Commit Graph

249 Commits

Author SHA1 Message Date
Luke Plant 7230a995ce Moved contrib.csrf.* to core code.
There is stub code for backwards compatiblity with Django 1.1 imports.

The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:36:34 +00:00
Luke Plant 8e70cef9b6 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.
This is a large change to CSRF protection for Django.  It includes:

 * removing the dependency on the session framework.
 * deprecating CsrfResponseMiddleware, and replacing with a core template tag.
 * turning on CSRF protection by default by adding CsrfViewMiddleware to
   the default value of MIDDLEWARE_CLASSES.
 * protecting all contrib apps (whatever is in settings.py)
   using a decorator.

For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.

Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.

Details of the rationale for these changes is found here:

http://code.djangoproject.com/wiki/CsrfProtection

As of this commit, the CSRF code is mainly in 'contrib'.  The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-26 23:23:07 +00:00
Jacob Kaplan-Moss 7770c70007 Fixed a silly typo left over from removing Python 2.3 references.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11641 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-23 19:43:58 +00:00
Jacob Kaplan-Moss 7098664940 Removed mentions of Python 2.3 support from the docs -- Django 1.2 drops support for Python 2.3 -- and added a quick FAQ about that dropping of support.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11640 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-23 19:30:23 +00:00
Luke Plant c46ddbf1fc Fixed #8274 - allow custom forms for auth 'login' and 'password_change' views
Thanks to julien for the suggestion and patch, and SmileyChris for work on the patch.


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11618 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-12 15:32:24 +00:00
James Bennett ca9d0136df Fixed #11961: Corrected a few typos in docs/testing.txt. Thanks to timo for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11599 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-30 06:40:34 +00:00
Luke Plant 6e3a72585a Added 'key_prefix' keyword argument to cache_page()
This was available before r11586, but undocumented.  It has now been
re-added with documentation and explicit support, as it seems like a useful
feature and people were using it before.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11595 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-28 21:54:54 +00:00
James Bennett 4a2a0b0e21 Fixed #11931: Removed mention of nonexistent get_sql() method for arguments to limit_choices_to. Since the correct reference involves undocumented ORM internals, this simply removes the reference entirely in favor of publicly-documented use of Q objects.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11591 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-23 23:40:12 +00:00
Russell Keith-Magee f8077919b5 Fixed #11755 -- Added documentation for an edge case of FormSet usage. Thanks to ffualo for the suggestion.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11549 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 03:01:04 +00:00
Russell Keith-Magee 38e78da95e Fixed #11740 -- Added extra detail on the behavior of ModelForms. Thanks to severian for the suggestion.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11548 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 01:35:18 +00:00
Russell Keith-Magee 0e07f80cf4 Fixed #9414 -- Clarified the documentation on the permission decorators. Thanks to timo for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11547 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 01:13:40 +00:00
Russell Keith-Magee d0c6e9cf63 Fixed #11873 -- Corrected typo in generic views docs. Thanks to Brett Cannon for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11546 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 00:25:53 +00:00
Russell Keith-Magee 8b6a2c11e4 Fixed #11073 -- Added documentation for SESSION_COOKIE_PATH. Thanks to liling for the report, and gsong for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11545 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 00:17:35 +00:00
Russell Keith-Magee 7dfd7cb836 Fixed #10864 -- Clarified the role played by redirect_to_field in the login_required auth decorator. Thanks to trigeek38 for the suggestion, and SmileyChris for the draft.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11544 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-13 00:12:26 +00:00
Russell Keith-Magee 1ed9d29db8 Modified r11531 to use the original suggested text from the patch (which was better).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11532 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:41:12 +00:00
Russell Keith-Magee 15f3610747 Fixed #11589 -- Corrected an argument in the shortcuts documentation. Thanks to tsaylor for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11531 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-12 22:32:07 +00:00
Luke Plant 8da58e51ff Fixed #11554: Several errors in Generic Views Documentation.
Thanks Ramiro. 
Refs #11477 - that ticket should have been marked a duplicate of #11554



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11499 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-11 13:46:56 +00:00
Luke Plant 404a82e156 Fixed #7376: auth docs don't say they depend on contenttypes.
Thanks arien


git-svn-id: http://code.djangoproject.com/svn/django/trunk@11487 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-10 15:41:00 +00:00
Luke Plant de5e768557 Fixed #11477: Generic views docs point out bug with wrong queryset
Thanks SmileyChris



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11484 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-09-10 15:21:16 +00:00
Russell Keith-Magee 42ff5b3c12 Cleanup of some minor markup problems in URL documentation.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11275 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-21 01:48:59 +00:00
Russell Keith-Magee 0c9d0bf7d6 Fixed #11492 -- Corrected some typos, and added some extra markup for the URLs documentation. Thanks to Ramiro Morales for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11258 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-17 00:55:21 +00:00
Russell Keith-Magee 3469f4b819 Fixed #11491 -- Corrected minor typo in new namespace URL docs. Thanks to Carl Meyer for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11253 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-16 23:45:36 +00:00
Russell Keith-Magee 8d48eaa064 Fixed #10061 -- Added namespacing for named URLs - most importantly, for the admin site, where the absence of this facility was causing problems. Thanks to the many people who contributed to and helped review this patch.
This change is backwards incompatible for anyone that is using the named URLs
introduced in [9739]. Any usage of the old admin_XXX names need to be modified
to use the new namespaced format; in many cases this will be as simple as a
search & replace for "admin_" -> "admin:". See the docs for more details on
the new URL names, and the namespace resolution strategy.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@11250 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-16 16:16:13 +00:00
Russell Keith-Magee 49f0a4bb5b Fixed #10908 -- Clarified the procedure for creating test users in the testing docs. Thanks to gruszczy and timo.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11248 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-16 16:06:53 +00:00
Russell Keith-Magee 3c6036a5b4 Fixed #11364 -- Modified the jsi18n example to use the {% url %} tag rather than a placeholder. Thanks to jcassee for the suggestion.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11237 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-15 13:54:45 +00:00
Russell Keith-Magee b1e645b6cd Fixed #10287 -- Added better examples in the docs of formset validation. Thanks to Andrew Badr for the text.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11234 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-15 13:52:39 +00:00
Russell Keith-Magee ebce1b9a2b Fixed #11439 -- Added docs on including URL patterns as an iterable. Thanks to Ramiro Morales for the draft text.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11221 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-11 15:38:47 +00:00
Russell Keith-Magee 87285078f0 Fixed #9607 -- Added documentation for the ``extra`` argument in test client methods. Thanks to jroes for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11173 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-03 07:40:45 +00:00
Russell Keith-Magee 037b833f2e Fixed #10604 -- Added note on the limitation of ungettext, especially as relating to the {% blocktrans %} tag. Thanks to bartTC for the report, and Ramiro Morales for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11164 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-07-03 05:42:09 +00:00
Karen Tracey fe2747d1e0 Fixed #10741: Updated instructions on the best gettext package to get for Windows. Thanks Ramiro.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11103 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-24 23:33:17 +00:00
Russell Keith-Magee 970be97530 Fixed #8861 -- Added note on the availability of ModelForm.instance. Thanks to Ramiro Morales for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11097 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-24 14:04:18 +00:00
Russell Keith-Magee 18b29c523b Fixed #11356 -- Added links to the growing collection of 3rd party database backends that are available. Thank to Nathan Auch for the draft text.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11093 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-24 14:00:53 +00:00
Russell Keith-Magee b836ed4666 Made correction to documentation change from [11045].
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11054 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 13:44:26 +00:00
Russell Keith-Magee 3894ba853d Fixed #11253 -- Normalized the way the docs refer to TestCase.assert* methods. Thanks to SmileyChris for the report and patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11051 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 13:36:11 +00:00
Russell Keith-Magee d71097111a Fixed #11322 -- Clarified docs regarding middleware processing. Thanks the Michael Malone for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11048 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 13:34:27 +00:00
Russell Keith-Magee 4086167ba6 Fixed #11318 -- Grammar correction in modelform docs. Thanks to seemant for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11047 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 13:33:52 +00:00
Russell Keith-Magee 3db96017ba Fixed #11278 -- Clarified query documentation regarding bulk assignment of m2m values. Thanks to zgoda for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11045 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 13:32:48 +00:00
Russell Keith-Magee 457a1f9a03 Fixed #11272 -- Made some clarifications to the overview and tutorial. Thanks to jjinux for the review notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11044 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 13:32:12 +00:00
Russell Keith-Magee 15a908b4d1 Refs #11336 -- Another dummy commit to force refresh of some index pages by Sphinx, caused by file ommitted from [11025] and included in [11026]. Thanks to Peter Landry for the report, and Ramiro for the explanation.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11032 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-18 00:16:48 +00:00
Karen Tracey 80c0ee0be7 Fixed #11335 -- Corrected model reference in generic views doc. Thanks oyvind.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11028 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-17 19:59:50 +00:00
Russell Keith-Magee ec1baddbb7 Update to [11025]. This time, actually include the new generic views documentation.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11026 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-17 14:16:27 +00:00
Russell Keith-Magee 6c81952b37 Fixed #10336 -- Added improved documentation of generic views. Thanks to Jacob and Adrian for the original text (from the DjangoBook), and Ramiro for doing the work of porting the docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11025 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-17 14:09:56 +00:00
Russell Keith-Magee 992ded1ad1 Fixed #9919 -- Added note on the need to mark transactions as dirty when using raw SQL.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11022 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-17 13:47:39 +00:00
Russell Keith-Magee 6ad26e6acc Fixed #10845 -- Clarified the examples for using ModelForms with fields or exclude specified. Thanks to Andrew Durdin for the suggestion.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10972 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-06-10 12:46:04 +00:00
Karen Tracey bdf33b37da Fixed #11215 -- Replaced erroneous catch with except in testing doc.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10845 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-27 16:03:51 +00:00
Adrian Holovaty 9848f888ba Made some small improvements to docs/topics/http/sessions.txt
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10839 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-26 05:29:28 +00:00
Brian Rosner 5d9983d084 Fixed #8857 -- Corrected ref in modelforms documentation and added ref to file upload documentation in form documentation. Thanks Kyle Fox and prairiedogg.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10837 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-24 06:46:02 +00:00
Karen Tracey e258961e4f Fixed #11188 -- Removed incorrect doc note about step being unsupported when slicing query sets.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10835 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-23 12:58:31 +00:00
Karen Tracey ae95edf91d Fixed #11138 -- Corrected the description of behavior related to the max_num parameter for model formsets.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10819 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-18 16:00:29 +00:00
Karen Tracey 5a5842ccf2 Fixed #11137 -- Add missing base class in proxy model extra managers doc. Thanks ekarulf.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10818 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-05-18 15:36:18 +00:00