| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2016-06-17 | [1.10.x] Refs #26601 -- Improved backwards-compatibility of DEP 5 middleware ↵ | Carl Meyer | |
| exception handling. Backport of 7d1b69dbe7f72ac04d2513f0468fe2146231b286 from master | |||
| 2016-05-17 | Fixed #26601 -- Improved middleware per DEP 0005. | Florian Apolloner | |
| Thanks Tim Graham for polishing the patch, updating the tests, and writing documentation. Thanks Carl Meyer for shepherding the DEP. | |||
| 2016-05-12 | Fixed #21231 -- Enforced a max size for GET/POST values read into memory. | Andre Cruz | |
| Thanks Tom Christie for review. | |||
| 2016-05-10 | Fixed #24046 -- Deprecated the "escape" half of utils.safestring. | Tim Graham | |
| 2016-05-10 | Stopped truncating AdminEmailHandler message subjects | Claude Paroz | |
| Refs #26572, #17281. The RFC doesn't limit total length, just the line length which is already taken care of by Python itself. Thanks Tim Graham for the review. | |||
| 2016-05-10 | Fixed #26580 -- Updated references to obsolete RFC 2822. | Vasiliy Faronov | |
| Didn't rename django.utils.feedgenerator.rfc2822_date() as some external code may rely on it. | |||
| 2016-05-03 | Fixed #26567 -- Updated references to obsolete RFC2616. | Vasiliy Faronov | |
| Didn't touch comments where it wasn't obvious that the code adhered to the newer standard. | |||
| 2016-04-20 | Fixed #26281 -- Added a helpful error message for an invalid format ↵ | Marko Benko | |
| specifier to dateformat.format(). | |||
| 2016-04-09 | Fixed #25847 -- Made User.is_(anonymous|authenticated) properties. | Jeremy Lainé | |
| 2016-04-08 | Fixed E128 flake8 warnings in django/. | Tim Graham | |
| 2016-04-06 | Removed unused django.utils.http.PROTOCOL_TO_PORT. | Tim Graham | |
| Unused since b0c56b895fd2694d7f5d4595bdbbc41916607f45. | |||
| 2016-04-04 | Fixed W503 flake8 warnings. | Tim Graham | |
| 2016-03-26 | Refs #18239 -- Removed an obsolete workaround for bugs in HTMLParser. | Tim Graham | |
| 2016-03-23 | Fixed #26378 -- Allowed a left byte of zero in mixed IPv4/IPv6 validation. | Amine Yaiche | |
| 2016-03-08 | Reused the DjangoTranslation class for the javascript_catalog view | Claude Paroz | |
| Thanks Tim Graham and Cristiano Coelho for the reviews. Refs #26328, #26319. | |||
| 2016-03-04 | Added safety to URL decoding in is_safe_url() on Python 2 | Claude Paroz | |
| The errors='replace' parameter to force_text altered the URL before checking it, which wasn't considered sane. Refs 24fc935218 and ada7a4aef. | |||
| 2016-03-04 | Fixed #26308 -- Prevented crash with binary URLs in is_safe_url() | Claude Paroz | |
| This fixes a regression introduced by c5544d28923. Thanks John Eskew for the reporti and Tim Graham for the review. | |||
| 2016-03-01 | Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth. | Mark Striemer | |
| This is a security fix. | |||
| 2016-02-25 | Fixed #26269 -- Prohibited spaces in is_valid_ipv6_address(). | Nick Malakhov | |
| 2016-02-15 | Fixed #26212 -- Made forms.FileField and translation.lazy_number() picklable. | Alexey Kotlyarov | |
| 2016-02-15 | Fixed #26193 -- Made urlize() trim multiple trailing punctuation. | Jon Dufresne | |
| 2016-02-09 | Fixed #26173 -- Prevented localize_input() from formatting booleans as numbers. | Marcin Markiewicz | |
| 2016-01-26 | Fixed #26122 -- Fixed copying a LazyObject | Ben Kraft | |
| Shallow copying of `django.utils.functional.LazyObject` or its subclasses has been broken in a couple of different ways in the past, most recently due to 35355a4. | |||
| 2016-01-25 | Fixed #26125 -- Fixed E731 flake warnings. | userimack | |
| 2016-01-23 | Fixed #26093 -- Allowed escape sequences extraction by gettext on Python 3 | Claude Paroz | |
| Thanks Sylvain Fankhauser for the report and Tim Graham for the review. | |||
| 2016-01-14 | Fixed #25999 -- Removed promotion of RemovedInNextVersionWarning to loud by ↵ | Tim Graham | |
| default. | |||
| 2016-01-13 | Refs #25769 -- Updated docs to reflect get_version() uses PEP 0440. | Tim Graham | |
| 2016-01-11 | Fixed #25684 -- Made runserver use logging for request/response output. | Flavio Curella | |
| Thanks andreif for the contributing to the patch. | |||
| 2016-01-06 | Fixed #26046 -- Fixed a crash with translations and Django-unknown language code | Claude Paroz | |
| Thanks Jens Lundstrom for the report and Tim Graham for the review. | |||
| 2016-01-05 | Replaced dict.setdefault() usage to avoid unnecessary object instantiations. | Benjamin Bach | |
| 2016-01-05 | Fixed #26024 -- Fixed regression in ConditionalGetMiddleware ETag support. | Denis Cornehl | |
| Thanks Denis Cornehl for help with the patch. | |||
| 2015-12-18 | Fixed #25915 -- Allowed language not in Django's default LANGUAGES | Claude Paroz | |
| This fixes a regression introduced by a5f6cbce07. Thanks Gavin Wahl for the report and Tim Graham for the review. | |||
| 2015-12-13 | Fixed #25875 -- Prevented UnicodeDecodeError for Q object repr | Claude Paroz | |
| Thanks Ben Kraft for the report, and Simon Charette for the review. | |||
| 2015-12-12 | Fixed #20223 -- Added keep_lazy() as a replacement for allow_lazy(). | Iacopo Spalletti | |
| Thanks to bmispelon and uruz for the initial patch. | |||
| 2015-12-03 | Fixed #25761 -- Added __cause__.__traceback__ to reraised exceptions. | Raphaël Hertzog | |
| When Django reraises an exception, it sets the __cause__ attribute even in Python 2, mimicking Python's 3 behavior for "raise Foo from Bar". However, Python 3 also ensures that all exceptions have a __traceback__ attribute and thus the "traceback2" Python 2 module (backport of Python 3's "traceback" module) relies on the fact that whenever you have a __cause__ attribute, the recorded exception also has a __traceback__ attribute. This is breaking testtools which is using traceback2 (see https://github.com/testing-cabal/testtools/issues/162). This commit fixes this inconsistency by ensuring that Django sets the __traceback__ attribute on any exception stored in a __cause__ attribute of a reraised exception. | |||
| 2015-11-28 | Fixed #25812 -- Restored the ability to use custom formats with the date ↵ | Gagaro | |
| template filter. | |||
| 2015-11-24 | Fixed a settings leak possibility in the date template filter. | Florian Apolloner | |
| This is a security fix. | |||
| 2015-11-19 | Fixed #25769 -- Updated get_version() release candidate naming for PEP 0440. | Tim Graham | |
| 2015-11-18 | Removed redundant termcolors. | Tim Graham | |
| Replaced MIGRATE_SUCCESS and MIGRATE_FAILURE with SUCCESS and ERROR. | |||
| 2015-11-17 | Fixed #25682 -- Removed bare except clauses. | Attila Tovt | |
| 2015-11-12 | Fixed #25743 -- Optimized utils.localize() and localize_input() | Jaap Roes | |
| Bail early if the input is a string since that's the most common case. | |||
| 2015-11-11 | Fixed #25720 -- Made gettext() return bytestring on Python 2 if input is ↵ | Marti Raudsepp | |
| bytestring. This is consistent with the behavior of Django 1.7.x and earlier. | |||
| 2015-11-10 | Updated six to 1.10.0. | Tim Graham | |
| 2015-11-09 | Fixed #6727 -- Made patch_cache_control() patch an empty Cache-Control header. | Dwight Gunning | |
| 2015-11-07 | Fixed debug view crash during autumn DST change. | Aymeric Augustin | |
| This only happens if USE_TZ = False and pytz is installed (perhaps not the most logical combination, but who am I to jugde?) Refs #23714 which essentially fixed the same problem when USE_TZ = True. Thanks Florian and Carl for insisting until I wrote a complete patch. | |||
| 2015-11-07 | Amended comment to remove reference to the no longer used NullHandler | Neal Todd | |
| 2015-11-03 | Fixed #25668 -- Misc spelling errors | Ville Skyttä | |
| 2015-10-26 | Fixed #25611 -- Standardized descriptor signatures. | Tim Graham | |
| 2015-10-22 | Fixed #25571 -- Fixed boolean evaluation of ungettext_lazy | Claude Paroz | |
| 2015-10-05 | Removed SimpleLazyObject workaround for a Python 3 bug. | Tim Graham | |
| The workaround added in fe8484efda257e151d9c1ca5151e546c9262bf0f seems unnecessary as the Python bug is fixed in Python 3.4. | |||
