mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-07-10 12:49:13 +00:00
Code Issues 32 Releases Wiki Activity
10,196 Commits 29 Branches 451 Tags
Commit Graph

1862 Commits

Author SHA1 Message Date
Russell Keith-Magee
1a76dbefdf [1.3.X] Altered the behavior of URLField to avoid a potential DOS vector, and to avoid potential leakage of local filesystem data. A security announcement will be made shortly. 
Backport of r16760 from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16763 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-09-10 01:08:24 +00:00
Russell Keith-Magee
2f7fadc38e [1.3.X] Added protection against spoofing of X_FORWARDED_HOST headers. A security announcement will be made shortly. 
Backport of r16758 from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16761 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-09-10 01:07:50 +00:00
Russell Keith-Magee
e2d7a784c8 [1.3.X] Fixed #16201 -- Ensure that requests with Content-Length=0 don't break the multipart parser. Thanks to albsen for the report and patch 
Backport of r16353 from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16676 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-08-23 15:57:01 +00:00
Russell Keith-Magee
3e7d79b6ac [1.3.X] Fixed #15499 -- Ensure that cache control headers don't try to set public and private as a result of multiple calls to patch_cache_control with different arguments. Thanks to AndiDog for the report and patch. 
Backport of r16657 from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16673 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-08-23 15:55:48 +00:00
Russell Keith-Magee
e9a1c03dba [1.3.X] Fixed #10571 -- Factored out the payload encoding code to make sure it is used for PUT requests. Thanks to kennu for the report, pterk for the patch, and wildfire for the review comments. 
Backport of r16651 from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16672 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-08-23 15:55:22 +00:00
Russell Keith-Magee
671483f37b [1.3.X] Fixed #14876 -- Ensure that join promotion works correctly when there are nullable related fields. Thanks to simonpercivall for the report, oinopion and Aleksandra Sendecka for the original patch, and to Malcolm for helping me wrestle the edge cases to the ground. 
Backport of r16648 from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16671 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-08-23 15:54:45 +00:00
Luke Plant
6e87dacf62 [1.3.X] Fixed #15776 - delete regression in Django 1.3 involving nullable foreign keys 
Many thanks to aaron.l.madison for the detailed report and to emulbreh for
the fix.

Backport of [16295] from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16296 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-05-30 16:19:53 +00:00
Luke Plant
7f3eda2f76 [1.3.X] Fixed #16004 - csrf_protect does not send cookie if view returns TemplateResponse 
The root bug was in decorator_from_middleware, and the fix also corrects
bugs with gzip_page and other decorators.

Backport of [16276] from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16279 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-05-25 17:31:47 +00:00
Luke Plant
afa092853f [1.3.X] Changed utils/decorators.py tests to use RequestFactory 
Backport of [16272] from trunk. Backported to make the backport of a
bugfix (regression) easier.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16278 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-05-25 17:31:36 +00:00
Luke Plant
5c08cda611 [1.3.X] Fixed #13648 - '%s' escaping support for sqlite3 regression. 
Thanks to master for the report and initial patch, and salgado and others
for work on the patch.

Backport of [16209] from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16210 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-05-10 12:28:29 +00:00
Carl Meyer
6a3d91828f [1.3.X] Fixed #15819 - Fixed 1.3 regression from r15526 causing duplicate search results in admin with search_fields traversing to non-M2M related models. Thanks to Adam Kochanowski for the report and Ryan Kaskel for the patch. 
Backport of r16093 from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16094 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-23 04:40:06 +00:00
Chris Beaven
9269b606ba [1.3.X] Fixes regression #15721 -- {% include %} and RequestContext not working together. Refs #15814. 
Backport of r16031, plus the utility from r16030.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16089 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-22 21:05:29 +00:00
Jannis Leidel
e87c9da437 [1.3.X] Fixed #15672 -- Refined changes made in r15918. Thanks, vung. 
Backport from trunk (r16082).

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16083 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-22 12:21:58 +00:00
Jannis Leidel
4d62386cad [1.3.X] Fixed #15698 -- Fixed inconsistant handling of context_object_name in paginated MultipleObjectMixin views. Thanks, Dave Hall. 
Backport from trunk (r16079).

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16080 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-22 12:06:11 +00:00
Ramiro Morales
1d499d50d0 [1.3.X] Fixed #15848 -- Fixed regression introduced in [15882] in makemessages management command when processing multi-line comments that contain non-ASCCI characters in templates. Thanks for the report Denis Drescher. 
Backport of r16038/r16039 from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@16040 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-18 21:10:42 +00:00
Russell Keith-Magee
686ef6c759 [1.3.X] Fixed #15739 -- Added support to RedirectView for HEAD, OPTIONS, POST, PUT and DELETE requests 
Backport of r15992 from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@15995 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-04-02 08:50:05 +00:00
Luke Plant
ce9b216882 [1.3.X] Fixed #15679 - regression in HttpRequest.POST and raw_post_data access. 
Thanks to vkryachko for the report.

This also fixes a slight inconsistency with raw_post_data after parsing of a
multipart request, and adds a test for that.  (Previously accessing
raw_post_data would have returned the empty string rather than raising an
Exception).

Backport of [15938] from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.3.X@15939 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-28 16:15:43 +00:00
Ramiro Morales
775a6e694f Fixed #15632 -- Ignore unrelated content in template multi-line comment blocks when looking for tokens that identify comments for translators. Thanks andrew AT ie-grad DOT ru for the report and Claude Paroz for spotting the problem and helping to fix it. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15882 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-19 12:56:38 +00:00
Russell Keith-Magee
1a6d98dab9 Fixed #13686 -- Ensure that memcache handling of unicode values in add() and set_many() is consistent with the handling provided by get() and set(). Thanks to nedbatchelder for the report, and to jbalogh, accuser and Jacob Burch for their work ont the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15880 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-19 02:42:40 +00:00
Jannis Leidel
bd0daa04f5 Fixed staticfiles test that was broken on Windows due to the result of the stdout not being correctly handled as Unicode. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15879 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-18 18:47:14 +00:00
Jannis Leidel
0ff6bbf1db Added staticfiles test case for filenames with medial capitals. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15878 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-18 18:47:08 +00:00
Russell Keith-Magee
1af33427cb Fixed #15623 -- Corrected province codes for Canadian localflavor. Thanks to shelldweller for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15864 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-17 00:59:30 +00:00
Luke Plant
243d0bec19 Fixed #15617 - CSRF referer checking too strict 
Thanks to adam for the report.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15840 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-15 20:37:09 +00:00
Russell Keith-Magee
6eb1c58430 Added file mistakenly ommitted from r15819 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15821 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-15 09:30:01 +00:00
Russell Keith-Magee
87a100b642 Fixed #15575 -- Corrected handling of pagination in generic views to match documentation and historical behavior. Thanks to Ivan Virabyan for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15820 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-15 08:24:31 +00:00
Russell Keith-Magee
c966566171 Fixed #14960 -- Added tests for inclusion tags. Thanks to Julien Phalip for the report, and to avenet and Paul Bissex for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15819 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-15 08:20:14 +00:00
Russell Keith-Magee
350a56ad49 Fixed #15606 -- Ensured that boolean fields always use the Boolean filterspec. Thanks to Martin Tiršel for the report 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15817 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-15 08:19:39 +00:00
Adrian Holovaty
4e25bc71b1 Fixed #15609 -- Fixed some 'raise' statements to use the newer style syntax. Thanks, DaNmarner 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15811 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-14 23:00:03 +00:00
Adrian Holovaty
72c5733869 Fixed #15604 -- Changed django.db.models.permalink to use wraps() so that it doesn't eat the docstring. Thanks for the report, sfllaw. Also added tests. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15798 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-14 05:22:39 +00:00
Luke Plant
e9d2763947 Fixed #15572 - include with "only" option discards context properties (such as autoescape) 
Thanks to dfoerster for the report.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15795 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-10 18:42:24 +00:00
Luke Plant
0a3aae8362 Fixed #15559 - distinct queries introduced by [15607] cause errors with some custom model fields 
This patch just reverts [15607] until a more satisfying solution can be
found.

Refs #11707

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15791 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-10 01:15:19 +00:00
Ian Kelly
f17fc56602 Fixed a bunch more tests that were failing in Oracle due to false assumptions about the primary keys of objects. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15789 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-09 23:46:28 +00:00
Ian Kelly
0cf527f77c Fixed a test that was failing in Oracle due to default ordering assumptions. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15783 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-09 19:20:35 +00:00
Ian Kelly
9e637d3061 Fixed a number of tests that were failing in Oracle due to false assumptions about the primary keys of objects. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15779 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-09 00:39:35 +00:00
Ian Kelly
8b22f7cf78 Fixed field names that were preventing the tests from running in Oracle. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15774 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-08 19:26:32 +00:00
Russell Keith-Magee
c260c533e1 Fixed #15570 -- Corrected a flaw in the design of the silent flag on {% cycle %}. Thanks to Brian Neal for the report, and to Andrew and Jannis for the design consult. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15773 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-08 13:43:53 +00:00
Russell Keith-Magee
4b746a6a24 Fixed #15549 -- Removed dependency on specific primary keys. Thanks to bberes for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15744 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-04 00:23:00 +00:00
Russell Keith-Magee
185b4f49ca Fixed #15548 -- Added an ordering clause to prevent test failures under Postgres. Thanks to bberes for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15743 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-04 00:01:56 +00:00
Russell Keith-Magee
806bffcf08 Fixed #15544 -- Corrected a test failure in the generic views tests that depended on primary key allocation. Thanks to Łukasz Rekucki for the report. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15742 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 23:54:12 +00:00
Russell Keith-Magee
d05bb1384a Fixed #15545 -- Corrected the admin filterspecs tests to be non-dependent on PK allocation or model ordering. Thanks to Łukasz Rekucki for the report and patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15741 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 23:49:44 +00:00
Ramiro Morales
3ecf628b36 Fixed #11206 -- Ensure that the floatformat template filter doesn't switch to scientific notation when asked to format a zero value with more than six decimal places. Thanks Tai Lee for the report and fix and Facundo Batista for his help when Decimal module expertise was needed. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15736 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 20:56:46 +00:00
Russell Keith-Magee
afd040d4d3 Updated test assertions that have been deprecated by the move to unittest2. In summary, this means: 
assert_ -> assertTrue
 assertEquals -> assertEqual
 failUnless -> assertTrue

For full details, see http://www.voidspace.org.uk/python/articles/unittest2.shtml#deprecations

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15728 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 15:04:39 +00:00
Russell Keith-Magee
b7c41c1fbb Fixed #12252 -- Ensure that queryset unions are commutative. Thanks to benreynwar for the report, and draft patch, and to Karen and Ramiro for the review eyeballs and patch updates. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15726 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 13:51:54 +00:00
Russell Keith-Magee
d1290b5b43 Fixed #3094 -- Accelerated deprecation of XMLField, since it hasn't served any useful purpose since oldforms. Thanks to PaulM for driving the issue and providing the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15723 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 13:28:20 +00:00
Jannis Leidel
b921f1bac0 Fixed #12475 -- Fixed an edge case with hidden fields in ModelAdmin changelists when used in conjunction with list_display_links or list_editable. Thanks, Simon Meers, Julien Phalip, Karen and master. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15722 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 13:20:45 +00:00
Jannis Leidel
c0fb9bd00b Fixed #13411 -- Made sure URL fragments are correctly handled by the next_redirect utility of the comments apps. Thanks, timesong, dpn and Julien Phalip. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15720 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 13:03:53 +00:00
Russell Keith-Magee
edfed18581 Fixed #15502 -- Ensure that nested TemplateDoesNotExist errors are propegated with a meaningful error message when loaded using select_template. Thanks to jaylett for the report, and GDorn for the patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15717 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-03 00:41:40 +00:00
Jannis Leidel
93cd8442fc Fixed #15535 -- Stopped the blocktrans template tag from raising a KeyError if an included variable can't be found in the context. Thanks, melinath. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15709 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-02 21:36:41 +00:00
Jannis Leidel
f6c991667f Fixed #4992 -- Respect the GET request query string when creating cache keys. Thanks PeterKz and guettli for the initial patch. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15705 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-02 12:47:36 +00:00
Jannis Leidel
6b95aa6fb5 Fixed #15531 -- Partially reverted [15701] due to compatibility issues with middlewares that modify content of responses. Thanks for the report, schinckel. Refs #15281. 
git-svn-id: http://code.djangoproject.com/svn/django/trunk@15703 bcc190cf-cafb-0310-a4f2-bffc1f526a37
 2011-03-02 10:40:48 +00:00