diff options
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/internals/contributing/writing-code/unit-tests.txt | 10 | ||||
| -rw-r--r-- | docs/ref/contrib/index.txt | 8 | ||||
| -rw-r--r-- | docs/ref/contrib/markup.txt | 77 | ||||
| -rw-r--r-- | docs/ref/settings.txt | 14 | ||||
| -rw-r--r-- | docs/ref/templates/builtins.txt | 10 | ||||
| -rw-r--r-- | docs/topics/security.txt | 7 |
6 files changed, 2 insertions, 124 deletions
diff --git a/docs/internals/contributing/writing-code/unit-tests.txt b/docs/internals/contributing/writing-code/unit-tests.txt index afef554a8c..a03951d141 100644 --- a/docs/internals/contributing/writing-code/unit-tests.txt +++ b/docs/internals/contributing/writing-code/unit-tests.txt @@ -145,9 +145,6 @@ If you want to run the full suite of tests, you'll need to install a number of dependencies: * PyYAML_ -* Markdown_ -* Textile_ -* Docutils_ * setuptools_ * memcached_, plus a :ref:`supported Python binding <memcached>` * gettext_ (:ref:`gettext_on_windows`) @@ -160,9 +157,6 @@ Each of these dependencies is optional. If you're missing any of them, the associated tests will be skipped. .. _PyYAML: http://pyyaml.org/wiki/PyYAML -.. _Markdown: http://pypi.python.org/pypi/Markdown/1.7 -.. _Textile: http://pypi.python.org/pypi/textile -.. _docutils: http://pypi.python.org/pypi/docutils/0.4 .. _setuptools: http://pypi.python.org/pypi/setuptools/ .. _memcached: http://memcached.org/ .. _gettext: http://www.gnu.org/software/gettext/manual/gettext.html @@ -200,7 +194,7 @@ multiple modules by using a ``tests`` directory in the normal Python way. For the tests to be found, a ``models.py`` file must exist, even if it's empty. If you have URLs that need to be mapped, put them in ``tests/urls.py``. -To run tests for just one contrib app (e.g. ``markup``), use the same +To run tests for just one contrib app (e.g. ``auth``), use the same method as above:: - ./runtests.py --settings=settings markup + ./runtests.py --settings=settings auth diff --git a/docs/ref/contrib/index.txt b/docs/ref/contrib/index.txt index d042fd96ca..e5cea01ead 100644 --- a/docs/ref/contrib/index.txt +++ b/docs/ref/contrib/index.txt @@ -31,7 +31,6 @@ those packages have. formtools/index gis/index humanize - markup messages redirects sitemaps @@ -121,13 +120,6 @@ A set of Django template filters useful for adding a "human touch" to data. See the :doc:`humanize documentation </ref/contrib/humanize>`. -markup -====== - -A collection of template filters that implement common markup languages - -See the :doc:`markup documentation </ref/contrib/markup>`. - messages ======== diff --git a/docs/ref/contrib/markup.txt b/docs/ref/contrib/markup.txt deleted file mode 100644 index 9215c64f93..0000000000 --- a/docs/ref/contrib/markup.txt +++ /dev/null @@ -1,77 +0,0 @@ -===================== -django.contrib.markup -===================== - -.. module:: django.contrib.markup - :synopsis: A collection of template filters that implement common markup languages. - -.. deprecated:: 1.5 - This module has been deprecated. - -Django provides template filters that implement the following markup -languages: - -* ``textile`` -- implements `Textile`_ -- requires `PyTextile`_ -* ``markdown`` -- implements `Markdown`_ -- requires `Python-markdown`_ (>=2.1) -* ``restructuredtext`` -- implements `reST (reStructured Text)`_ - -- requires `doc-utils`_ - -In each case, the filter expects formatted markup as a string and -returns a string representing the marked-up text. For example, the -``textile`` filter converts text that is marked-up in Textile format -to HTML. - -To activate these filters, add ``'django.contrib.markup'`` to your -:setting:`INSTALLED_APPS` setting. Once you've done that, use -``{% load markup %}`` in a template, and you'll have access to these filters. -For more documentation, read the source code in -:file:`django/contrib/markup/templatetags/markup.py`. - -.. warning:: - - The output of markup filters is marked "safe" and will not be escaped when - rendered in a template. Always be careful to sanitize your inputs and make - sure you are not leaving yourself vulnerable to cross-site scripting or - other types of attacks. - -.. _Textile: http://en.wikipedia.org/wiki/Textile_%28markup_language%29 -.. _Markdown: http://en.wikipedia.org/wiki/Markdown -.. _reST (reStructured Text): http://en.wikipedia.org/wiki/ReStructuredText -.. _PyTextile: http://loopcore.com/python-textile/ -.. _Python-markdown: http://pypi.python.org/pypi/Markdown -.. _doc-utils: http://docutils.sf.net/ - -reStructured Text ------------------ - -When using the ``restructuredtext`` markup filter you can define a -:setting:`RESTRUCTUREDTEXT_FILTER_SETTINGS` in your django settings to -override the default writer settings. See the `restructuredtext writer -settings`_ for details on what these settings are. - -.. warning:: - - reStructured Text has features that allow raw HTML to be included, and that - allow arbitrary files to be included. These can lead to XSS vulnerabilities - and leaking of private information. It is your responsibility to check the - features of this library and configure appropriately to avoid this. See the - `Deploying Docutils Securely - <http://docutils.sourceforge.net/docs/howto/security.html>`_ documentation. - -.. _restructuredtext writer settings: http://docutils.sourceforge.net/docs/user/config.html#html4css1-writer - -Markdown --------- - -The Python Markdown library supports options named "safe_mode" and -"enable_attributes". Both relate to the security of the output. To enable both -options in tandem, the markdown filter supports the "safe" argument:: - - {{ markdown_content_var|markdown:"safe" }} - -.. warning:: - - Versions of the Python-Markdown library prior to 2.1 do not support the - optional disabling of attributes. This is a security flaw. Therefore, - ``django.contrib.markup`` has dropped support for versions of - Python-Markdown < 2.1 in Django 1.5. diff --git a/docs/ref/settings.txt b/docs/ref/settings.txt index 5815062266..bcc2a461c7 100644 --- a/docs/ref/settings.txt +++ b/docs/ref/settings.txt @@ -1502,20 +1502,6 @@ Default: ``()`` (Empty tuple) A tuple of profanities, as strings, that will be forbidden in comments when ``COMMENTS_ALLOW_PROFANITIES`` is ``False``. -.. setting:: RESTRUCTUREDTEXT_FILTER_SETTINGS - -RESTRUCTUREDTEXT_FILTER_SETTINGS --------------------------------- - -Default: ``{}`` - -A dictionary containing settings for the ``restructuredtext`` markup filter from -the :doc:`django.contrib.markup application </ref/contrib/markup>`. They override -the default writer settings. See the Docutils restructuredtext `writer settings -docs`_ for details. - -.. _writer settings docs: http://docutils.sourceforge.net/docs/user/config.html#html4css1-writer - .. setting:: ROOT_URLCONF ROOT_URLCONF diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt index 4bbc839bea..867d1e5cc0 100644 --- a/docs/ref/templates/builtins.txt +++ b/docs/ref/templates/builtins.txt @@ -2356,16 +2356,6 @@ django.contrib.humanize A set of Django template filters useful for adding a "human touch" to data. See :doc:`/ref/contrib/humanize`. -django.contrib.markup -^^^^^^^^^^^^^^^^^^^^^ - -A collection of template filters that implement these common markup languages: - -* Textile -* Markdown -* reST (reStructuredText) - -See the :doc:`markup documentation </ref/contrib/markup>`. django.contrib.webdesign ^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/docs/topics/security.txt b/docs/topics/security.txt index 9c4c4bbd9e..07b8ebcdd2 100644 --- a/docs/topics/security.txt +++ b/docs/topics/security.txt @@ -48,13 +48,6 @@ escaping. You should also be very careful when storing HTML in the database, especially when that HTML is retrieved and displayed. -Markup library --------------- - -If you use :mod:`django.contrib.markup`, you need to ensure that the filters are -only used on trusted input, or that you have correctly configured them to ensure -they do not allow raw HTML output. See the documentation of that module for more -information. Cross site request forgery (CSRF) protection ============================================ |
