1
0
mirror of https://github.com/django/django.git synced 2025-01-01 14:06:06 +00:00
Commit Graph

6582 Commits

Author SHA1 Message Date
Shai Berger
8f9a4d3a2b [1.8.x] Fixed catastrophic backtracking in URLValidator.
Thanks João Silva for reporting the problem and Tim Graham for finding the
problematic RE and for review.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:19 -04:00
Tim Graham
574dd5e0b0 [1.8.x] Prevented newlines from being accepted in some validators.
This is a security fix; disclosure to follow shortly.

Thanks to Sjoerd Job Postmus for the report and draft patch.
2015-07-08 15:23:18 -04:00
Carl Meyer
66d12d1aba [1.8.x] Fixed #19324 -- Avoided creating a session record when loading the session.
The session record is now only created if/when the session is modified. This
prevents a potential DoS via creation of many empty session records.

This is a security fix; disclosure to follow shortly.
2015-07-08 15:23:18 -04:00
Andriy Sokolovskiy
6840aaf3c1 [1.8.x] Replaced try..except blocks by context manager in custom lookups tests
Backport of 13dca01af0 from master
2015-07-07 12:04:21 -04:00
Alexey Sveshnikov
8c417564c7 [1.8.x] Fixed #25059 -- Allowed Punycode TLDs in URLValidator
Backport of bc98bc56a5 from master
2015-07-06 15:11:43 -04:00
Michael Manfre
342074f4a4 [1.8.x] Fixed #25055 -- Made m2m long name testing friendlier for 3rd party databases.
Backport of f9c3587b51 from master
2015-07-03 09:00:36 -04:00
Tim Graham
cb3e9bc0d7 [1.8.x] Fixed #25056 -- Documented minimum version of jinja2 for testing.
Backport of ca58181bac from master
2015-07-03 08:22:34 -04:00
Marten Kenbeek
42aa919de9 [1.8.x] Refs #23621 -- Fixed warning message when reloading models.
Backport of aabb58428b from master
2015-06-30 15:01:22 -04:00
Noam
fd61ce3817 [1.8.x] Fixed #25031 -- Fixed a regression in the unordered_list template filter.
Backport of e291fc4757 from master
2015-06-27 09:39:29 -04:00
Jason Hoos
4296801463 [1.8.x] Fixed #24958 -- Fixed inline forms using UUID-PK parents with auto-PK children.
Backport of a50b66da30 from master
2015-06-26 09:15:59 -04:00
薛丞宏
a97e50c5e6 [1.8.x] Fixed #25016 -- Reallowed non-ASCII values for ForeignKey.related_name on Python 3.
Backport of d3e12c9017 from master
2015-06-26 08:35:13 -04:00
Tim Graham
ae1d663b79 [1.8.x] Renamed RemovedInDjango20Warning to RemovedInDjango110Warning. 2015-06-23 07:22:16 -04:00
Markus Holtermann
f64a3de2d4 [1.8.x] Fixed #24940 -- Made model managers hashable
Thanks Federico Jaramillo Martínez for the report and Tim Graham for the
test and review.

Backport of d3d66d4722 from master
2015-06-19 19:15:01 +02:00
Andriy Sokolovskiy
8abe2d0643 [1.8.x] Fixed #24948 -- Fixed crash when uploading bitmap images in forms.ImageField
Backport of cf6ce279c7 from master
2015-06-16 14:38:25 -04:00
Adam Brenecki
0e3a80fa68 [1.8.x] Fixed #24972 -- Fixed removing unique_together indexes on MySQL.
Backport of 65296b3be3 from master
2015-06-15 17:32:07 -04:00
Brian King
c58755d875 [1.8.x] Fixed #24912 -- Fixed prefetch_related failure for UUIDField primary keys
This resolves a problem on databases besides PostgreSQL when using
prefetch_related with a source model that uses a UUID primary key.

Backport of bfb5b7150f from master
2015-06-15 17:31:50 -04:00
Tim Graham
062ce508b0 [1.8.x] Fixed flake8 warnings on Python 3.
Backport of 47fcbe506c from master
2015-06-15 13:01:41 -04:00
Rivo Laks
76c526f80e [1.8.x] Fixed #24769 -- Cast optparse verbosity argument to an integer for better backwards compatibility.
Using `BaseCommand.options_list` makes Django use the legacy optparse
parser, which does not set the verbosity attribute correctly. Now the
verbosity argument is always cast to int. Regression in 8568638 (#19973).

Initial report and patch from blueyed.

Backport of a0047c6242 from master
2015-06-09 19:05:16 -04:00
Tim Graham
8bc18ebf0f [1.8.x] Fixed #24903 -- Fixed assertRaisesMessage on Python 2.7.10.
A regression in Python 2.7.10 rc1 wasn't reverted in the final
release: https://bugs.python.org/issue24134

Backport of two commits from master:
* c2bc1cefdc
* e89c3a4603
2015-06-09 17:54:33 -04:00
Tomasz Kontusz
b62dc60c98 [1.8.x] Fixed ImportError message in utils.module_loading.import_string()
Backport of c2b4967e76 from master
2015-06-06 11:55:56 -04:00
Andriy Sokolovskiy
66496c8403 [1.8.x] Added missing tests for transforms usage with subquery for PostgreSQL fields
Backport of 2a7c59cd88 from master
2015-06-06 09:12:07 -04:00
Andriy Sokolovskiy
b4b13759f8 [1.8.x] Fixed #24744 - Fixed relabeled_clone for the Transform
Backport of 08232ef84d from master
2015-06-06 09:11:46 -04:00
Mark Lavin
0cfb7ed5c5 [1.8.x] Fixed #24924 -- Join promotion for multiple Case expressions
Backport of 541f4ea546 from master
2015-06-05 12:23:08 -04:00
Andriy Sokolovskiy
469f1e362b [1.8.x] Fixed #24833 -- Fixed Case expressions with exclude(). 2015-06-05 11:03:41 -04:00
Carl Meyer
2358c1e5d7 [1.8.x] Cleaned up docstring style, per Tim Graham review.
Backport of 57dbc87ade from master.
2015-06-03 19:21:23 -06:00
Carl Meyer
feed5ad2a0 [1.8.x] Refs #24628 -- Added a second test and a docstring comment to avoid regression.
Backport of 5c085ea7b3 from master.
2015-06-03 15:48:53 -06:00
Tim Graham
f082813d67 [1.8.x] Fixed typo in runtests.py vendor check. 2015-06-03 12:22:39 -04:00
Tim Graham
2009525c8b [1.8.x] Applied db_table conversion to fix schema tests on Oracle.
Backport of 7c637a3aae from master
2015-06-02 19:45:24 -04:00
Carl Meyer
efdcd13c34 [1.8.x] Fixed #24628 -- Fixed applied status for squashed migrations.
Backport of 492537ac18 from master.
2015-06-02 16:21:58 -06:00
Carl Meyer
c37c6dc410 [1.8.x] Improved isolation of applied-migrations table in migration tests.
Backport of 335fc44f68 from master.
2015-06-02 16:21:03 -06:00
Carl Meyer
98b40ffe61 [1.8.x] Fixed #24895 -- Fixed loading a pair of squashed migrations with a dependency.
Backport of 84522c0d16 from master.
2015-06-02 12:10:04 -06:00
zauddelig
7f92b6e576 [1.8.x] Fixed #24897 -- Allowed using choices longer than 1 day with DurationField
Backport of 262d4db8c4 from master
2015-06-02 12:42:31 -04:00
Andriy Sokolovskiy
9d83de8ff3 [1.8.x] Fixed #24831 -- Fixed pickling queryset with prefetch_related() after deleting objects.
Backport of 2913d6b77d from master
2015-06-02 10:07:45 -04:00
Tim Graham
1c57d7e7fa [1.8.x] Fixed #24893 -- Fixed lack of unique constraint when changing a field from primary_key=True to unique=True
Backport of e1e6399c2c from master
2015-06-02 09:32:22 -04:00
Tim Graham
8911d2e20f [1.8.x] Fixed #24892 -- Fixed quoting of SQL when renaming a field to AutoField in PostgreSQL
Backport of 5ab8680983 from master
2015-06-02 09:15:08 -04:00
Tim Graham
2456276b02 [1.8.x] Fixed #24851 -- Fixed crash with reverse one-to-one relation in ModelAdmin.list_display 2015-05-28 10:37:31 -04:00
Andriy Sokolovskiy
f65d4db8a8 [1.8.x] Fixed #24817 -- Prevented loss of null info in MySQL field renaming.
Backport of 80ad5472ce from master
2015-05-28 10:08:14 -04:00
Paweł Marczewski
7ee6043dba Fixed #24847 -- Prevented items set on a RequestContext from being lost.
Backport of 300e8baf94 from master
2015-05-27 10:08:31 -04:00
Tim Graham
b16f84f15b [1.8.x] Refs #24836 -- Reverted "Simplified the lazy CSRF token implementation in csrf context processor."
This reverts commit 8099d33b65 as it caused
a regression that cannot be solved without changing force_text() which has
a small risk of introducing regressions. This change will remain in master
along with an update to force_text().
2015-05-27 09:29:45 -04:00
Andrea Grandi
62c19a21b6 Fixed #24844 -- Corrected has_changed implementation for HStoreField.
Backport of 43b2d88a5b from master
2015-05-25 21:10:07 -04:00
Paweł Marczewski
2aa2b9f291 [1.8.x] Fixed #24835 -- Fixed QuerySet.exists() after an annotation with Count()
QuerySet.exists() incorrectly handled query.group_by = True
case (grouping by all select fields), causing GROUP BY
expressions to be wiped along with select fields.

Backport of 801a84ae32 from master
2015-05-25 20:47:28 -04:00
Marten Kenbeek
1ac4c7d415 [1.8.x] Fixed #24848 -- Fixed ValueError for faulty migrations module.
Added apps to unmigrated apps if the migrations module is a file
or a folder missing __init__.py.

Thanks to Ernest0x for the bug report.

Backport of d73176a842 from master
2015-05-25 13:56:37 -04:00
Villiers Strauss
4311fd2c0a [1.8.x] Fixed #24841 -- Made BaseRangeField.prepare_value() call base_field's prepare_value()
Backport of 614bec41b5 from master
2015-05-25 12:07:25 -04:00
Claude Paroz
0bfe322bac [1.8.x] Fixed #24826 -- Accounted for filesystem-dependent filename max length
Thanks Raphaël Hertzog for the report and help on the patch, and Tim Graham
for the review.

Backport of 170f7115bb from master
2015-05-23 14:58:03 -04:00
Tim Graham
31cb25adec [1.8.x] Fixed incorrect session.flush() in cached_db session backend.
This is a security fix; disclosure to follow shortly.

Thanks Sam Cooke for the report and draft patch.
2015-05-20 13:49:07 -04:00
Simon Charette
2b2a2157d0 [1.8.x] Refs #24652 -- Made sure template backend tests call their super setUpClass.
Backport of ead36e8a47 from master
2015-05-20 13:32:36 -04:00
Simon Charette
3ab3be4b5d [1.8.x] Refs #24652 -- Converted a template test to avoid executing queries.
Backport of 8bf1449edb from master
2015-05-20 13:32:35 -04:00
Simon Charette
e846ea0649 [1.8.x] Refs #24652 -- Enforced test isolation in file_storage tests.
Backport of 3db21c351b from master
2015-05-20 13:32:35 -04:00
Tim Graham
525fd2f405 [1.8.x] Fixed typo in file_storage tests.
Backport of e2b77acedd from master
2015-05-20 13:06:10 -04:00
Anssi Kääriäinen
db65660928 [1.8.x] Fixed #24705 -- Fixed negated Q objects in expressions.
Avoided split_exclude() for Q when used as an expression.

Backport of bc87061a3c from master
2015-05-20 09:41:42 -04:00