Tim Graham
acfaec3db5
Fixed #26387 -- Restored the functionality of the admin's raw_id_fields in list_editable.
2016-03-25 13:47:42 -04:00
ieatkittens
9390da7fb6
Fixed #26293 -- Fixed CommonMiddleware to process PREPEND_WWW and APPEND_SLASH independently.
2016-03-23 09:23:19 -04:00
Alexander Gaevsky
107165c4b0
Fixed #24987 -- Allowed inactive users to login with the test client.
2016-03-23 09:01:52 -04:00
Alexander Gaevsky
e0a3d93730
Fixed #25232 -- Made ModelBackend/RemoteUserBackend reject inactive users.
2016-03-23 09:01:48 -04:00
Berker Peksag
157d7f1f1d
Fixed #25388 -- Added an option to allow disabling of migrations during test database creation
2016-03-23 08:21:30 +08:00
Jason Parrott
4c1c93032f
Fixed #26373 -- Fixed reverse lookup crash with a ForeignKey to_field in a subquery.
2016-03-19 17:54:29 -04:00
José Tomás Tocino
39a16dd2e0
Fixed #25658 -- Allowed inspectdb to inspect a specific set of tables.
2016-03-18 08:41:15 -04:00
Berker Peksag
28bcff82c5
Fixed #26297 -- Fixed collectstatic --clear
crash if storage doesn't implement path().
2016-03-17 09:49:57 -04:00
Alex Hill
ecb59cc657
Fixed #26306 -- Fixed memory leak in cached template loader.
2016-03-16 12:37:57 -04:00
Collin Anderson
93a135d111
Fixed #26158 -- Rewrote http.parse_cookie() to better match browsers.
2016-03-15 12:24:06 -04:00
Vincenzo Pandolfo
d0fe6c9156
Fixed #26334 -- Removed whitespace stripping from contrib.auth password fields.
2016-03-14 20:20:24 -04:00
Jakub Wilk
402da9ab7b
Fixed typos in docs.
2016-03-13 19:48:24 +01:00
Tim Graham
4f0cd0fd16
Fixed #26324 -- Fixed DurationField with fractional seconds on SQLite.
2016-03-10 12:18:29 -05:00
Przemysław Suliga
96ec67a7cf
Fixed #26332 -- Fixed a race condition in BaseCache.get_or_set().
2016-03-08 11:44:37 -05:00
Bas Westerbaan
b4250ea04a
Fixed #26033 -- Added Argon2 password hasher.
2016-03-08 11:22:18 -05:00
Saúl Ibarra Corretgé
6c33e73333
Fixed #26289 -- Enabled shell tab completion on systems using libedit.
2016-03-08 08:37:14 -05:00
Krzysztof Urbaniak
839a955d08
Fixed #25933 -- Allowed an unprefixed default language in i18n_patterns().
2016-03-08 08:14:10 -05:00
John-Mark Bell
4b129ac81f
Fixed #26325 -- Made MultiPartParser ignore filenames that normalize to an empty string.
2016-03-07 13:19:39 -05:00
Jon Dufresne
1845bc1d10
Refs #26315 -- Cleaned up argparse options in commands.
...
* Removed type coercion. Options created by argparse are already coerced
to the correct type.
* Removed fallback default values. Options created by argparse already
have a default value.
* Used direct indexing. Options created by argparse are always set. This
eliminates the need to use dict.get().
2016-03-05 13:19:29 -05:00
Jon Dufresne
4115288b4f
Fixed #26315 -- Allowed call_command() to accept a Command object as the first argument.
2016-03-05 13:05:10 -05:00
Tim Graham
bc0410d98a
Fixed typo in docs/releases/1.8.12.txt.
2016-03-05 10:02:29 -05:00
Tim Graham
c960af4adb
Added stub release notes for 1.9.5/1.8.12.
2016-03-05 10:00:40 -05:00
Claude Paroz
552f03869e
Added safety to URL decoding in is_safe_url() on Python 2
...
The errors='replace' parameter to force_text altered the URL before checking
it, which wasn't considered sane. Refs 24fc935218
and ada7a4aef
.
2016-03-04 23:33:35 +01:00
Claude Paroz
ada7a4aefb
Fixed #26308 -- Prevented crash with binary URLs in is_safe_url()
...
This fixes a regression introduced by c5544d2892
.
Thanks John Eskew for the reporti and Tim Graham for the review.
2016-03-04 21:14:14 +01:00
Tim Graham
cecbf1bdef
Fixed typo in docs/releases/1.9.1.txt.
2016-03-04 14:16:56 -05:00
Tim Graham
2f0c785a4c
Added stub release notes for 1.8.11.
2016-03-04 09:47:43 -05:00
Simon Charette
d0451e4cad
Fixed #26295 -- Allowed using i18n_patterns() in any root URLconf.
...
Thanks Tim for the review.
2016-03-03 12:08:49 -05:00
Alasdair Nicol
2404d209a5
Fixed #26309 -- Documented that login URL settings no longer support dotted paths.
2016-03-03 07:34:14 -05:00
Simon Charette
c92123cc1d
Fixed #26226 -- Made related managers honor the queryset used for prefetching their results.
...
Thanks Loïc for the suggested improvements and Tim for the review.
2016-03-02 16:10:18 -05:00
Marc Tamlyn
8ddc79a799
Fixed #26285 -- Deprecated the MySQL-specific __search lookup.
2016-03-02 14:41:56 -05:00
acrefoot
04240b2365
Refs #19527 -- Allowed QuerySet.bulk_create() to set the primary key of its objects.
...
PostgreSQL support only.
Thanks Vladislav Manchev and alesasnouski for working on the patch.
2016-03-02 14:29:09 -05:00
Dmitry Dygalo
5155c2b458
Fixed typo in 1.9.3/1.8.10 release date.
2016-03-02 07:08:36 -05:00
Tim Graham
2e895d2870
Added stub release notes for 1.9.4.
2016-03-01 12:39:01 -05:00
Tim Graham
24fc935218
Added CVE-2016-2512/2513 to security release archive.
2016-03-01 12:32:42 -05:00
Florian Apolloner
67b46ba701
Fixed CVE-2016-2513 -- Fixed user enumeration timing attack during login.
...
This is a security fix.
2016-03-01 11:25:28 -05:00
Mark Striemer
c5544d2892
Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.
...
This is a security fix.
2016-03-01 11:25:28 -05:00
Tim Graham
f43291639b
Added stub release notes for security issues.
2016-03-01 11:25:28 -05:00
Simon Charette
0223e213dd
Fixed #26186 -- Documented how app relative relationships of abstract models behave.
...
This partially reverts commit bc7d201bdb
.
Thanks Tim for the review.
Refs #25858 .
2016-02-29 22:07:05 -05:00
chenesan
b84f5ab4ec
Fixed #26230 -- Made default_related_name affect related_query_name.
2016-02-27 08:48:32 -05:00
Simon Charette
3938b3ccaa
Fixed #26286 -- Prevented content type managers from sharing their cache.
...
This should prevent managers methods from returning content type instances
registered to foreign apps now that these managers are also attached to models
created during migration phases.
Thanks Tim for the review.
Refs #23822 .
2016-02-26 16:18:16 -05:00
Adam Chainz
ef33bc2d4d
Fixed #25279 -- Made prefetch_related_objects() public.
2016-02-26 14:55:01 -05:00
Simon Charette
766afc22a1
Fixed #24793 -- Unified temporal difference support.
2016-02-26 12:25:12 -05:00
Ivan Tsouvarev
8890c533e0
Fixed #26280 -- Fixed cached template loader crash when loading nonexistent template.
2016-02-26 08:02:10 -05:00
Sjoerd Job Postmus
bbe136e1a2
Fixed #26231 -- Used .get_username in admin login template.
2016-02-25 19:29:53 -05:00
Olivier Le Thanh Duong
10781b4c6f
Fixed #12233 -- Allowed redirecting authenticated users away from the login view.
...
contrib.auth.views.login() has a new parameter `redirect_authenticated_user`
to automatically redirect authenticated users visiting the login page.
Thanks to dmathieu and Alex Buchanan for the original code and to Carl Meyer
for the help and review.
2016-02-25 07:18:33 -05:00
Claude Paroz
c5517b9e74
Fixed #26266 -- Output the primary key in the GeoJSON serializer properties
...
Thanks Tim Graham for the review.
2016-02-24 16:10:46 +01:00
Jon Dufresne
b412681359
Fixed #26267 -- Fixed BoundField to reallow slices of subwidgets.
2016-02-24 07:02:51 -05:00
James Aylett
1ff6e37de4
Fixed #23832 -- Added timezone aware Storage API.
...
New Storage.get_{accessed,created,modified}_time() methods convert the
naive time from now-deprecated {accessed,created_modified}_time()
methods into aware objects in UTC if USE_TZ=True.
2016-02-23 18:51:43 -05:00
Andrew Kuchev
e81d1c995c
Fixed #25670 -- Allowed dictsort to sort a list of lists.
...
Thanks Tim Graham for the review.
2016-02-23 12:15:08 -05:00
Tim Graham
cdbd8745f6
Fixed #26263 -- Deprecated Context.has_key()
2016-02-23 08:08:55 -05:00