| Age | Commit message (Collapse) | Author |
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@12169 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
#12219, refs #12427).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11994 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
This monster of a patch is the result of Alex Gaynor's 2009 Google Summer of Code project.
Congratulations to Alex for a job well done.
Big thanks also go to:
* Justin Bronn for keeping GIS in line with the changes,
* Karen Tracey and Jani Tiainen for their help testing Oracle support
* Brett Hoerner, Jon Loyens, and Craig Kimmerer for their feedback.
* Malcolm Treddinick for his guidance during the GSoC submission process.
* Simon Willison for driving the original design process
* Cal Henderson for complaining about ponies he wanted.
... and everyone else too numerous to mention that helped to bring this feature into fruition.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11952 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
removed, and turned on by default.
This is a large change to CSRF protection for Django. It includes:
* removing the dependency on the session framework.
* deprecating CsrfResponseMiddleware, and replacing with a core template tag.
* turning on CSRF protection by default by adding CsrfViewMiddleware to
the default value of MIDDLEWARE_CLASSES.
* protecting all contrib apps (whatever is in settings.py)
using a decorator.
For existing users of the CSRF functionality, it should be a seamless update,
but please note that it includes DEPRECATION of features in Django 1.1,
and there are upgrade steps which are detailed in the docs.
Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work
on the patch, and to lots of other people including Simon Willison and
Russell Keith-Magee who refined the ideas.
Details of the rationale for these changes is found here:
http://code.djangoproject.com/wiki/CsrfProtection
As of this commit, the CSRF code is mainly in 'contrib'. The code will be
moved to core in a separate commit, to make the changeset as readable as
possible.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
support for Python 2.3 -- and added a quick FAQ about that dropping of support.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11640 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
to work after URLpatterns are introduced. Thanks to carljm for the report and draft patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11621 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
year where that isn't required. Thanks to tommstein for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11538 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
to rbonvall for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11344 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
counting to four. Thanks to msgre for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11235 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
urlpattern definition. Thanks to swatermasysk for the suggestion.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11052 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Thanks to jjinux for the review notes.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11044 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Thanks to marcalj for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11021 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
this case. Thanks to bruce@z2a.org for the report. Refs #9771.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10973 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
as the links to the unicode method description in the tutorial part 1. Having one be fully qualified while the other was not was odd-looking.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10843 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
point where an account is needed, so that readers who neglected to create one earlier (or who forgot the password) don't get stuck or think they have to start all over. Thanks cwolf127 and timo.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10810 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
tutorial. Thanks rm and timo.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10808 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
complaint from someone following the tutorial that they got to that step and the admin stopped working and they weren't sure why
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10727 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Fixes #8358, #8396, #8724, #9043, #9128, #9247, #9267, #9267, #9375, #9409, #9414, #9416, #9446, #9454, #9464, #9503, #9518, #9533, #9657, #9658, #9683, #9733, #9771, #9835, #9836, #9837, #9897, #9906, #9912, #9945, #9986, #9992, #10055, #10084, #10091, #10145, #10245, #10257, #10309, #10358, #10359, #10424, #10426, #10508, #10531, #10551, #10635, #10637, #10656, #10658, #10690, #10699, #19528.
Thanks to all the respective authors of those tickets.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10371 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
#9529,
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10303 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10263 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
#10568, #10569, #10614, #10617, #10619 -- Fixed several typos as well as a couple minor issues in the docs, patches from timo, nih, bthomas, rduffield, UloPe, and sebleier@gmail.com.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10242 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
"Decoupling the URLconfs" section at the end of tutorial three, patch from programmerq.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@10202 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Gaynor.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9892 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
This *is* backwards compatible, but `admin.site.root()` has been deprecated. The new style is `('^admin/', include(admin.site.urls))`; users will need to update their code to take advantage of the new customizable admin URLs.
Thanks to Alex Gaynor.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9739 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9632 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9323 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
by the recent Python docs refactor.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9312 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9310 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9134 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9041 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
a template variable as a function. Thanks to zen for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9022 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9021 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9014 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9012 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
#8891
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9011 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@9010 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8993 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
Correia
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8986 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8906 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
tutorial. Thanks, ericvw.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8859 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
* Removed flatpages/redirects README; no other contrib apps have those.
* Cleaned up top-level README to be more readable.
* Removed outdated references to old docs (Fixes #8701)
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8857 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
"versionadded/versionchanged" directives. Thanks to Marc Fargas for all the heavy lifting here.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8843 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8736 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
arien for the patch.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8658 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
search. Thanks to Manuel Saelices for the report.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8654 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
* Removed `Manipulator`, `AutomaticManipulator`, and related classes.
* Removed oldforms specific bits from model fields:
* Removed `validator_list` and `core` arguments from constructors.
* Removed the methods:
* `get_manipulator_field_names`
* `get_manipulator_field_objs`
* `get_manipulator_fields`
* `get_manipulator_new_data`
* `prepare_field_objs_and_params`
* `get_follow`
* Renamed `flatten_data` method to `value_to_string` for better alignment with its use by the serialization framework, which was the only remaining code using `flatten_data`.
* Removed oldforms methods from `django.db.models.Options` class: `get_followed_related_objects`, `get_data_holders`, `get_follow`, and `has_field_type`.
* Removed oldforms-admin specific options from `django.db.models.fields.related` classes: `num_in_admin`, `min_num_in_admin`, `max_num_in_admin`, `num_extra_on_change`, and `edit_inline`.
* Serialization framework
* `Serializer.get_string_value` now calls the model fields' renamed `value_to_string` methods.
* Removed a special-casing of `models.DateTimeField` in `core.serializers.base.Serializer.get_string_value` that's handled by `django.db.models.fields.DateTimeField.value_to_string`.
* Removed `django.core.validators`:
* Moved `ValidationError` exception to `django.core.exceptions`.
* For the couple places that were using validators, brought over the necessary code to maintain the same functionality.
* Introduced a SlugField form field for validation and to compliment the SlugField model field (refs #8040).
* Removed an oldforms-style model creation hack (refs #2160).
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8616 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
be consistent with the change in [8432]. Thanks ramiro for catching this.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8585 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
rewritten for the new admin.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8584 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
originally written by Leo Soto, and then cleaned up a bit by me.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8582 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|
|
document. Based on a patch from mk.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@8574 bcc190cf-cafb-0310-a4f2-bffc1f526a37
|