summaryrefslogtreecommitdiff
path: root/django/utils
AgeCommit message (Collapse)Author
2016-06-17[1.10.x] Refs #26601 -- Improved backwards-compatibility of DEP 5 middleware ↵Carl Meyer
exception handling. Backport of 7d1b69dbe7f72ac04d2513f0468fe2146231b286 from master
2016-05-17Fixed #26601 -- Improved middleware per DEP 0005.Florian Apolloner
Thanks Tim Graham for polishing the patch, updating the tests, and writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-12Fixed #21231 -- Enforced a max size for GET/POST values read into memory.Andre Cruz
Thanks Tom Christie for review.
2016-05-10Fixed #24046 -- Deprecated the "escape" half of utils.safestring.Tim Graham
2016-05-10Stopped truncating AdminEmailHandler message subjectsClaude Paroz
Refs #26572, #17281. The RFC doesn't limit total length, just the line length which is already taken care of by Python itself. Thanks Tim Graham for the review.
2016-05-10Fixed #26580 -- Updated references to obsolete RFC 2822.Vasiliy Faronov
Didn't rename django.utils.feedgenerator.rfc2822_date() as some external code may rely on it.
2016-05-03Fixed #26567 -- Updated references to obsolete RFC2616.Vasiliy Faronov
Didn't touch comments where it wasn't obvious that the code adhered to the newer standard.
2016-04-20Fixed #26281 -- Added a helpful error message for an invalid format ↵Marko Benko
specifier to dateformat.format().
2016-04-09Fixed #25847 -- Made User.is_(anonymous|authenticated) properties.Jeremy Lainé
2016-04-08Fixed E128 flake8 warnings in django/.Tim Graham
2016-04-06Removed unused django.utils.http.PROTOCOL_TO_PORT.Tim Graham
Unused since b0c56b895fd2694d7f5d4595bdbbc41916607f45.
2016-04-04Fixed W503 flake8 warnings.Tim Graham
2016-03-26Refs #18239 -- Removed an obsolete workaround for bugs in HTMLParser.Tim Graham
2016-03-23Fixed #26378 -- Allowed a left byte of zero in mixed IPv4/IPv6 validation.Amine Yaiche
2016-03-08Reused the DjangoTranslation class for the javascript_catalog viewClaude Paroz
Thanks Tim Graham and Cristiano Coelho for the reviews. Refs #26328, #26319.
2016-03-04Added safety to URL decoding in is_safe_url() on Python 2Claude Paroz
The errors='replace' parameter to force_text altered the URL before checking it, which wasn't considered sane. Refs 24fc935218 and ada7a4aef.
2016-03-04Fixed #26308 -- Prevented crash with binary URLs in is_safe_url()Claude Paroz
This fixes a regression introduced by c5544d28923. Thanks John Eskew for the reporti and Tim Graham for the review.
2016-03-01Fixed CVE-2016-2512 -- Prevented spoofing is_safe_url() with basic auth.Mark Striemer
This is a security fix.
2016-02-25Fixed #26269 -- Prohibited spaces in is_valid_ipv6_address().Nick Malakhov
2016-02-15Fixed #26212 -- Made forms.FileField and translation.lazy_number() picklable.Alexey Kotlyarov
2016-02-15Fixed #26193 -- Made urlize() trim multiple trailing punctuation.Jon Dufresne
2016-02-09Fixed #26173 -- Prevented localize_input() from formatting booleans as numbers.Marcin Markiewicz
2016-01-26Fixed #26122 -- Fixed copying a LazyObjectBen Kraft
Shallow copying of `django.utils.functional.LazyObject` or its subclasses has been broken in a couple of different ways in the past, most recently due to 35355a4.
2016-01-25Fixed #26125 -- Fixed E731 flake warnings.userimack
2016-01-23Fixed #26093 -- Allowed escape sequences extraction by gettext on Python 3Claude Paroz
Thanks Sylvain Fankhauser for the report and Tim Graham for the review.
2016-01-14Fixed #25999 -- Removed promotion of RemovedInNextVersionWarning to loud by ↵Tim Graham
default.
2016-01-13Refs #25769 -- Updated docs to reflect get_version() uses PEP 0440.Tim Graham
2016-01-11Fixed #25684 -- Made runserver use logging for request/response output.Flavio Curella
Thanks andreif for the contributing to the patch.
2016-01-06Fixed #26046 -- Fixed a crash with translations and Django-unknown language codeClaude Paroz
Thanks Jens Lundstrom for the report and Tim Graham for the review.
2016-01-05Replaced dict.setdefault() usage to avoid unnecessary object instantiations.Benjamin Bach
2016-01-05Fixed #26024 -- Fixed regression in ConditionalGetMiddleware ETag support.Denis Cornehl
Thanks Denis Cornehl for help with the patch.
2015-12-18Fixed #25915 -- Allowed language not in Django's default LANGUAGESClaude Paroz
This fixes a regression introduced by a5f6cbce07. Thanks Gavin Wahl for the report and Tim Graham for the review.
2015-12-13Fixed #25875 -- Prevented UnicodeDecodeError for Q object reprClaude Paroz
Thanks Ben Kraft for the report, and Simon Charette for the review.
2015-12-12Fixed #20223 -- Added keep_lazy() as a replacement for allow_lazy().Iacopo Spalletti
Thanks to bmispelon and uruz for the initial patch.
2015-12-03Fixed #25761 -- Added __cause__.__traceback__ to reraised exceptions.Raphaël Hertzog
When Django reraises an exception, it sets the __cause__ attribute even in Python 2, mimicking Python's 3 behavior for "raise Foo from Bar". However, Python 3 also ensures that all exceptions have a __traceback__ attribute and thus the "traceback2" Python 2 module (backport of Python 3's "traceback" module) relies on the fact that whenever you have a __cause__ attribute, the recorded exception also has a __traceback__ attribute. This is breaking testtools which is using traceback2 (see https://github.com/testing-cabal/testtools/issues/162). This commit fixes this inconsistency by ensuring that Django sets the __traceback__ attribute on any exception stored in a __cause__ attribute of a reraised exception.
2015-11-28Fixed #25812 -- Restored the ability to use custom formats with the date ↵Gagaro
template filter.
2015-11-24Fixed a settings leak possibility in the date template filter.Florian Apolloner
This is a security fix.
2015-11-19Fixed #25769 -- Updated get_version() release candidate naming for PEP 0440.Tim Graham
2015-11-18Removed redundant termcolors.Tim Graham
Replaced MIGRATE_SUCCESS and MIGRATE_FAILURE with SUCCESS and ERROR.
2015-11-17Fixed #25682 -- Removed bare except clauses.Attila Tovt
2015-11-12Fixed #25743 -- Optimized utils.localize() and localize_input()Jaap Roes
Bail early if the input is a string since that's the most common case.
2015-11-11Fixed #25720 -- Made gettext() return bytestring on Python 2 if input is ↵Marti Raudsepp
bytestring. This is consistent with the behavior of Django 1.7.x and earlier.
2015-11-10Updated six to 1.10.0.Tim Graham
2015-11-09Fixed #6727 -- Made patch_cache_control() patch an empty Cache-Control header.Dwight Gunning
2015-11-07Fixed debug view crash during autumn DST change.Aymeric Augustin
This only happens if USE_TZ = False and pytz is installed (perhaps not the most logical combination, but who am I to jugde?) Refs #23714 which essentially fixed the same problem when USE_TZ = True. Thanks Florian and Carl for insisting until I wrote a complete patch.
2015-11-07Amended comment to remove reference to the no longer used NullHandlerNeal Todd
2015-11-03Fixed #25668 -- Misc spelling errorsVille Skyttä
2015-10-26Fixed #25611 -- Standardized descriptor signatures.Tim Graham
2015-10-22Fixed #25571 -- Fixed boolean evaluation of ungettext_lazyClaude Paroz
2015-10-05Removed SimpleLazyObject workaround for a Python 3 bug.Tim Graham
The workaround added in fe8484efda257e151d9c1ca5151e546c9262bf0f seems unnecessary as the Python bug is fixed in Python 3.4.