Mayank Singhal
76b3367035
Fixed #29879 -- Added CSRF_COOKIE_HTTPONLY to CSRF AJAX docs.
2018-10-25 11:39:52 -04:00
Jon Dufresne
0cd465b63a
Fixed #29817 -- Deprecated settings.FILE_CHARSET.
2018-10-15 17:15:41 -04:00
Kate Berry
b8b1d8cad6
Improved tone in docs/ref/settings.txt.
2018-10-04 11:35:19 -04:00
Jon Dufresne
82f286cf6f
Refs #29784 -- Switched to https:// links where available.
2018-09-26 08:48:47 +02:00
Jon Dufresne
8c3e0eb1c1
Normalized spelling of "lowercase" and "lowercased".
2018-09-25 10:30:18 -04:00
Claude Paroz
e8531cc89c
Prevented unexpected link in settings docs
2018-06-10 15:11:39 +02:00
Tim Graham
5cc81cd9eb
Reverted "Fixed #29324 -- Made Settings raise ImproperlyConfigured if SECRET_KEY is accessed and not set."
...
This reverts commit b3cffde555
due to
a regression and performance concerns.
2018-05-26 21:06:58 -04:00
Tim Graham
7543ab1f8d
Removed versionadded/changed annotations for 2.0.
2018-05-17 11:00:10 -04:00
Jon Dufresne
b3cffde555
Fixed #29324 -- Made Settings raise ImproperlyConfigured if SECRET_KEY is accessed and not set.
2018-04-17 13:02:05 -04:00
Alex Gaynor
9a56b4b13e
Fixed #27863 -- Added support for the SameSite cookie flag.
...
Thanks Alex Gaynor for contributing to the patch.
2018-04-13 20:58:31 -04:00
Tim Graham
5b589a47b9
Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS.
2018-02-26 09:05:18 -05:00
Ashaba
95fd5cf459
Fixed #28403 -- Added missing formats in FORMAT_MODULE_PATH docs.
2018-01-24 13:38:15 -05:00
Frédéric Massart
a5f1e5809f
Clarified who the AdminEmailHandler emails.
2017-11-21 11:49:15 -05:00
Дилян Палаузов
6c0042430e
Fixed #28776 -- Fixed a/an/and typos in docs and comments.
2017-11-06 22:41:03 -05:00
Tim Graham
afd375fc34
Fixed #28741 -- Removed unnecessary leading dot from cross-domain cookie examples.
2017-11-01 10:57:59 -04:00
Tim Graham
0edff2107f
Refs #28248 -- Clarified the precision of PASSWORD_RESET_TIMEOUT_DAYS.
2017-10-12 14:58:18 -04:00
Jon Ribbens
44f08422c8
Fixed #28625 -- Distinguished DATABASES['TIME_ZONE'] from settings.TIME_ZONE.
2017-09-28 09:42:08 -04:00
Tim Graham
5446b72003
Removed versionadded/changed annotations for 1.11.
2017-09-22 12:51:18 -04:00
Tim Graham
48d57788ee
Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline.
2017-09-22 12:51:18 -04:00
Tim Graham
c7d58c6f43
Fixed #28435 -- Removed inaccurate warning about SECURE_HSTS_PRELOAD.
2017-07-25 15:12:50 -04:00
Laura
e58c87cb70
Fixed #28336 -- Fixed typo in docs/ref/settings.txt.
2017-06-27 21:41:10 -04:00
Mariusz Felisiak
516b7664dc
Fixed #28260 -- Allowed customizing the test tablespace initial and autoextend size on Oracle.
...
Thanks Tim Graham for the review.
2017-06-02 18:35:56 +02:00
François Freitag
88336fdbb5
Fixed #28062 -- Added a setting to disable server-side cursors on PostgreSQL.
...
When a connection pooler is set up in transaction pooling mode, queries
relying on server-side cursors fail. The DISABLE_SERVER_SIDE_CURSORS
setting in DATABASES disables server-side cursors for this use case.
2017-05-06 06:59:04 -04:00
Mariusz Felisiak
a3af8c99d9
Removed extra characters in docs header underlines.
2017-03-20 18:30:32 -04:00
Tim Graham
c577d8a498
Described DEBUG_PROPAGATE_EXCEPTIONS behavior in more detail.
2017-03-09 12:18:17 -05:00
Tim Graham
80493b0871
Fixed #27829 -- Deprecated settings.DEFAULT_CONTENT_TYPE.
2017-02-16 07:59:44 -05:00
Claude Paroz
c651331b34
Converted usage of ugettext* functions to their gettext* aliases
...
Thanks Tim Graham for the review.
2017-02-07 09:04:04 +01:00
Tim Graham
e27e4c0339
Removed versionadded/changed annotations for 1.10.
2017-01-17 20:52:05 -05:00
Tim Graham
d334f46b7a
Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES.
2017-01-17 20:52:04 -05:00
Tim Graham
9e734875fe
Fixed #24994 -- Documented the expected type of settings.SECRET_KEY.
2016-12-28 07:36:37 -05:00
Preston Timmons
b52c73008a
Fixed #15667 -- Added template-based widget rendering.
...
Thanks Carl Meyer and Tim Graham for contributing to the patch.
2016-12-27 17:50:10 -05:00
Tim Graham
c27104a9c7
Fixed #27611 -- Doc'd that CSRF_COOKIE_HTTPONLY setting offers no security.
2016-12-19 17:56:58 -05:00
Raphael Michel
ddf169cdac
Refs #16859 -- Allowed storing CSRF tokens in sessions.
...
Major thanks to Shai for helping to refactor the tests, and to
Shai, Tim, Florian, and others for extensive and helpful review.
2016-11-30 08:57:27 -05:00
Ian Lee
501c993010
Fixed typo in docs/ref/settings.txt.
2016-11-11 07:01:48 -05:00
Tim Graham
7fe2d8d940
Fixed CVE-2016-9014 -- Validated Host header when DEBUG=True.
...
This is a security fix.
2016-11-01 09:30:57 -04:00
Marti Raudsepp
da7910d483
Fixed CVE-2016-9013 -- Generated a random database user password when running tests on Oracle.
...
This is a security fix.
2016-11-01 09:30:57 -04:00
Tim Graham
de91c172cf
Fixed #27410 -- Clarified when static files is enabled in STATIC_ROOT docs.
2016-10-31 15:17:40 -04:00
Tim Graham
414ad25b09
Fixed #27327 -- Simplified time zone handling by requiring pytz.
2016-10-27 08:53:20 -04:00
Marti Raudsepp
51fbe2a60d
Updated postgresql.org links to https and made them canonical.
2016-10-25 11:43:32 -04:00
Denis Cornehl
a840710e1e
Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware.
2016-10-10 14:55:59 -04:00
Tim Graham
9819676676
Updated links to the current version of MySQL docs.
2016-09-30 09:14:17 -04:00
Tim Graham
43c471e81c
Fixed typo in docs/ref/settings.txt.
2016-09-15 19:52:49 -04:00
Tim Graham
ef021412d5
Normalized spelling of ETag.
2016-09-09 11:00:21 -04:00
Ed Morley
1d54fb4483
Made settings docs link to cache parameters more specific.
2016-08-31 12:31:30 -04:00
Chris Jerdonek
a3db480393
Fixed #27061 -- Added a TEST['TEMPLATE'] setting for PostgreSQL.
2016-08-23 15:08:20 -04:00
Ed Morley
3c2447dd13
Fixed #26947 -- Added an option to enable the HSTS header preload directive.
2016-08-10 20:23:54 -04:00
Ed Morley
8c3bc5cd78
Fixed docs to refer to HSTS includeSubdomains as a directive.
...
The spec refers to it as a 'directive' rather than a 'tag':
https://tools.ietf.org/html/rfc6797#section-6.1.2
2016-08-08 20:20:49 -04:00
Claude Paroz
255fb99284
Fixed #17209 -- Added password reset/change class-based views
...
Thanks Tim Graham for the review.
2016-07-16 10:36:12 +02:00
Tim Graham
944e66cb1d
Reverted "Fixed #25388 -- Added an option to allow disabling of migrations during test database creation"
...
This reverts commit 157d7f1f1d
since it
disables migrations all the time, not just during tests.
2016-07-14 09:21:28 -04:00
Claude Paroz
78963495d0
Refs #17209 -- Added LoginView and LogoutView class-based views
...
Thanks Tim Graham for the review.
2016-06-24 10:45:13 +02:00
jasisz
b5a1c3a6f5
Fixed #25920 -- Added support for non-uniform NUMBER_GROUPING.
2016-06-22 17:28:49 -04:00
Tobias McNulty
17e661641d
Refs #26666 -- Added ALLOWED_HOSTS validation when running tests.
...
Also used ALLOWED_HOSTS to check for external hosts in assertRedirects().
2016-06-20 11:07:46 -04:00
Anton I. Sipos
c3495bb984
Fixed #12666 -- Added EMAIL_USE_LOCALTIME setting.
...
When EMAIL_USE_LOCALTIME=True, send emails with a Date header
in the local time zone.
2016-06-04 09:55:50 -04:00
Tim Graham
46a38307c2
Removed versionadded/changed annotations for 1.9.
2016-05-20 11:44:29 -04:00
Tim Graham
ece4d24f8e
Refs #26601 -- Deprecated old-style middleware.
2016-05-17 07:22:26 -04:00
Florian Apolloner
9baf692a58
Fixed #26601 -- Improved middleware per DEP 0005.
...
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Andre Cruz
929684d6ee
Fixed #21231 -- Enforced a max size for GET/POST values read into memory.
...
Thanks Tom Christie for review.
2016-05-12 10:17:52 -04:00
Tim Graham
f5ff5010cd
Fixed #26483 -- Updated docs.python.org links to use Intersphinx.
2016-05-08 18:07:43 -04:00
Arnaud Limbourg
5cda4677b3
Fixed #26037 -- Documented precedence of USE_X_FORWARDED_HOST/PORT settings.
2016-04-07 10:09:56 -04:00
Joshua Pereyda
f8b31dfdfc
Fixed #26419 -- Added a link in ALLOWED_HOSTS docs.
2016-04-04 11:08:12 -04:00
Tim Graham
12dee89d9c
Removed some docs that should have been removed along with PROFANITIES_LIST.
2016-03-31 13:21:32 -04:00
Berker Peksag
157d7f1f1d
Fixed #25388 -- Added an option to allow disabling of migrations during test database creation
2016-03-23 08:21:30 +08:00
Bas Westerbaan
b4250ea04a
Fixed #26033 -- Added Argon2 password hasher.
2016-03-08 11:22:18 -05:00
Alasdair Nicol
2404d209a5
Fixed #26309 -- Documented that login URL settings no longer support dotted paths.
2016-03-03 07:34:14 -05:00
Tim Graham
47b5a6a43c
Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS.
2016-02-22 18:59:23 -05:00
Hugo Osvaldo Barrera
dcee1dfc79
Fixed #12405 -- Added LOGOUT_REDIRECT_URL setting.
...
After a user logs out via auth.views.logout(), they're redirected
to LOGOUT_REDIRECT_URL if no `next_page` argument is provided.
2016-02-04 10:35:37 -05:00
Tim Graham
67907ed845
Made identation of default setting docs more consistenct.
2016-02-02 11:40:28 -05:00
rowanv
a6ef025dfb
Fixed #26124 -- Added missing code formatting to docs headers.
2016-02-01 10:42:05 -05:00
Tim Graham
2436b83dfd
Made formatting of docs for settings defaults more consistent.
2016-01-29 15:03:40 -05:00
Tim Graham
e519aab43a
Fixed #23868 -- Added support for non-unique django-admin-options in docs.
...
Also documented missing short command line options to fix #24134 . This bumps
the minimum sphinx version required to build the docs to 1.3.4.
Thanks Simon Charette for review.
2016-01-14 18:21:33 -05:00
pp
c8d970a548
Refs #25755 -- Unified a couple more spellings of 'website'.
2016-01-11 06:13:16 -05:00
wingston sharon
7f218d9891
Fixed #25928 -- Clarified precendence of USE_THOUSAND_SEPARATOR and locale formats.
2016-01-07 14:32:18 -05:00
Tim Graham
62e83c71d2
Refs #25878 -- Added the expected return type of CSRF_FAILURE_VIEW.
2016-01-06 07:05:05 -05:00
Tim Graham
59f861fcb4
Fixed #25918 -- Removed unused LOGOUT_URL setting.
...
Thanks hop for the report and patch.
2015-12-11 12:43:02 -05:00
Jon Dufresne
7aabd62380
Fixed #25778 -- Updated docs links to use https when available.
2015-12-01 08:01:34 -05:00
Raphael Michel
16945f0e9c
Fixed #25695 -- Added template_name parameter to csrf_failure() view.
2015-11-17 14:28:18 -05:00
Alex Morozov
5abed864ee
Fixed #25710 -- Clarified the docs about what INTERNAL_IPS does.
2015-11-17 10:16:29 -05:00
Tim Graham
abf5ccc29c
Fixed #25489 -- Documented that SESSION_SAVE_EVERY_REQUEST doesn't create empty sessions.
2015-10-29 17:28:37 -04:00
Claude Paroz
7d81ee6efc
Fixed #16734 -- Set script prefix even outside of requests
...
Thanks Tim Graham for the review.
2015-10-29 20:12:38 +01:00
Tim Graham
54848a96dd
Removed versionadded/changed annotations for 1.8.
2015-09-23 19:31:11 -04:00
Tim Graham
2a20ebe6a5
Removed deprecated TEMPLATE_* settings per deprecation timeline.
2015-09-23 19:31:11 -04:00
Tim Graham
849037af36
Refs #23957 -- Required session verification per deprecation timeline.
2015-09-23 19:31:10 -04:00
Tim Graham
04ee4059d7
Refs #24022 -- Removed the ssi tag per deprecation timeline.
2015-09-23 19:31:09 -04:00
Matt Robenolt
b0c56b895f
Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN.
...
Thanks Seth Gottlieb for help with the documentation and
Carl Meyer and Joshua Kehn for reviews.
2015-09-16 12:21:50 -04:00
Tim Graham
f3e5a74646
Refs #25386 -- Added links to the OPTIONS of the built-in template backends.
2015-09-12 18:42:25 -04:00
Markus Holtermann
2b98034fbb
Cleaned up surrounding documentation
2015-09-12 10:38:15 +10:00
Markus Holtermann
a3c01b0dd8
Fixed #24919 -- Allowed disabling of migrations on a per app basis
2015-09-12 10:38:15 +10:00
Jose Carlos Menezes
cf99bae53a
Fixed #25351 -- Added example for database test settings to docs.
2015-09-11 08:11:58 -04:00
Tim Graham
862de0b254
Fixed #25356 -- Removed default_app_config from startapp template.
...
Also discouraged its use outside the intended use case.
2015-09-07 15:23:11 -04:00
Joshua Kehn
ab26b65b2f
Fixed #25334 -- Provided a way to allow cross-origin unsafe requests over HTTPS.
...
Added the CSRF_TRUSTED_ORIGINS setting which contains a list of other
domains that are included during the CSRF Referer header verification
for secure (HTTPS) requests.
2015-09-05 09:19:57 -04:00
Tim Graham
01b2b0b654
Fixed #25318 -- Made SILENCED_SYSTEM_CHECKS suppress all messages.
...
Previously, messages of ERROR level or higher were printed to
the console.
2015-08-28 13:34:56 -04:00
Tim Graham
2a1a085bf1
Fixed #25309 -- Corrected that ATOMIC_REQUESTS applies per view not per request.
2015-08-25 09:53:22 -04:00
Claude Paroz
64982cc2fb
Updated Wikipedia links to use https
2015-08-08 12:02:32 +02:00
Caio Ariede
ec9004728e
Fixed #25175 -- Renamed the postgresql_psycopg2 database backend to postgresql.
2015-08-07 09:33:17 -04:00
Matt Robenolt
4dcfbd7923
Fixed #25211 -- Added HttpRequest.get_port() and USE_X_FORWARDED_PORT setting.
2015-08-04 09:50:57 -04:00
Konrad Świat
2f6bdab159
Fixed #25125 -- Updated docs on cookie naming conventions.
...
Thanks Tim Graham for the review and kezabelle for the report.
2015-07-17 07:57:01 -04:00
Tim Graham
aaacaeb096
Renamed RemovedInDjangoXYWarnings for new roadmap.
...
Forwardport of ae1d663b79
from stable/1.8.x plus more.
2015-06-24 16:08:20 -04:00
Tim Graham
4a66564888
Fixed #25010 -- Documented APP_DIRS default in startproject's settings.py
2015-06-20 19:28:17 -04:00
Tim Graham
55b3bd8468
Refs #16860 -- Minor edits and fixes to password validation.
2015-06-10 07:41:01 -04:00
Erik Romijn
1daae25bdc
Fixed #16860 -- Added password validation to django.contrib.auth.
2015-06-07 19:31:20 +02:00