| Age | Commit message (Collapse) | Author |
|
email sending fails.
On successful submission of a password reset request, an email is sent
to the accounts known to the system. If sending this email fails (due to
email backend misconfiguration, service provider outage, network issues,
etc.), an attacker might exploit this by detecting which password reset
requests succeed and which ones generate a 500 error response.
Thanks to Thibaut Spriet for the report, and to Mariusz Felisiak, Adam
Johnson, and Sarah Boyce for the reviews.
|
|
urlizetrunc template filters.
Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report.
|
|
ValueError in get_supported_language_variant().
LocaleMiddleware didn't handle the ValueError raised by
get_supported_language_variant() when language codes were
over 500 characters.
Regression in 9e9792228a6bb5d6402a5d645bc3be4cf364aefb.
Backport of 0e94f292cda632153f2b3d9a9037eb0141ae9c2e from main.
|
|
get_supported_language_variant().
Language codes are now parsed with a maximum length limit of 500 chars.
Thanks to MProgrammer for the report.
|
|
lawrence.com has since become a redirect to LJWorld.com,
making the link pointless.
Backport of 9e7ac5890147a8271eb5eb19bb88ab93dadc6c6d from main
|
|
The OWASP site is the standard resource for web application
security information.
Backport of aceee39d44994df20d13104e55ae61845d7a1e95 from main
|
|
theming support docs.
Backport of 640283711e6c8d25ad0e3c97453cd178a3e4d6a6 from main
|
|
Co-authored-by: David Sanders <shang.xiao.sanders@gmail.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Backport of f7389c4b07ceeb036436e065898e411b247bca78 from main
|
|
ManifestStaticFilesStorage.
Backport of 116e225266c511dfc0bfc96c8497e9c8aaa4d004 from main
|
|
Backport of 8992a0489c01ac8ab7283264a315c005511323e2 from main
|
|
Backport of c42250a7039a5ace1b482b30c6a1359b748cae65 from main
|
|
Backport of 8adc7c86ab85ed91e512bc49056e301cbe1715d0 from main
|
|
setting docs.
Backport of 90c75dc4f37bee19b7c3790519d187e38e293800 from main
|
|
model fields in __init__.
Backport of e47298aec4fa04416e7082331fbd44bd9f2662aa from main
|
|
Backport of f9cdecfb0de40698eb2ce44c04068bb091fa8998 from main
|
|
django.utils.text.Truncator when truncating HTML text.
Thanks Wenchao Li of Alibaba Group for the report.
|
|
Backport of 571bab98879578b6ef54ee654ead06736855767d from main
|
|
return None.
Backport of 78b5c9075348aa12da2e024f6ece29d1d652dfdd from main
|
|
GenericRelation is a reverse generic relationship so it's always
homogeneous. Mentioning this as a restriction is confusing.
Backport of 88b5b7b8e56667b0f55ea6f04038b6ac77c57b98 from main
|
|
Backport of 5bfb3cbf49e2b9701e7c42989e14a72374adb6bd from main
|
|
extra context value.
Backport of 428023e2677aeb80d86b19f90b0c6b82c7cb666d from main
|
|
Backport of 5a3725594faacc412e2d2b4ed160370228f1a118 from main
|
|
Backport of af0c5caff72e5ffda4dff708a57e37ae4778197d from main
|
|
configuration.
Backport of 86561844ce66cda3e6a8c22d4ace4c2d1bc1f2e7 from main
|
|
Backport of 02376f1f53db24039c200ef4818d96accf16a88b from main
|
|
Removed assignment in example for Blog annotation to match shown result.
Backport of addbc90049083f1d5f7ac138ed00111b71a75233 from main
|
|
aggregated fields.
Backport of b126f694160c4641e64e57dba6b022f06fbfa745 from main
|
|
|
|
regarding safe and unsafe usages.
Backport of adfb3dfa89b62ee0c838a64d3d480c03dd3ec869 from main
|
|
and URLValidator.
Thanks Seokchan Yoon for reports.
|
|
Backport of 679928834295ebd874ede667dbaae8a7945d3580 from main
|
|
Backport of c4a09499aa760c92969083b4639703b5b0a562fb from main
|
|
Backport of ddb6506618ea52c6b20e97eefad03ed847a1e3de from main
|
|
escaped.
Backport of 4037223d0f12c44ecd6f369ccbabcbd279a1bdbc from main
|
|
Backport of b0a6cc7f5738d6b959faf10354b772338f611fd9 from main
|
|
Backport of 1a59a324cec5caf12ea0c4947564828aa7bda02a from main.
|
|
Backport of eb9df03a43f34c44131ec3a295643327b8a68bb4 from main
|
|
Thanks David Sanders for the report.
Backport of c52f4295f254e1c14af769d22b1a5f516a941f58 from main
|
|
Backport of 93830abf7694e0f281931f10eeaa34993855e7dd from main
|
|
and strings iterators.
Backport of 599f3e2cda50ab084915ffd08edb5ad6cad61415 from main
|
|
Backport of e901407e2369ddb16a5c866e1f2fbf8ea8acf549 from main
|
|
Backport of 12ec80726f33e8dbd80de3cecf48d76ac4c0aa89 from main
|
|
Backport of 024954aad4c422a091b7afab42fff1a9d7478fce from main
|
|
in docs.
Backport of 5c456a879300e5f51010d3f6aa7449302413efed from main
|
|
Backport of 23d24f82a7450ef5d369845e18cc0130be5bac6c from main
|
|
Backport of c487634c106888effbba680e02269e489ab911a6 from main
|
|
chaining.
Backport of 0494efddc422716431b92896899284b6afebb23a from main
|
|
Backport of 01ae9d4ca9afdaf30a247e10e8333261a7d8224c from main
|
|
Backport of 57f2b935b34d148c3c0d906fc8256765004b7b77 from main
|
|
Co-authored-by: Mariusz Felisiak <felisiak.mariusz@gmail.com>
Backport of 2c4dc6476083c853b654e462c7ff65dbe0334c9e from main
|