summaryrefslogtreecommitdiff
path: root/django/utils
AgeCommit message (Collapse)Author
2015-01-02[1.7.x] Updated six to 1.9.0.Tim Graham
Backport of 52f0b2b62262743d5f935ddae29428e661b5d8ea from master
2014-12-27[1.7.x] Fixed #23831 -- Supported strings escaped by third-party libs in Django.Aymeric Augustin
Refs #7261 -- Made strings escaped by Django usable in third-party libs. The changes in mark_safe and mark_for_escaping are straightforward. The more tricky part is to handle correctly objects that implement __html__. Historically escape() has escaped SafeData. Even if that doesn't seem a good behavior, changing it would create security concerns. Therefore support for __html__() was only added to conditional_escape() where this concern doesn't exist. Then using conditional_escape() instead of escape() in the Django template engine makes it understand data escaped by other libraries. Template filter |escape accounts for __html__() when it's available. |force_escape forces the use of Django's HTML escaping implementation. Here's why the change in render_value_in_context() is safe. Before Django 1.7 conditional_escape() was implemented as follows: if isinstance(text, SafeData): return text else: return escape(text) render_value_in_context() never called escape() on SafeData. Therefore replacing escape() with conditional_escape() doesn't change the autoescaping logic as it was originally intended. This change should be backported to Django 1.7 because it corrects a feature added in Django 1.7. Thanks mitsuhiko for the report. Backport of 6d52f6f from master.
2014-12-27[1.7.x] Fixed an inconsistency introduced in 547b1810.Aymeric Augustin
mark_safe and mark_for_escaping should have been kept similar. On Python 2 this change has no effect. On Python 3 it fixes the use case shown in the regression test for mark_for_escaping, which used to raise a TypeError. The regression test for mark_safe is just for completeness. Backport of 5c5eb5fe from master.
2014-12-22[1.7.x] Fixed #23998 -- Added datetime.time support to migrations questioner.Oscar Ramirez
Backport of 54085b0f9ba7d9f705f9b9c90d3433b0ef6aa042 from master
2014-11-24[1.7.x] Fixed typo in django/utils/decorators.py comment.Tom V
Backport of d049b36f91538595b9c7cdb7a1506c130803d226 from master
2014-11-13[1.7.x] Removed thread customizations of six which are now built-in.Tim Graham
Backport of 7ef81b5cdd from master
2014-11-04[1.7.x] Updated six to 1.8.0.Tim Graham
Backport of 81477c91f6 from master
2014-10-30[1.7.x] Fixed #23558 -- documented slugify limitationsDavid Hoffman
Backport of 03467368db from master
2014-10-08[1.7.x] Fixed #23333 -- Made urlsafe_base64_decode() return proper type on ↵Ian Foote
Python 3. Backport of 03d89168a2 from master
2014-10-06[1.7.x] Fixed #23593 -- Fixed crash in AdminEmailHandler with non-ASCII ↵Tim Graham
characters in request. Thanks edevil for the report and Simon Charette for review. Backport of 9dff5ce7c7 from master
2014-09-10[1.7.x] Avoided using deprecated version of importlib; refs #23418.Tim Graham
Backport of fbeb7979ee from master
2014-09-08[1.7.x] Fixed flake8 warning.Tim Graham
Backport of 5cba975d26 from master
2014-09-08[1.7.x] Fixed #23418 -- Fail when migration deconstruct produces invalid importMarkus Holtermann
Backport of d28b5f13b3 from master
2014-08-30[1.7.x] Fixed #22820 -- Treated int and long types alike in lazy_numberClaude Paroz
Thanks kwist for the report and the initial patch. Backport of 5021421799 from master.
2014-08-12[1.7.x] Revert "Applied unicode_literals to makemessages command"Claude Paroz
This reverts commit cdfefbec7 as it caused a regression (#23271).
2014-07-25[1.7.x] Fixed #23083 -- Fixed runserver reloading when deleting a file.Tim Graham
Thanks Collin Anderson for the report and hirokiky for the fix. Backport of b8cb5ba708 from master
2014-07-15[1.7.x] Fixed #22991 -- Prevented *.pyc files in autoreload monitoringClaude Paroz
This fixes a regression introduced in 6d302f639. Thanks lorinkoz at gmail.com for the report, Collin Anderson for the initial patch and Simon Charette for the review. Backport of 4e424084e from master.
2014-07-07[1.7.x] Fixed flake8 errors.Tim Graham
Backport of fddd95254e from master
2014-07-06[1.7.x] Fixed pyinotify performance regression in 15f82c7011Claude Paroz
Refs #9722. Thanks Tim Graham for the review. Backport of 6d302f639 from master.
2014-06-26[1.7.x] Fixed #22857 -- Reset translations when only .mo file changedClaude Paroz
No need to restart the server when a translation file changes. Refs #9523. Thanks artscoop for the report and Tim Graham for the review. Backport of 0d363b25b8 from master
2014-06-25[1.7.x] Fixed #22814 -- Allowed ISO-8601 [+-]hh timezone format in ↵Richard Eames
parse_datetime Backport of 7beaeeed from master.
2014-06-23[1.7.x] Cleaned temp dir in symlinks_supported()Claude Paroz
Refs #21482. Backport of 18b3788401 from master.
2014-06-23[1.7.x] Fixed #8033 -- Explained app registry error during translation setupClaude Paroz
Thanks Tim Graham and Aymeric Augustin for the review. Backport of 9618d68b34 from master.
2014-06-13[1.7.x] Added django.utils.six.buffer_typesShai Berger
and used it in the Oracle SchemaEditor. Refs #22715. Backport of 06c0e740a4 from master
2014-06-07[1.7.x] Fixed #20815 -- Don't enforce unbuffered I/O on Python 3.Aymeric Augustin
No test because this code is already deprecated (part of FastCGI support). Backport of 5836a577 from master
2014-06-06[1.7.x] Fixed #22773 -- Forced templatize() to return unicodeClaude Paroz
Backport of daaeb84158 from master.
2014-06-03[1.7.x] Fixed #22681 -- Made TarArchive recognize leading directories properly.Alexandr Shurigin
Backport of 083d285b82 from master
2014-05-29[1.7.x] Fixed several typos in DjangoAlex Gaynor
Backport of 1dcc603eff from master
2014-05-25[1.7.x] Removed code deprecated from Django 1.2Claude Paroz
Backport of 2779c299c8 from master.
2014-05-24[1.7.x] Applied unicode_literals to makemessages commandClaude Paroz
This also fixes #22686 as some sort of side-effect. Backport of dbb48d2bb99 from master.
2014-05-24[1.7.x] Removed translatability of PIL error messagesClaude Paroz
Note these are no longer in master anyway.
2014-05-17[1.7.x] Fixed several flake8 errors, including one where a test wouldn't be runAlex Gaynor
Backport of b6b873d2ada0d7c2a616d11f161a7688df15f45f from master
2014-05-16[1.7.x] Optimized make_aware/naive by removing redundant checks. Refs #22625.Aymeric Augustin
Also added tests with pytz and removed misplaced tests. Backport of 1109ebd from master
2014-05-16[1.7.x] Fixed #22625 -- Normalized make_aware/naive errors.Aymeric Augustin
Also added tests for is/make_aware/naive. Thanks Tom Michaelis for the report. Backport of fa89acf from master
2014-05-15[1.7.x] typo: urlaprse -> urlparseCollin Anderson
Backport of 8a2f04db91 from master
2014-05-14[1.7.x] Added additional checks in is_safe_url to account for flexible parsing.Erik Romijn
This is a security fix. Disclosure following shortly.
2014-05-06[1.7.x] Fixed #22586 -- Added LANGUAGE_SESSION_KEY to __all__.Tim Graham
Thanks david.fischer.ch at gmail.com for the report. Backport of 4492ea5475 from master
2014-05-02[1.7.x] Fixed #22565 -- Prevented pgettext_lazy crash with bytestring inputClaude Paroz
Thanks ygbo for the report. Backport of 142c27218 from master.
2014-04-29[1.7.x] Use the new implementation of `six.with_metaclass`.Simon Charette
No more `NewBase` horrors. Thanks to bendavis78 for his work on merging this into six. Backport of a2340ac6d6 from master
2014-04-26[1.7.x] Fix many many typos in comments throughout the codebaseAlex Gaynor
Backport of 2bcb8bfc8d from master
2014-04-21[1.7.x] Appeased flake8 2.1.0.Aymeric Augustin
Backport of 428c0bbe1bcd303560d7e96d7d2721ff3fdc0e3f from master
2014-04-21[1.7.x] Corrected many style guide violations that the newest version of ↵Alex Gaynor
flake8 catches Backport of 778ce245dd466bce1b19f89e52cf9ed8f1b46513 from master
2014-04-03[1.7.x] Refactored and commented strip_tags utilityTomasz Wysocki
Backport of c28beb4291 from master.
2014-03-29[1.7.x] Increased memoization cache size for language codes.Aymeric Augustin
There may be more than 100 (default maxsize) commonly seen xx-yy values on some sites. The additional memory consumption isn't significant. Also added a comment explaining why this cache must have a maxsize. Backport of f356b6e from master.
2014-03-27[1.7.x] Add a useful stacklevel to some RemovedInDjango19WarningsChris Beaven
Backport of b077ba7ac1 from master
2014-03-26[1.7.x] Fixed Python 3.4 test failure.Tim Graham
Backport of 45ef4baf5c from master
2014-03-24[1.7.x] Updated six to 1.6.1.Tim Graham
Backport of 2ec82c7387 from master
2014-03-22[1.7.x] Removed an unused variable.Alex Gaynor
Backport of 684e8a941b from master
2014-03-22[1.7.x] Improved strip_tags and clarified documentationClaude Paroz
The fact that strip_tags cannot guarantee to really strip all non-safe HTML content was not clear enough. Also see: https://www.djangoproject.com/weblog/2014/mar/22/strip-tags-advisory/ Backport of 6ca6c36f82b from master.
2014-03-19Merge pull request #2221 from bmispelon/LazyObject-refactorAndrew Godwin
Fixed #21840 -- Moved dunder methods from SimpleLazyObject to LazyObject...