mirrors require TransactionTestCase.
Co-authored-by: Christian Bundy <me@christianbundy.com>
2023-01-16 09:31:34 +01:00
Jarosław Wygoda
32940d390a Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings. 2023-01-12 09:58:36 +01:00
Jarosław Wygoda
1ec3f0961f Fixed #26029 -- Allowed configuring custom file storage backends. 2023-01-12 06:20:57 +01:00
Tibor Leupold
33f4de34e6 Fixed #34064 -- Adjusted locale override wording in settings docs. 2022-11-24 14:23:20 +01:00
Filip Lajszczak
6103059592 Fixed #34054 -- Created a new fixtures topic.
Moved material from django-admin document into a new document, and
added new material.

Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-11-02 08:08:02 +01:00
Kanza
5f5401b114 Fixed #33920 -- Doc'd dependency of LOGGING_CONFIG callback on non-empty LOGGING. 2022-08-24 11:38:43 +02:00
Carlton Gibson
ca1c3151c3 Removed versionadded/changed annotations for 4.0. 2022-05-17 14:22:06 +02:00
David
ce586ed693 Removed hyphen from pre-/re- prefixes.
"prepopulate", "preload", and "preprocessing" are already in the
spelling_wordlist.

This also removes hyphen from double "e" combinations with "pre" and
"re", e.g. preexisting, preempt, reestablish, or reenter.

See also:
- https://ahdictionary.com/word/search.html?q=rerun
- https://ahdictionary.com/word/search.html?q=recreate
- https://ahdictionary.com/word/search.html?q=predetermined
- https://ahdictionary.com/word/search.html?q=reuse
- https://ahdictionary.com/word/search.html?q=reopening
2022-04-28 10:44:14 +02:00
Thomas Schmidt
1cf60ce601 Fixed #33569 -- Added SECURE_PROXY_SSL_HEADER support for list of protocols in the header value. 2022-03-23 19:33:36 +01:00
Mariusz Felisiak
ca88caa103 Refs #33476 -- Used vertical hanging indentation for format lists with inline comments.
Lists with multiple values and comments per-line are reformatted
by Black to multiple lines with a single comment. For example:

DATE_INPUT_FORMATS =
    "%Y-%m-%d", "%m/%d/%Y", "%m/%d/%y",  # '2006-10-25', '10/25/2006', '10/25/06'
]

is reformatted to the:

DATE_INPUT_FORMATS =
    "%Y-%m-%d",
    "%m/%d/%Y",
    "%m/%d/%y",  # '2006-10-25', '10/25/2006', '10/25/06'
]

This reformats affected entries to multiple lines with corresponding
comments.
2022-02-01 15:11:35 +01:00
tschilling
0dcd549bbe Fixed #30360 -- Added support for secret key rotation.
Thanks Florian Apolloner for the implementation idea.

Co-authored-by: Andreas Pelme <andreas@pelme.se>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
2022-02-01 11:12:24 +01:00
Adam Johnson
45a42aabfa Fixed #29708 -- Deprecated PickleSerializer. 2022-01-13 13:50:20 +01:00
Adam Johnson
fde425051c
Added TemplatesSetting to list of built-in renderers in FORM_RENDERER docs. 2021-12-22 07:59:24 +01:00
Przemysław Suliga
4ce59f602e Fixed #30398 -- Added CONN_HEALTH_CHECKS database setting.
The CONN_HEALTH_CHECKS setting can be used to enable database
connection health checks for Django's persistent DB connections.

Thanks Florian Apolloner for reviews.
2021-12-01 07:44:48 +01:00
Chris Jerdonek
5d80843ebc Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret.
This also adds CSRF_COOKIE_MASKED transitional setting helpful in
migrating multiple instance of the same project to Django 4.1+.

Thanks Florian Apolloner and Shai Berger for reviews.

Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-11-29 10:47:39 +01:00
David Smith
69b0736fad Refs #32956 -- Changed docs to treat the acronym HTTP phonetically. 2021-10-18 21:00:28 +02:00
Mariusz Felisiak
97237ad3fe Removed versionadded/changed annotations for 3.2. 2021-09-20 21:23:01 +02:00
David Smith
456466d932 Fixed #31026 -- Switched form rendering to template engine.
Thanks Carlton Gibson, Keryn Knight, Mariusz Felisiak, and Nick Pope
for reviews.

Co-authored-by: Johannes Hoppe <info@johanneshoppe.com>
2021-09-20 15:50:18 +02:00
Carlton Gibson
306607d5b9 Fixed #32365 -- Made zoneinfo the default timezone implementation.
Thanks to Adam Johnson, Aymeric Augustin, David Smith, Mariusz Felisiak, Nick
Pope, and Paul Ganssle for reviews.
2021-09-16 12:11:05 +02:00
David Smith
7132d17de1 Doc'd Jinja2 form renderer. 2021-09-16 11:25:00 +02:00
Daniyal
ec212c6616 Fixed #33012 -- Added Redis cache backend.
Thanks Carlton Gibson, Chris Jerdonek, David Smith, Keryn Knight,
Mariusz Felisiak, and Nick Pope for reviews and mentoring this
Google Summer of Code 2021 project.
2021-09-14 15:50:08 +02:00
Claude Paroz
676bd084f2 Fixed #32873 -- Deprecated settings.USE_L10N.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-09-14 12:05:43 +02:00
David Smith
fbb1984046
Refs #32956 -- Updated words ending in -wards.
AP styleguide: Virtually none of the words ending with -wards end with
an s.
2021-07-30 20:34:50 +02:00
David Smith
1024b5e74a Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate. 2021-07-29 06:24:12 +02:00
Nick Pope
7f33c1e22d
Added note about zero timeout in cache settings docs. 2021-07-14 20:28:21 +02:00
Claude Paroz
8cd55021bc Fixed #32379 -- Started deprecation toward changing default USE_TZ to True.
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-18 20:26:44 +02:00
Tim Graham
54da6e2ac2 Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting. 2021-04-30 12:32:52 +02:00
Carlton Gibson
907d3a7ff4 Refs #32674 -- Noted that auto-created through table PKs cannot be automatically migrated. 2021-04-29 13:53:56 +02:00
bankc
db5b75f10f Fixed #31840 -- Added support for Cross-Origin Opener Policy header.
Thanks Adam Johnson and Tim Graham for the reviews.

Co-authored-by: Tim Graham <timograham@gmail.com>
2021-03-30 19:59:24 +02:00
Tim Graham
2411b8b5eb Fixed #16010 -- Added Origin header checking to CSRF middleware.
Thanks David Benjamin for the original patch, and Florian
Apolloner, Chris Jerdonek, and Adam Johnson for reviews.
2021-03-18 20:25:20 +01:00
Tim Graham
dba44a7a7a Refs #16010 -- Required CSRF_TRUSTED_ORIGINS setting to include the scheme. 2021-03-18 20:00:22 +01:00
Simon Charette
3089018e95 Fixed #32446 -- Deprecated SERIALIZE test database setting.
Whether or not the state of a test database should be serialized can be
inferred from the set of databases allowed to be access from discovered
TestCase/TransactionTestCase enabling the serialized_rollback feature
which makes this setting unnecessary.

This should make a significant test suite bootstraping time difference
on large projects that didn't explicitly disable test database
serialization.
2021-02-24 20:31:11 +01:00
Markus Holtermann
50a5f8840f Refs #32394 -- Changed STATIC_URL/MEDIA_URL to relative paths in tests and docs where appropriate. 2021-02-06 13:41:35 +01:00
Mariusz Felisiak
0aa6a602b2 Refs #31842 -- Removed DEFAULT_HASHING_ALGORITHM transitional setting.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
12ac4916af Refs #28622 -- Removed settings.PASSWORD_RESET_TIMEOUT_DAYS per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak
b7dd89ed53 Removed versionadded/changed annotations for 3.1. 2021-01-14 17:50:04 +01:00
Tim Graham
2e7ba6057c Refs #28741 -- Doc'd SESSION_COOKIE_DOMAIN requirement with CSRF_USE_SESSIONS.
Similar considerations as refs #32065, again adding some nuance to
afd375fc34.
2021-01-04 07:49:30 +01:00
Carlton Gibson
0ed6f3ba4b
Corrected formatting in settings docs. 2020-12-15 12:08:45 +01:00
Tom Forbes
b5e12d490a Fixed #31007 -- Allowed specifying type of auto-created primary keys.
This also changes the default type of auto-created primary keys
for new apps and projects to BigAutoField.
2020-12-15 11:25:46 +01:00
Mariusz Felisiak
5ce31d6a71
Fixed #32193 -- Deprecated MemcachedCache. 2020-12-09 21:27:32 +01:00
Nikita Sobolev
42f3fafdfa
Updated {% static %} tag examples in docs to use single quotes where appropriate. 2020-11-02 10:34:24 +01:00
Carlton Gibson
3d4ffd1ff0 Fixed #32065 -- Restored leading dot to CSRF_COOKIE_DOMAIN examples.
Partially reverts afd375fc34.

Thanks to Tim Graham for review.
2020-10-07 10:03:10 +02:00
Mariusz Felisiak
77caeaea88
Fixed #32012 -- Made test database creation sync apps models when migrations are disabled.
Thanks Jaap Roes for the report.
2020-09-23 10:54:04 +02:00
Nick Pope
b4d46df5ca Fixed #29887 -- Added a cache backend for pymemcache. 2020-09-16 09:40:30 +02:00
Hasan Ramezani
70731fc6fe Fixed #31934 -- Added note about the default of SameSite cookie flag in modern browsers. 2020-08-31 10:57:41 +02:00
Mariusz Felisiak
d907371ef9 Fixed #31842 -- Added DEFAULT_HASHING_ALGORITHM transitional setting.
It's a transitional setting helpful in migrating multiple instance of
the same project to Django 3.1+.

Thanks Markus Holtermann for the report and review, Florian
Apolloner for the implementation idea and review, and Carlton Gibson
for the review.
2020-08-04 09:35:24 +02:00
Harpreet Sharma
248d03fbe9 Fixed #31821 -- Removed outdated note in FILE_UPLOAD_PERMISSIONS docs.
Follow up to 22aab8662f
2020-07-23 20:36:52 +02:00
Buk Bukowski
f65454801b
Fixed #31814 -- Fixed typo in docs/ref/settings.txt. 2020-07-22 22:38:27 +02:00