1
0
mirror of https://github.com/django/django.git synced 2024-12-26 19:16:11 +00:00
Commit Graph

7758 Commits

Author SHA1 Message Date
Jacob Kaplan-Moss
9f8287a3f1 SECURITY ALERT: Corrected regular expressions for URL and email fields.
Certain email addresses/URLs could trigger a catastrophic backtracking situation, causing 100% CPU and server overload. If deliberately triggered, this could be the basis of a denial-of-service attack.

This security vulnerability was disclosed in public, so we're skipping our
normal security release process to get the fix out as soon as possible.

This is a security related update. A full announcement, as well as backports for the 1.1.X and 1.0.X series will follow.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11603 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-09 20:57:59 +00:00
Russell Keith-Magee
8aee95ca3e Fixed #11995 -- Modified the admin site definition for comments so that users are shown as a raw id list. Thanks to James Bennett for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11601 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-08 13:30:31 +00:00
Luke Plant
175ab92d6b Removed some unused code and improved docstring on auto_adapt_to_methods
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11600 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-01 16:15:27 +00:00
James Bennett
ca9d0136df Fixed #11961: Corrected a few typos in docs/testing.txt. Thanks to timo for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11599 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-30 06:40:34 +00:00
Luke Plant
055efb2530 Fixed #9674 - documented app_label.
Thanks to andymckay for the report and jpaulett for the patch.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11596 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-28 21:58:21 +00:00
Luke Plant
6e3a72585a Added 'key_prefix' keyword argument to cache_page()
This was available before r11586, but undocumented.  It has now been
re-added with documentation and explicit support, as it seems like a useful
feature and people were using it before.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11595 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-28 21:54:54 +00:00
Luke Plant
a97648a7e0 Corrected regressions introduced in r11586 and r11593
I read the order of arguments in the docs incorrectly, doh!


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11594 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-26 19:39:42 +00:00
Luke Plant
d6c2286712 Improved error messages when people use cache_page in undocumented and now unsupported ways.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11593 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-23 23:47:53 +00:00
James Bennett
4a2a0b0e21 Fixed #11931: Removed mention of nonexistent get_sql() method for arguments to limit_choices_to. Since the correct reference involves undocumented ORM internals, this simply removes the reference entirely in favor of publicly-documented use of Q objects.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11591 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-23 23:40:12 +00:00
Luke Plant
0a7dc8d590 Fixed typo in docstring for decorator_from_middleware_with_args.
Thanks for the report, kmike



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11590 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-22 21:21:51 +00:00
James Bennett
724c926b82 The 1.1.X branch has been created, so that needs to be past tense.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11588 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-22 21:20:51 +00:00
Luke Plant
af02f38e02 Rewrote user_passes_test to use auto_adapt_to_methods, removing the need for _CheckLogin
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11587 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-21 22:34:45 +00:00
Luke Plant
afeafcd492 Fixed #6371 - several decorators don't work with bound methods.
This involved changing the way the internal function
decorator_from_middleware works slightly, breaking some code that relied on
the old behaviour.  As a result, it is much simpler, but cache_page has been
made slightly more complex to cope with the change.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11586 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-21 22:31:51 +00:00
Russell Keith-Magee
d56c1ab7f0 Fixed #11886 -- Corrected handling of F() expressions that use parentheses. Thanks to Brent Hagany for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11581 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-16 12:09:47 +00:00
Luke Plant
f3af2d9883 Fixed some ReST markup in admin installation docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11580 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-14 22:49:03 +00:00
Luke Plant
95d5e450ec Fixed counting error in admin installation overview docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11579 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-14 22:36:20 +00:00
Justin Bronn
62180a6b44 Fixed #11827: Can now calculate extent in Oracle on tables with one point.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11577 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 17:40:46 +00:00
Russell Keith-Magee
dbd6f512ee Corrected spaces for tabs from r11540.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11554 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 06:18:16 +00:00
Russell Keith-Magee
85d4baae39 Fixed #11746 -- Marked a string for translation in the FR localflavor. Thanks to iapain for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11552 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 04:40:17 +00:00
Russell Keith-Magee
0757607217 Fixed #11820 -- Corrected the spelling of Grace Hopper's name in a test. Thanks to shields@msrl.com for the report, and apologies to Admiral Hopper for the error.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11551 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 04:32:55 +00:00
Russell Keith-Magee
7ae2f70722 Fixed #11862 -- Corrected an error in the Hebrew translation. Thanks to Adam Rimon for the fix.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11550 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 03:09:35 +00:00
Russell Keith-Magee
f8077919b5 Fixed #11755 -- Added documentation for an edge case of FormSet usage. Thanks to ffualo for the suggestion.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11549 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 03:01:04 +00:00
Russell Keith-Magee
38e78da95e Fixed #11740 -- Added extra detail on the behavior of ModelForms. Thanks to severian for the suggestion.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11548 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 01:35:18 +00:00
Russell Keith-Magee
0e07f80cf4 Fixed #9414 -- Clarified the documentation on the permission decorators. Thanks to timo for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11547 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 01:13:40 +00:00
Russell Keith-Magee
d0c6e9cf63 Fixed #11873 -- Corrected typo in generic views docs. Thanks to Brett Cannon for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11546 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 00:25:53 +00:00
Russell Keith-Magee
8b6a2c11e4 Fixed #11073 -- Added documentation for SESSION_COOKIE_PATH. Thanks to liling for the report, and gsong for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11545 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 00:17:35 +00:00
Russell Keith-Magee
7dfd7cb836 Fixed #10864 -- Clarified the role played by redirect_to_field in the login_required auth decorator. Thanks to trigeek38 for the suggestion, and SmileyChris for the draft.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11544 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 00:12:26 +00:00
Russell Keith-Magee
ec6b9d6e63 Fixed #9236 -- Added documentation on the dependencies of the admin.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11543 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 23:56:45 +00:00
Russell Keith-Magee
27c68216c2 Added the SVN internal docs to the internal docs index.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11542 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 23:37:19 +00:00
Russell Keith-Magee
423b5c1e14 Fixed #6047 -- Minor correction to the documentation regarding regex field lookups. Thanks to Richard D. Worth for the suggestion, and Steve Holden for the text.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11541 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 23:36:00 +00:00
Russell Keith-Magee
7cbc232909 Fixed #11359 -- Added a link to the signals topic guide in the signals reference. Thanks to tyson for the suggestion.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11540 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 23:06:22 +00:00
Russell Keith-Magee
9aef7dd9e7 Fixed #11592 -- Corrected the grammar in the queryset docs. Thanks to Shannon Bradshaw for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11539 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:59:41 +00:00
Russell Keith-Magee
77c64c69cf Fixed #11628 -- Corrected the tutorial, removing instructions to update the year where that isn't required. Thanks to tommstein for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11538 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:57:58 +00:00
Russell Keith-Magee
b8b9411ffc Fixed #11659 -- Corrected a minor typo in the v1.1 release notes. Thanks to agabel for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11537 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:52:25 +00:00
Russell Keith-Magee
baf7d3e074 Fixed #11728 -- Corrected a typo in a class name in the request/response docs. Thanks to Tommstein for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11536 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:51:16 +00:00
Russell Keith-Magee
94d8da31da Fixed #11780 -- Corrected a typo in the static file serving docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11535 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:48:20 +00:00
Russell Keith-Magee
94885bac7b Fixed #11808 -- Corrected typo in admin docs. Thanks to kratorius for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11534 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:44:51 +00:00
Russell Keith-Magee
fc7ef1c86c Fixed #11831 -- Corrected typo in comments docs. Thanks to gsf for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11533 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:43:20 +00:00
Russell Keith-Magee
1ed9d29db8 Modified r11531 to use the original suggested text from the patch (which was better).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11532 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:41:12 +00:00
Russell Keith-Magee
15f3610747 Fixed #11589 -- Corrected an argument in the shortcuts documentation. Thanks to tsaylor for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11531 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:32:07 +00:00
Russell Keith-Magee
d2321e37eb Fixed #11660 -- Corrected the CONTENT_TYPE and CONTENT_LENGTH headers provided by the mod_python handler. Thanks to Nowell Strite and Tareque Hossain for the report and fix.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11528 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 21:28:01 +00:00
Justin Bronn
1aef132090 Fixed #11624: render_to_kmz no longer balks on non-ASCII data.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11527 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 18:35:08 +00:00
Joseph Kocherhans
677ddcbb04 Fixed #10752. Added more advanced bash completion. Thanks, Arthur Koziel.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11526 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-11 23:15:59 +00:00
James Bennett
a53601c674 Document the fact that we now put dead branches in the attic.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11523 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-11 21:59:29 +00:00
Luke Plant
8da58e51ff Fixed #11554: Several errors in Generic Views Documentation.
Thanks Ramiro. 
Refs #11477 - that ticket should have been marked a duplicate of #11554



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11499 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-11 13:46:56 +00:00
Luke Plant
7c53c2618d Fixed #10968 - Form.errors should use Form.error_class.
Thanks for report and initial patch, matehat.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11498 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-11 10:47:40 +00:00
Luke Plant
4decf03f9c Fixed #11502 - wrong escaping in admin.
Thanks Tomasz Elendt.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11497 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-11 09:42:17 +00:00
Luke Plant
49cf7f4a51 Fixed Widget.__init__() for Python 2.6 and greater. Refs #11703
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11496 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-11 09:08:07 +00:00
Jacob Kaplan-Moss
c33355d86a As long as we're micro-optomizing, do it right -- using map() shaves another dozen or so seconds off the test suite run time.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11495 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-10 22:49:05 +00:00
Jacob Kaplan-Moss
9d1a7c203c Micro-optomization to SortedDict.values(). Yes, it looks silly, but it shaves 30 seconds (5%) off the run time of the test suite.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11494 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-10 22:23:24 +00:00