mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2024-12-27 11:35:53 +00:00
Code Issues 30 Releases Wiki Activity
26,823 Commits 28 Branches 426 Tags 674 MiB
ba72606760
Commit Graph

419 Commits

Author SHA1 Message Date
Tim Graham
7fe2d8d940 Fixed CVE-2016-9014 -- Validated Host header when DEBUG=True. 
This is a security fix.
 2016-11-01 09:30:57 -04:00
Marti Raudsepp
da7910d483 Fixed CVE-2016-9013 -- Generated a random database user password when running tests on Oracle. 
This is a security fix.
 2016-11-01 09:30:57 -04:00
Tim Graham
de91c172cf Fixed #27410 -- Clarified when static files is enabled in STATIC_ROOT docs. 2016-10-31 15:17:40 -04:00
Tim Graham
414ad25b09 Fixed #27327 -- Simplified time zone handling by requiring pytz. 2016-10-27 08:53:20 -04:00
Marti Raudsepp
51fbe2a60d Updated postgresql.org links to https and made them canonical. 2016-10-25 11:43:32 -04:00
Denis Cornehl
a840710e1e Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware. 2016-10-10 14:55:59 -04:00
Tim Graham
9819676676 Updated links to the current version of MySQL docs. 2016-09-30 09:14:17 -04:00
Tim Graham
43c471e81c Fixed typo in docs/ref/settings.txt. 2016-09-15 19:52:49 -04:00
Tim Graham
ef021412d5 Normalized spelling of ETag. 2016-09-09 11:00:21 -04:00
Ed Morley
1d54fb4483 Made settings docs link to cache parameters more specific. 2016-08-31 12:31:30 -04:00
Chris Jerdonek
a3db480393 Fixed #27061 -- Added a TEST['TEMPLATE'] setting for PostgreSQL. 2016-08-23 15:08:20 -04:00
Ed Morley
3c2447dd13 Fixed #26947 -- Added an option to enable the HSTS header preload directive. 2016-08-10 20:23:54 -04:00
Ed Morley
8c3bc5cd78 Fixed docs to refer to HSTS includeSubdomains as a directive. 
The spec refers to it as a 'directive' rather than a 'tag':
https://tools.ietf.org/html/rfc6797#section-6.1.2
 2016-08-08 20:20:49 -04:00
Claude Paroz
255fb99284 Fixed #17209 -- Added password reset/change class-based views 
Thanks Tim Graham for the review.
 2016-07-16 10:36:12 +02:00
Tim Graham
944e66cb1d Reverted "Fixed #25388 -- Added an option to allow disabling of migrations during test database creation" 
This reverts commit 157d7f1f1d since it
disables migrations all the time, not just during tests.
 2016-07-14 09:21:28 -04:00
Claude Paroz
78963495d0 Refs #17209 -- Added LoginView and LogoutView class-based views 
Thanks Tim Graham for the review.
 2016-06-24 10:45:13 +02:00
jasisz
b5a1c3a6f5 Fixed #25920 -- Added support for non-uniform NUMBER_GROUPING. 2016-06-22 17:28:49 -04:00
Tobias McNulty
17e661641d Refs #26666 -- Added ALLOWED_HOSTS validation when running tests. 
Also used ALLOWED_HOSTS to check for external hosts in assertRedirects().
 2016-06-20 11:07:46 -04:00
Anton I. Sipos
c3495bb984 Fixed #12666 -- Added EMAIL_USE_LOCALTIME setting. 
When EMAIL_USE_LOCALTIME=True, send emails with a Date header
in the local time zone.
 2016-06-04 09:55:50 -04:00
Tim Graham
46a38307c2 Removed versionadded/changed annotations for 1.9. 2016-05-20 11:44:29 -04:00
Tim Graham
ece4d24f8e Refs #26601 -- Deprecated old-style middleware. 2016-05-17 07:22:26 -04:00
Florian Apolloner
9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005. 
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
 2016-05-17 07:22:22 -04:00
Andre Cruz
929684d6ee Fixed #21231 -- Enforced a max size for GET/POST values read into memory. 
Thanks Tom Christie for review.
 2016-05-12 10:17:52 -04:00
Tim Graham
f5ff5010cd Fixed #26483 -- Updated docs.python.org links to use Intersphinx. 2016-05-08 18:07:43 -04:00
Arnaud Limbourg
5cda4677b3 Fixed #26037 -- Documented precedence of USE_X_FORWARDED_HOST/PORT settings. 2016-04-07 10:09:56 -04:00
Joshua Pereyda
f8b31dfdfc Fixed #26419 -- Added a link in ALLOWED_HOSTS docs. 2016-04-04 11:08:12 -04:00
Tim Graham
12dee89d9c Removed some docs that should have been removed along with PROFANITIES_LIST. 2016-03-31 13:21:32 -04:00
Berker Peksag
157d7f1f1d Fixed #25388 -- Added an option to allow disabling of migrations during test database creation 2016-03-23 08:21:30 +08:00
Bas Westerbaan
b4250ea04a Fixed #26033 -- Added Argon2 password hasher. 2016-03-08 11:22:18 -05:00
Alasdair Nicol
2404d209a5 Fixed #26309 -- Documented that login URL settings no longer support dotted paths. 2016-03-03 07:34:14 -05:00
Tim Graham
47b5a6a43c Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS. 2016-02-22 18:59:23 -05:00
Hugo Osvaldo Barrera
dcee1dfc79 Fixed #12405 -- Added LOGOUT_REDIRECT_URL setting. 
After a user logs out via auth.views.logout(), they're redirected
to LOGOUT_REDIRECT_URL if no `next_page` argument is provided.
 2016-02-04 10:35:37 -05:00
Tim Graham
67907ed845 Made identation of default setting docs more consistenct. 2016-02-02 11:40:28 -05:00
rowanv
a6ef025dfb Fixed #26124 -- Added missing code formatting to docs headers. 2016-02-01 10:42:05 -05:00
Tim Graham
2436b83dfd Made formatting of docs for settings defaults more consistent. 2016-01-29 15:03:40 -05:00
Tim Graham
e519aab43a Fixed #23868 -- Added support for non-unique django-admin-options in docs. 
Also documented missing short command line options to fix #24134. This bumps
the minimum sphinx version required to build the docs to 1.3.4.

Thanks Simon Charette for review.
 2016-01-14 18:21:33 -05:00
pp
c8d970a548 Refs #25755 -- Unified a couple more spellings of 'website'. 2016-01-11 06:13:16 -05:00
wingston sharon
7f218d9891 Fixed #25928 -- Clarified precendence of USE_THOUSAND_SEPARATOR and locale formats. 2016-01-07 14:32:18 -05:00
Tim Graham
62e83c71d2 Refs #25878 -- Added the expected return type of CSRF_FAILURE_VIEW. 2016-01-06 07:05:05 -05:00
Tim Graham
59f861fcb4 Fixed #25918 -- Removed unused LOGOUT_URL setting. 
Thanks hop for the report and patch.
 2015-12-11 12:43:02 -05:00
Jon Dufresne
7aabd62380 Fixed #25778 -- Updated docs links to use https when available. 2015-12-01 08:01:34 -05:00
Raphael Michel
16945f0e9c Fixed #25695 -- Added template_name parameter to csrf_failure() view. 2015-11-17 14:28:18 -05:00
Alex Morozov
5abed864ee Fixed #25710 -- Clarified the docs about what INTERNAL_IPS does. 2015-11-17 10:16:29 -05:00
Tim Graham
abf5ccc29c Fixed #25489 -- Documented that SESSION_SAVE_EVERY_REQUEST doesn't create empty sessions. 2015-10-29 17:28:37 -04:00
Claude Paroz
7d81ee6efc Fixed #16734 -- Set script prefix even outside of requests 
Thanks Tim Graham for the review.
 2015-10-29 20:12:38 +01:00
Tim Graham
54848a96dd Removed versionadded/changed annotations for 1.8. 2015-09-23 19:31:11 -04:00
Tim Graham
2a20ebe6a5 Removed deprecated TEMPLATE_* settings per deprecation timeline. 2015-09-23 19:31:11 -04:00
Tim Graham
849037af36 Refs #23957 -- Required session verification per deprecation timeline. 2015-09-23 19:31:10 -04:00
Tim Graham
04ee4059d7 Refs #24022 -- Removed the ssi tag per deprecation timeline. 2015-09-23 19:31:09 -04:00
Matt Robenolt
b0c56b895f Fixed #24496 -- Added CSRF Referer checking against CSRF_COOKIE_DOMAIN. 
Thanks Seth Gottlieb for help with the documentation and
Carl Meyer and Joshua Kehn for reviews.
 2015-09-16 12:21:50 -04:00
Tim Graham
f3e5a74646 Refs #25386 -- Added links to the OPTIONS of the built-in template backends. 2015-09-12 18:42:25 -04:00
Markus Holtermann
2b98034fbb Cleaned up surrounding documentation 2015-09-12 10:38:15 +10:00
Markus Holtermann
a3c01b0dd8 Fixed #24919 -- Allowed disabling of migrations on a per app basis 2015-09-12 10:38:15 +10:00
Jose Carlos Menezes
cf99bae53a Fixed #25351 -- Added example for database test settings to docs. 2015-09-11 08:11:58 -04:00
Tim Graham
862de0b254 Fixed #25356 -- Removed default_app_config from startapp template. 
Also discouraged its use outside the intended use case.
 2015-09-07 15:23:11 -04:00
Joshua Kehn
ab26b65b2f Fixed #25334 -- Provided a way to allow cross-origin unsafe requests over HTTPS. 
Added the CSRF_TRUSTED_ORIGINS setting which contains a list of other
domains that are included during the CSRF Referer header verification
for secure (HTTPS) requests.
 2015-09-05 09:19:57 -04:00
Tim Graham
01b2b0b654 Fixed #25318 -- Made SILENCED_SYSTEM_CHECKS suppress all messages. 
Previously, messages of ERROR level or higher were printed to
the console.
 2015-08-28 13:34:56 -04:00
Tim Graham
2a1a085bf1 Fixed #25309 -- Corrected that ATOMIC_REQUESTS applies per view not per request. 2015-08-25 09:53:22 -04:00
Claude Paroz
64982cc2fb Updated Wikipedia links to use https 2015-08-08 12:02:32 +02:00
Caio Ariede
ec9004728e Fixed #25175 -- Renamed the postgresql_psycopg2 database backend to postgresql. 2015-08-07 09:33:17 -04:00
Matt Robenolt
4dcfbd7923 Fixed #25211 -- Added HttpRequest.get_port() and USE_X_FORWARDED_PORT setting. 2015-08-04 09:50:57 -04:00
Konrad Świat
2f6bdab159 Fixed #25125 -- Updated docs on cookie naming conventions. 
Thanks Tim Graham for the review and kezabelle for the report.
 2015-07-17 07:57:01 -04:00
Tim Graham
aaacaeb096 Renamed RemovedInDjangoXYWarnings for new roadmap. 
Forwardport of ae1d663b79
from stable/1.8.x plus more.
 2015-06-24 16:08:20 -04:00
Tim Graham
4a66564888 Fixed #25010 -- Documented APP_DIRS default in startproject's settings.py 2015-06-20 19:28:17 -04:00
Tim Graham
55b3bd8468 Refs #16860 -- Minor edits and fixes to password validation. 2015-06-10 07:41:01 -04:00
Erik Romijn
1daae25bdc Fixed #16860 -- Added password validation to django.contrib.auth. 2015-06-07 19:31:20 +02:00
garwoodpr
5edf25bddd Cosmetic edits and minor corrections to docs/ref/settings.txt. 2015-05-21 18:58:41 -04:00
Aymeric Augustin
ed83881e64 Fixed #23820 -- Supported per-database time zone. 
The primary use case is to interact with a third-party database (not
primarily managed by Django) that doesn't support time zones and where
datetimes are stored in local time when USE_TZ is True.

Configuring a PostgreSQL database with the TIME_ZONE option while USE_TZ
is False used to result in silent data corruption. Now this is an error.
 2015-05-17 09:40:28 +02:00
Piotr Jakimiak
ca51c55915 Fixed broken link in settings docs 2015-05-13 07:02:01 -04:00
Dave Hodder
08c980d752 Updated capitalization in the word "JavaScript" for consistency 2015-05-01 13:26:42 -04:00
Fabio Natali
cb506aed2a Fixed #23814 -- Documented apps refactored out of Django. 2015-03-25 08:46:23 -04:00
Tim Graham
8219eabbba Fixed #24503 -- Added docs on LANGUAGE_CODE fallback change in 1.8. 
Thanks Pakal and Claude.
 2015-03-20 12:07:45 -04:00
Grzegorz Slusarek
668d53cd12 Fixed #21495 -- Added settings.CSRF_HEADER_NAME 2015-03-05 15:03:40 -05:00
Aymeric Augustin
15b711b5ee Deprecated TEMPLATE_DEBUG setting. 2015-02-15 20:47:04 +01:00
darkryder
9ec8aa5e5d Fixed #24149 -- Normalized tuple settings to lists. 2015-02-03 14:59:45 -05:00
Tim Graham
c79faae761 Removed versionadded/changed notes for 1.7. 2015-02-01 21:02:40 -05:00
Tim Graham
7e8cf74dc7 Removed support for syncing apps without migrations per deprecation timeline. 
Kept support for creating models without migrations when running tests
(especially for Django's test suite).
 2015-01-18 15:58:06 -05:00
Tim Graham
f635d75935 Removed support for old-style test database settings per deprecation timeline. 2015-01-17 09:55:18 -05:00
Collin Anderson
26a92619f6 Fixed #24124 -- Changed context_processors in the default settings.py 2015-01-12 13:17:44 -05:00
Aymeric Augustin
6c392bb2c0 Moved doc on the DTL's syntax to the ref/ section. 
This makes room for a more general introduction about templating.

Updated some links to point to the new location, but kept those that
didn't talk specifically about the DTL.
 2015-01-10 19:41:14 +01:00
Preston Timmons
de9ebdd39c Fixed #24022 -- Deprecated the ssi tag. 2015-01-05 19:35:02 -05:00
Aymeric Augustin
9eb4f28e89 Deprecated TEMPLATE_CONTEXT_PROCESSORS. 2014-12-28 17:02:31 +01:00
Aymeric Augustin
d3205e3e2e Deprecated TEMPLATE_DIRS. 2014-12-28 17:02:30 +01:00
Aymeric Augustin
cf0fd65ed4 Deprecated TEMPLATE_LOADERS. 2014-12-28 17:02:30 +01:00
Aymeric Augustin
d3a982556d Deprecated TEMPLATE_STRING_IF_INVALID. 2014-12-28 17:02:30 +01:00
Aymeric Augustin
3dc01aaaaf Deprecated ALLOWED_INCLUDE_ROOTS. 2014-12-28 17:02:30 +01:00
Aymeric Augustin
92e8f1f302 Moved context_processors from django.core to django.template. 2014-12-28 17:00:07 +01:00
Aymeric Augustin
1acfd624d6 Added initial support for loading template engines. 2014-12-28 16:08:31 +01:00
Frankie Robertson
446b50b90e Fixed #24035 -- Clarified docs on CACHE_MIDDLEWARE_KEY_PREFIX vs KEY_PREFIX 2014-12-23 14:35:30 -05:00
Claude Paroz
0a4b04fc23 Used https for most *.python.org links 2014-12-19 18:07:52 +01:00
Tim Graham
fa6e3a40e1 Fixed #23961 -- Clarified when makemigrations will create a directory. 2014-12-09 07:26:57 -05:00
Jannis Leidel
6302893112 Updated formtools docs to point at new package outside the Django repo. 
Refs #23677.
 2014-11-26 09:41:52 -05:00
Berker Peksag
4f90c99635 Fixed #23665 -- Noted precedence of settings.USE_L10N in MONTH_DAY_FORMAT and YEAR_MONTH. 2014-11-15 09:53:55 +01:00
Thomas Chaumeny
d3db878e4b Moved CSRF docs out of contrib. 2014-11-03 07:47:39 -05:00
Aymeric Augustin
8f79c154ca Removed extra period. 2014-10-30 20:49:30 +01:00
Tim Graham
bedd439297 Fixed #23667 -- Incorrect settings reference for language cookie. 
Thanks jamesbeith for the report.
 2014-10-16 19:41:15 -04:00
Erik Romijn
2bb00b0b0b Made minor typographic correction to SECRET_KEY docs. 
4ad57bbe31 included a few odd
quotation marks.
 2014-10-04 10:32:30 +02:00
Erik Romijn
4ad57bbe31 Fixed #22310 -- Documented exact usage of SECRET_KEY 
Thanks to Tim Graham for the review.
 2014-10-04 09:20:35 +02:00
Duane Hilton
054bdfeff1 Fixed #17638 -- Added crosslinks between topic and reference guides. 
Thanks oinopion for the suggestion and jarus for the initial patch.
 2014-09-29 18:06:31 -04:00
Tim Graham
90761d00e3 Fixed spelling mistakes and added words to wordlist. 2014-09-29 17:43:16 -04:00