0
0
mirror of https://github.com/django/django.git synced 2024-12-01 15:42:04 +01:00
Commit Graph

23565 Commits

Author SHA1 Message Date
Tim Graham
b8ae2c16cf Added CVE-2016-9013,14 to the security release archive. 2016-11-01 10:48:11 -04:00
Tim Graham
7fe2d8d940 Fixed CVE-2016-9014 -- Validated Host header when DEBUG=True.
This is a security fix.
2016-11-01 09:30:57 -04:00
Marti Raudsepp
da7910d483 Fixed CVE-2016-9013 -- Generated a random database user password when running tests on Oracle.
This is a security fix.
2016-11-01 09:30:57 -04:00
Tim Graham
9e9c81d3c2 Added stub release notes for 1.9.11/1.8.16. 2016-11-01 09:30:57 -04:00
Andrew Nester
1ce04bcce0 Fixed #27363 -- Replaced unsafe redirect in SessionMiddleware with SuspiciousOperation. 2016-11-01 07:15:56 -04:00
Henry Dang
9c2e1ad6a5 Fixed #27400 -- Documented {% static %} encoding change in 1.10. 2016-10-31 16:07:00 -04:00
Timothy Allen
5595db9504 Updated docs/topics/db/queries.txt examples to use print() function. 2016-10-31 15:22:32 -04:00
Tim Graham
2f9861d823 Fixed #27148 -- Fixed ModelMultipleChoiceField crash with invalid UUID. 2016-10-31 15:21:05 -04:00
Tim Graham
de91c172cf Fixed #27410 -- Clarified when static files is enabled in STATIC_ROOT docs. 2016-10-31 15:17:40 -04:00
Mariusz Felisiak
55993d1e4e Updated Oracle docs links to Oracle 12c. 2016-10-31 14:32:50 -04:00
Krzysztof Urbaniak
a01d887a3a Fixed #27063 -- Prevented i18n_patterns() from using too much of the URL as the language. 2016-10-31 14:32:01 -04:00
Krzysztof Urbaniak
ee06689878 Added additional tests for translation's get_language_from_path(). 2016-10-31 11:55:24 -04:00
Anssi Kääriäinen
9513903086 Updated by bio. 2016-10-31 09:55:48 -04:00
Jon Dufresne
611d34b0e4 Captured logging output during NonDjangoTemplatesDebugViewTests.test_400(). 2016-10-29 15:39:24 -07:00
medmunds
d3708aeb26 Fixed #27382 -- Doc'd that ugettext_lazy() should be converted to text for non-Django code. 2016-10-29 07:23:57 -04:00
Michael Scott
ec9ed07488 Fixed #27188 -- Allowed using unique=True with FileField.
Thanks Tim Graham for the initial patch.
2016-10-28 20:11:03 -04:00
Aymeric Augustin
625cd5bcb3 Added require_ready argument to get_model methods.
This allows bringing back the behavior of Django < 1.7.

Also fixed the check for the app registry being ready in
AppConfig.get_model(s), which was inconsistent with the equivalent check in
Apps.get_model(s). That part is a backwards-incompatible change.
2016-10-28 19:08:57 -04:00
Aymeric Augustin
fd748c42a9 Simplified AppConfig.import_models().
Since AppConfig now has a reference to its parent Apps registry,
it can look up the models there instead of receiving them in argument.
2016-10-28 18:43:45 -04:00
Aymeric Augustin
efcb7e1ebf Modified readiness check in AppConfig.get_model(s).
It was inconsistent with the equivalent check in Apps.get_model(s)
because I made incorrect assumptions when I wrote that code and
needlessly complicated readiness checks.

This is a backwards-incompatible change.
2016-10-28 18:42:29 -04:00
Tim Graham
20be1918e7 Simplified some auth_tests with assertRedirects(). 2016-10-28 11:52:52 -04:00
wim glenn
21dd792349 Fixed #26578 -- Prohibited non-ASCII digits in validate_ipv4_address. 2016-10-28 11:38:49 -04:00
Tim Graham
1bc249c2a6 Fixed #20939 -- Simplified query generation by converting QuerySet to Query.
Thanks Anssi Kääriäinen for the initial patch and Anssi, Simon Charette,
and Josh Smeaton for review.
2016-10-28 11:20:23 -04:00
Markus Holtermann
80e742d991 Added pytz to test requirements
This allows running tests w/o installing Django itself by only pointing
the Python path.
2016-10-28 15:49:07 +02:00
Zach Wernberg
6c994013e2 Corrected TooManyFieldsSent doctring for GET requests. 2016-10-27 18:44:52 -04:00
Mariusz Felisiak
c7f86d3eec Fixed #27373 -- Corrected 404 debug page message for an empty request path. 2016-10-27 16:58:41 -04:00
Adam Chainz
968f61b991 Documented that cache keys are strings rather than bytes. 2016-10-27 15:49:24 -04:00
mark-summerfield
4584bc3a1e Described PostgreSQL as more scalable than SQLite. 2016-10-27 09:14:04 -04:00
Tim Graham
414ad25b09 Fixed #27327 -- Simplified time zone handling by requiring pytz. 2016-10-27 08:53:20 -04:00
Tim Graham
d84ffcc22b Updated "running the tests" to use 'pip install -e'. 2016-10-27 08:18:56 -04:00
Jon Dufresne
c74378bb77 Fixed #27299 -- Documented the Widget.use_required_attribute() method.
Thanks Tim Graham for the review and edits.
2016-10-26 19:29:16 -07:00
Adam Chidlow
f734e2d4b2 Fixed #27334 -- Allowed FileField to move rather than copy a file.
When a FileField is set to an instance of File that is not also an
instance of FieldFile, pre_save() passes that object as the contents to
Storage.save(). This allows the file to be moved rather than copied
to the upload destination.
2016-10-26 12:25:30 -04:00
Thomas Güttler
7cdc2015e3 Clarified when the post_migrate signal is sent during migrate. 2016-10-26 11:01:04 -04:00
Jon Dufresne
f3ea0c4bbd Reverted "Fixed #26401 -- Added BaseAuthConfig to use auth without migrations."
This reverts commit 1ec1633cb2 as it
doesn't handle ContentType's auth.Permission dependency. Thus, it
doesn't allow auth without migrations.
2016-10-25 17:32:59 -07:00
David Barragán Merino
b3bd3aa07c Fixed #27385 -- Fixed QuerySet.bulk_create() on PostgreSQL when the number of objects is a multiple plus one of batch_size. 2016-10-25 19:21:08 -04:00
Tim Graham
a9d1d95284 Replaced Outputting PDF's "Further Resources" with a link to Django Packages. 2016-10-25 11:58:19 -04:00
Marti Raudsepp
51fbe2a60d Updated postgresql.org links to https and made them canonical. 2016-10-25 11:43:32 -04:00
Julian Andrews
adc93e8599 Fixed #26357 -- Allowed admin popups to work on links added after page load. 2016-10-24 20:17:31 -04:00
Tim Graham
6fdb12cdcc Documented how to request CVE IDs. 2016-10-24 15:02:55 -04:00
Tim Graham
19f1321fa4 Removed unused loop in Query.change_aliases().
Unknown if it was ever used.
2016-10-24 11:27:41 -04:00
Sergey Fedoseev
7d51e406bd Added MySQLOperations.geom_func_prefix to simplify. 2016-10-24 11:12:47 -04:00
Alvin Lindstam
6b5106b1ce Fixed #27374 -- Made JavaScriptCatalog respect the packages argument. 2016-10-22 19:26:08 -04:00
Jon Dufresne
9b9c8c4a81 Fixed #27368 -- Modifed BaseEmailBackend.__enter__() to close the connection if an exception occurs.
Fixes unclosed socket ResourceWarning in mail test.

Thanks Claude Paroz for the review.
2016-10-21 05:59:07 -07:00
Claude Paroz
1f5b69917d Optimized file copy in TemplateCommand 2016-10-20 16:59:01 +02:00
Claude Paroz
d75c2ccaa0 Removed note about obsolete Python version 2016-10-20 16:39:14 +02:00
Zach Borboa
90c3b11e87 Fixed #27361 -- Used "from django import forms" in forms api docs. 2016-10-19 09:55:21 -04:00
Markus Holtermann
b5fc192b99 Fixed #27352 -- Doc'd social media fingerprinting consideration with login's redirect_authenticated_user. 2016-10-18 11:37:56 -04:00
Kevin Christopher Henry
2327fad54e Fixed #27344 -- Made ConditionalGetMiddleware only process GET requests. 2016-10-17 16:11:53 -04:00
Riccardo Magliocchetti
a4e9e834e3 Fixed ModelAdmin.get_max_num() example if obj is None. 2016-10-17 07:33:38 -04:00
François Freitag
86bb9a0502 Refs #20888 -- Fixed index ordering introspection on PostgreSQL 9.6. 2016-10-17 07:16:13 -04:00
Tim Graham
50864b402b Removed unused branch in ModelIterable.__iter__().
Unknown if it was ever used.
2016-10-15 10:19:47 -04:00