0
0
mirror of https://github.com/django/django.git synced 2024-11-29 22:56:46 +01:00
Commit Graph

476 Commits

Author SHA1 Message Date
bankc
db5b75f10f Fixed #31840 -- Added support for Cross-Origin Opener Policy header.
Thanks Adam Johnson and Tim Graham for the reviews.

Co-authored-by: Tim Graham <timograham@gmail.com>
2021-03-30 19:59:24 +02:00
Tim Graham
2411b8b5eb Fixed #16010 -- Added Origin header checking to CSRF middleware.
Thanks David Benjamin for the original patch, and Florian
Apolloner, Chris Jerdonek, and Adam Johnson for reviews.
2021-03-18 20:25:20 +01:00
Tim Graham
dba44a7a7a Refs #16010 -- Required CSRF_TRUSTED_ORIGINS setting to include the scheme. 2021-03-18 20:00:22 +01:00
Simon Charette
3089018e95 Fixed #32446 -- Deprecated SERIALIZE test database setting.
Whether or not the state of a test database should be serialized can be
inferred from the set of databases allowed to be access from discovered
TestCase/TransactionTestCase enabling the serialized_rollback feature
which makes this setting unnecessary.

This should make a significant test suite bootstraping time difference
on large projects that didn't explicitly disable test database
serialization.
2021-02-24 20:31:11 +01:00
Markus Holtermann
50a5f8840f Refs #32394 -- Changed STATIC_URL/MEDIA_URL to relative paths in tests and docs where appropriate. 2021-02-06 13:41:35 +01:00
Mariusz Felisiak
0aa6a602b2 Refs #31842 -- Removed DEFAULT_HASHING_ALGORITHM transitional setting.
Per deprecation timeline.
2021-01-14 17:50:04 +01:00
Mariusz Felisiak
12ac4916af Refs #28622 -- Removed settings.PASSWORD_RESET_TIMEOUT_DAYS per deprecation timeline. 2021-01-14 17:50:04 +01:00
Mariusz Felisiak
b7dd89ed53 Removed versionadded/changed annotations for 3.1. 2021-01-14 17:50:04 +01:00
Tim Graham
2e7ba6057c Refs #28741 -- Doc'd SESSION_COOKIE_DOMAIN requirement with CSRF_USE_SESSIONS.
Similar considerations as refs #32065, again adding some nuance to
afd375fc34.
2021-01-04 07:49:30 +01:00
Carlton Gibson
0ed6f3ba4b
Corrected formatting in settings docs. 2020-12-15 12:08:45 +01:00
Tom Forbes
b5e12d490a Fixed #31007 -- Allowed specifying type of auto-created primary keys.
This also changes the default type of auto-created primary keys
for new apps and projects to BigAutoField.
2020-12-15 11:25:46 +01:00
Mariusz Felisiak
5ce31d6a71
Fixed #32193 -- Deprecated MemcachedCache. 2020-12-09 21:27:32 +01:00
Nikita Sobolev
42f3fafdfa
Updated {% static %} tag examples in docs to use single quotes where appropriate. 2020-11-02 10:34:24 +01:00
Carlton Gibson
3d4ffd1ff0 Fixed #32065 -- Restored leading dot to CSRF_COOKIE_DOMAIN examples.
Partially reverts afd375fc34.

Thanks to Tim Graham for review.
2020-10-07 10:03:10 +02:00
Mariusz Felisiak
77caeaea88
Fixed #32012 -- Made test database creation sync apps models when migrations are disabled.
Thanks Jaap Roes for the report.
2020-09-23 10:54:04 +02:00
Nick Pope
b4d46df5ca Fixed #29887 -- Added a cache backend for pymemcache. 2020-09-16 09:40:30 +02:00
Hasan Ramezani
70731fc6fe Fixed #31934 -- Added note about the default of SameSite cookie flag in modern browsers. 2020-08-31 10:57:41 +02:00
Mariusz Felisiak
d907371ef9 Fixed #31842 -- Added DEFAULT_HASHING_ALGORITHM transitional setting.
It's a transitional setting helpful in migrating multiple instance of
the same project to Django 3.1+.

Thanks Markus Holtermann for the report and review, Florian
Apolloner for the implementation idea and review, and Carlton Gibson
for the review.
2020-08-04 09:35:24 +02:00
Harpreet Sharma
248d03fbe9 Fixed #31821 -- Removed outdated note in FILE_UPLOAD_PERMISSIONS docs.
Follow up to 22aab8662f
2020-07-23 20:36:52 +02:00
Buk Bukowski
f65454801b
Fixed #31814 -- Fixed typo in docs/ref/settings.txt. 2020-07-22 22:38:27 +02:00
Adam Johnson
80f92177eb
Improved description of USE_THOUSAND_SEPARATOR setting. 2020-07-20 12:54:55 +02:00
Hasan Ramezani
a16080810b
Fixed #31696 -- Updated OWASP links in docs. 2020-06-15 09:44:08 +02:00
René Fleschenberg
f24b59267b Refs #23097 -- Used new octal format in FILE_UPLOAD_PERMISSIONS docs. 2020-05-25 20:43:31 +02:00
Hasan Ramezani
643207efae
Fixed #31608 -- Doc'd that form ISO 8601 datetime parsing always retains tzinfo. 2020-05-21 20:45:39 +02:00
Mariusz Felisiak
4c5236ef93 Removed versionadded/changed annotations for 3.0. 2020-05-13 09:07:51 +02:00
Chris Burchhardt
d2b9a9fdbb Refs #28622 -- Corrected PASSWORD_RESET_TIMEOUT/PASSWORD_RESET_TIMEOUT_DAYS docs.
Removed outdated note about an extra day in PASSWORD_RESET_TIMEOUT
docs and incorrect "minimum" phrase.
2020-05-05 08:19:25 +02:00
Mariusz Felisiak
b28be08cac
Fixed broken links in docs. 2020-04-28 10:09:45 +02:00
Hasan Ramezani
bec4dea844 Fixed #31400 -- Doc'd the expected type of CONN_MAX_AGE database option. 2020-03-27 06:32:42 +01:00
Adam Johnson
72b97a5b1e Fixed #31232 -- Changed default SECURE_REFERRER_POLICY to 'same-origin'. 2020-02-05 14:39:01 +01:00
Abhijeet
a45c8d7ad0
Fixed #31126 -- Doc'd STATICFILES_DIRS namespacing in static files how-to. 2020-01-29 10:34:34 +01:00
Pavel Lysak
13e4abf83e Fixed #30752 -- Allowed using ExceptionReporter subclasses in error reports. 2020-01-16 15:25:49 +01:00
Claude Paroz
188b003014 Fixed #15982 -- Added DATE_INPUT_FORMATS to forms.DateTimeField default input formats. 2020-01-07 11:08:40 +01:00
Osaetin Daniel
b33bfc3839 Fixed #30862 -- Allowed setting SameSite cookies flags to 'none'.
Thanks Florian Apolloner and Carlton Gibson for reviews.
2019-12-12 10:52:31 +01:00
Gordon Pendleton
adb9661789 Fixed #31010 -- Allowed subdomains of localhost in the Host header by default when DEBUG=True. 2019-12-05 09:44:45 +01:00
Aymeric Augustin
c06492dd87 Fixed #23524 -- Allowed DATABASES['TIME_ZONE'] option on PostgreSQL. 2019-12-04 18:22:08 +01:00
Baptiste Mispelon
ff1b19da67 Fixed #31029 -- Used more specific links to RFCs. 2019-11-27 20:54:38 +01:00
Jon Dufresne
a69c4d626a Refs #25388 -- Corrected value of TEST MIGRATE setting in MIGRATION_MODULES docs. 2019-11-25 08:42:35 +01:00
Jon Dufresne
f5ebdfce5c Fixed #25388 -- Added an option to allow disabling of migrations during test database creation. 2019-11-20 20:42:38 +01:00
Jon Dufresne
fbbff7f808 Refs #29983 -- Added pathlib.Path support to the file email backend. 2019-11-06 09:33:07 +01:00
Jon Dufresne
c8debd5061 Added a link to the file email backend from EMAIL_FILE_PATH setting. 2019-11-06 08:24:49 +01:00
René Fleschenberg
d232fd76a8 Clarified that SECURE_REDIRECT_EXEMPT patterns should not include leading slashes. 2019-10-11 15:30:33 +02:00
Oleg Kainov
c574bec092 Fixed #25598 -- Added SCRIPT_NAME prefix to STATIC_URL and MEDIA_URL set to relative paths.
Thanks Florian Apolloner for reviews.

Co-authored-by: Joel Dunham <Joel.Dunham@technicalsafetybc.ca>
2019-09-25 19:47:03 +02:00
Mariusz Felisiak
28e769dfe6 Fixed typo in docs/ref/settings.txt. 2019-09-23 08:17:58 +02:00
Luke Plant
45304e444e Refs #28622 -- Clarified security implications of PASSWORD_RESET_TIMEOUT. 2019-09-20 13:53:01 +02:00
Hasan Ramezani
226ebb1729 Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS. 2019-09-20 13:52:04 +02:00
Ben Falk
4056558a1c Fixed typos in docs/ref/settings.txt. 2019-09-13 20:36:35 +02:00
Mariusz Felisiak
3d716467a9 Refs #29817 -- Removed settings.FILE_CHARSET per deprecation timeline. 2019-09-10 12:01:00 +02:00
Mariusz Felisiak
416c584cab Removed versionadded/changed annotations for 2.2. 2019-09-10 12:01:00 +02:00
Nick Pope
406dba04e1 Fixed #29406 -- Added support for Referrer-Policy header.
Thanks to James Bennett for the initial implementation.
2019-09-09 13:35:41 +02:00
Claude Paroz
05d0eca635 Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY. 2019-09-09 08:15:26 +02:00