Markus Holtermann
7ac5ff37b8
[4.2.x] Fixed CVE-2023-24580 -- Prevented DoS with too many uploaded files.
...
Thanks to Jakob Ackermann for the report.
2023-02-14 08:21:18 +01:00
Carlton Gibson
b784768eef
[4.2.x] Refs #34140 -- Applied rst code-block to non-Python examples.
...
Thanks to J.V. Zammit, Paolo Melchiorre, and Mariusz Felisiak for
reviews.
Backport of 534ac48297
from main.
2023-02-10 21:12:06 +01:00
sarahboyce
0fbdb9784d
Fixed #23718 -- Doc'd that test mirrors require TransactionTestCase.
...
Co-authored-by: Christian Bundy <me@christianbundy.com>
2023-01-16 09:31:34 +01:00
Jarosław Wygoda
32940d390a
Refs #26029 -- Deprecated DEFAULT_FILE_STORAGE and STATICFILES_STORAGE settings.
2023-01-12 09:58:36 +01:00
Jarosław Wygoda
1ec3f0961f
Fixed #26029 -- Allowed configuring custom file storage backends.
2023-01-12 06:20:57 +01:00
Tibor Leupold
33f4de34e6
Fixed #34064 -- Adjusted locale override wording in settings docs.
2022-11-24 14:23:20 +01:00
Filip Lajszczak
6103059592
Fixed #34054 -- Created a new fixtures topic.
...
Moved material from django-admin document into a new document, and
added new material.
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2022-11-02 08:08:02 +01:00
Kanza
5f5401b114
Fixed #33920 -- Doc'd dependency of LOGGING_CONFIG callback on non-empty LOGGING.
2022-08-24 11:38:43 +02:00
Carlton Gibson
ca1c3151c3
Removed versionadded/changed annotations for 4.0.
2022-05-17 14:22:06 +02:00
David
ce586ed693
Removed hyphen from pre-/re- prefixes.
...
"prepopulate", "preload", and "preprocessing" are already in the
spelling_wordlist.
This also removes hyphen from double "e" combinations with "pre" and
"re", e.g. preexisting, preempt, reestablish, or reenter.
See also:
- https://ahdictionary.com/word/search.html?q=rerun
- https://ahdictionary.com/word/search.html?q=recreate
- https://ahdictionary.com/word/search.html?q=predetermined
- https://ahdictionary.com/word/search.html?q=reuse
- https://ahdictionary.com/word/search.html?q=reopening
2022-04-28 10:44:14 +02:00
Thomas Schmidt
1cf60ce601
Fixed #33569 -- Added SECURE_PROXY_SSL_HEADER support for list of protocols in the header value.
2022-03-23 19:33:36 +01:00
Mariusz Felisiak
ca88caa103
Refs #33476 -- Used vertical hanging indentation for format lists with inline comments.
...
Lists with multiple values and comments per-line are reformatted
by Black to multiple lines with a single comment. For example:
DATE_INPUT_FORMATS =
"%Y-%m-%d", "%m/%d/%Y", "%m/%d/%y", # '2006-10-25', '10/25/2006', '10/25/06'
]
is reformatted to the:
DATE_INPUT_FORMATS =
"%Y-%m-%d",
"%m/%d/%Y",
"%m/%d/%y", # '2006-10-25', '10/25/2006', '10/25/06'
]
This reformats affected entries to multiple lines with corresponding
comments.
2022-02-01 15:11:35 +01:00
tschilling
0dcd549bbe
Fixed #30360 -- Added support for secret key rotation.
...
Thanks Florian Apolloner for the implementation idea.
Co-authored-by: Andreas Pelme <andreas@pelme.se>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
2022-02-01 11:12:24 +01:00
Adam Johnson
45a42aabfa
Fixed #29708 -- Deprecated PickleSerializer.
2022-01-13 13:50:20 +01:00
Adam Johnson
fde425051c
Added TemplatesSetting to list of built-in renderers in FORM_RENDERER docs.
2021-12-22 07:59:24 +01:00
Przemysław Suliga
4ce59f602e
Fixed #30398 -- Added CONN_HEALTH_CHECKS database setting.
...
The CONN_HEALTH_CHECKS setting can be used to enable database
connection health checks for Django's persistent DB connections.
Thanks Florian Apolloner for reviews.
2021-12-01 07:44:48 +01:00
Chris Jerdonek
5d80843ebc
Fixed #32800 -- Changed CsrfViewMiddleware not to mask the CSRF secret.
...
This also adds CSRF_COOKIE_MASKED transitional setting helpful in
migrating multiple instance of the same project to Django 4.1+.
Thanks Florian Apolloner and Shai Berger for reviews.
Co-Authored-By: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-11-29 10:47:39 +01:00
David Smith
69b0736fad
Refs #32956 -- Changed docs to treat the acronym HTTP phonetically.
2021-10-18 21:00:28 +02:00
Mariusz Felisiak
97237ad3fe
Removed versionadded/changed annotations for 3.2.
2021-09-20 21:23:01 +02:00
David Smith
456466d932
Fixed #31026 -- Switched form rendering to template engine.
...
Thanks Carlton Gibson, Keryn Knight, Mariusz Felisiak, and Nick Pope
for reviews.
Co-authored-by: Johannes Hoppe <info@johanneshoppe.com>
2021-09-20 15:50:18 +02:00
Carlton Gibson
306607d5b9
Fixed #32365 -- Made zoneinfo the default timezone implementation.
...
Thanks to Adam Johnson, Aymeric Augustin, David Smith, Mariusz Felisiak, Nick
Pope, and Paul Ganssle for reviews.
2021-09-16 12:11:05 +02:00
David Smith
7132d17de1
Doc'd Jinja2 form renderer.
2021-09-16 11:25:00 +02:00
Daniyal
ec212c6616
Fixed #33012 -- Added Redis cache backend.
...
Thanks Carlton Gibson, Chris Jerdonek, David Smith, Keryn Knight,
Mariusz Felisiak, and Nick Pope for reviews and mentoring this
Google Summer of Code 2021 project.
2021-09-14 15:50:08 +02:00
Claude Paroz
676bd084f2
Fixed #32873 -- Deprecated settings.USE_L10N.
...
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-09-14 12:05:43 +02:00
David Smith
fbb1984046
Refs #32956 -- Updated words ending in -wards.
...
AP styleguide: Virtually none of the words ending with -wards end with
an s.
2021-07-30 20:34:50 +02:00
David Smith
1024b5e74a
Fixed 32956 -- Lowercased spelling of "web" and "web framework" where appropriate.
2021-07-29 06:24:12 +02:00
Nick Pope
7f33c1e22d
Added note about zero timeout in cache settings docs.
2021-07-14 20:28:21 +02:00
Claude Paroz
8cd55021bc
Fixed #32379 -- Started deprecation toward changing default USE_TZ to True.
...
Co-authored-by: Nick Pope <nick@nickpope.me.uk>
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
2021-05-18 20:26:44 +02:00
Tim Graham
54da6e2ac2
Fixed #32678 -- Removed SECURE_BROWSER_XSS_FILTER setting.
2021-04-30 12:32:52 +02:00
Carlton Gibson
907d3a7ff4
Refs #32674 -- Noted that auto-created through table PKs cannot be automatically migrated.
2021-04-29 13:53:56 +02:00
bankc
db5b75f10f
Fixed #31840 -- Added support for Cross-Origin Opener Policy header.
...
Thanks Adam Johnson and Tim Graham for the reviews.
Co-authored-by: Tim Graham <timograham@gmail.com>
2021-03-30 19:59:24 +02:00
Tim Graham
2411b8b5eb
Fixed #16010 -- Added Origin header checking to CSRF middleware.
...
Thanks David Benjamin for the original patch, and Florian
Apolloner, Chris Jerdonek, and Adam Johnson for reviews.
2021-03-18 20:25:20 +01:00
Tim Graham
dba44a7a7a
Refs #16010 -- Required CSRF_TRUSTED_ORIGINS setting to include the scheme.
2021-03-18 20:00:22 +01:00
Simon Charette
3089018e95
Fixed #32446 -- Deprecated SERIALIZE test database setting.
...
Whether or not the state of a test database should be serialized can be
inferred from the set of databases allowed to be access from discovered
TestCase/TransactionTestCase enabling the serialized_rollback feature
which makes this setting unnecessary.
This should make a significant test suite bootstraping time difference
on large projects that didn't explicitly disable test database
serialization.
2021-02-24 20:31:11 +01:00
Markus Holtermann
50a5f8840f
Refs #32394 -- Changed STATIC_URL/MEDIA_URL to relative paths in tests and docs where appropriate.
2021-02-06 13:41:35 +01:00
Mariusz Felisiak
0aa6a602b2
Refs #31842 -- Removed DEFAULT_HASHING_ALGORITHM transitional setting.
...
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
12ac4916af
Refs #28622 -- Removed settings.PASSWORD_RESET_TIMEOUT_DAYS per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
b7dd89ed53
Removed versionadded/changed annotations for 3.1.
2021-01-14 17:50:04 +01:00
Tim Graham
2e7ba6057c
Refs #28741 -- Doc'd SESSION_COOKIE_DOMAIN requirement with CSRF_USE_SESSIONS.
...
Similar considerations as refs #32065 , again adding some nuance to
afd375fc34
.
2021-01-04 07:49:30 +01:00
Carlton Gibson
0ed6f3ba4b
Corrected formatting in settings docs.
2020-12-15 12:08:45 +01:00
Tom Forbes
b5e12d490a
Fixed #31007 -- Allowed specifying type of auto-created primary keys.
...
This also changes the default type of auto-created primary keys
for new apps and projects to BigAutoField.
2020-12-15 11:25:46 +01:00
Mariusz Felisiak
5ce31d6a71
Fixed #32193 -- Deprecated MemcachedCache.
2020-12-09 21:27:32 +01:00
Nikita Sobolev
42f3fafdfa
Updated {% static %} tag examples in docs to use single quotes where appropriate.
2020-11-02 10:34:24 +01:00
Carlton Gibson
3d4ffd1ff0
Fixed #32065 -- Restored leading dot to CSRF_COOKIE_DOMAIN examples.
...
Partially reverts afd375fc34
.
Thanks to Tim Graham for review.
2020-10-07 10:03:10 +02:00
Mariusz Felisiak
77caeaea88
Fixed #32012 -- Made test database creation sync apps models when migrations are disabled.
...
Thanks Jaap Roes for the report.
2020-09-23 10:54:04 +02:00
Nick Pope
b4d46df5ca
Fixed #29887 -- Added a cache backend for pymemcache.
2020-09-16 09:40:30 +02:00
Hasan Ramezani
70731fc6fe
Fixed #31934 -- Added note about the default of SameSite cookie flag in modern browsers.
2020-08-31 10:57:41 +02:00
Mariusz Felisiak
d907371ef9
Fixed #31842 -- Added DEFAULT_HASHING_ALGORITHM transitional setting.
...
It's a transitional setting helpful in migrating multiple instance of
the same project to Django 3.1+.
Thanks Markus Holtermann for the report and review, Florian
Apolloner for the implementation idea and review, and Carlton Gibson
for the review.
2020-08-04 09:35:24 +02:00
Harpreet Sharma
248d03fbe9
Fixed #31821 -- Removed outdated note in FILE_UPLOAD_PERMISSIONS docs.
...
Follow up to 22aab8662f
2020-07-23 20:36:52 +02:00
Buk Bukowski
f65454801b
Fixed #31814 -- Fixed typo in docs/ref/settings.txt.
2020-07-22 22:38:27 +02:00