| Age | Commit message (Collapse) | Author | |
|---|---|---|---|
| 2015-08-18 | [1.7.x] Fixed DoS possiblity in contrib.auth.views.logout() | Tim Graham | |
| Refs #20936 -- When logging out/ending a session, don't create a new, empty session. Previously, when logging out, the existing session was overwritten by a new sessionid instead of deleting the session altogether. This behavior added overhead by creating a new session record in whichever backend was in use: db, cache, etc. This extra session is unnecessary at the time since no session data is meant to be preserved when explicitly logging out. Backport of 393c0e24223c701edeb8ce7dc9d0f852f0c081ad, 088579638b160f3716dc81d194be70c72743593f, and 2dee853ed4def42b7ef1b3b472b395055543cc00 from master Thanks Florian Apolloner and Carl Meyer for review. This is a security fix. | |||
| 2015-04-24 | [1.7.x] Updated startproject MIDDLEWARE_CLASSES in docs. | Daniel Harding | |
| Backport of ad31bc0565914c4676bfb7c116c4be407a367be4 from master | |||
| 2015-01-16 | [1.7.x] Fixed #24143 -- Encouraged use of Http404 messages for debugging. | Keryn Knight | |
| Backport of 726a9550db5129badc1c44809b0bed728fa1ad90 from master | |||
| 2014-11-03 | [1.7.x] Fixed versionchanged indentation in docs/. | Berker Peksag | |
| Backport of 5c517ec218 from master | |||
| 2014-10-16 | [1.7.x] Fixed some intersphinx references. | Tim Graham | |
| Backport of babbf18999 from master | |||
| 2014-10-01 | [1.7.x] Fixed #23578 -- Changed examples in docs to use patterns | Alasdair Nicol | |
| 2014-08-26 | [1.7.x] Fixed #17707, #20734 -- Added examples to URL namespacing docs. | Tim Graham | |
| Thanks Daniele Procida for review. Backport of a2bcec3491 from master | |||
| 2014-08-23 | [1.7.x] Fixed #23344 -- Removed duplicate docs for file upload settings. | Tim Graham | |
| Backport of c7fa27d702 from master | |||
| 2014-08-12 | [1.7.x] Refs #23276: Removed bad examples of passing views as strings to url() | Collin Anderson | |
| partial backport of a9fd740d22 from master | |||
| 2014-08-06 | [1.7.x] Removed a doc reference to the deprecated `mimetype` kwarg. | Mohammed Attia | |
| Backport of 61ed959235 from master | |||
| 2014-08-04 | [1.7.x] Fixed #23169 - Misc docs fixes. | areski | |
| Backport of e4dd8b5dde from master | |||
| 2014-08-02 | [1.7.x] Fixed #23149 -- Clarified note on HTTPOnly in cookie-based session docs | Erik Romijn | |
| Backport of e26366da44bb343e7a95d01ff0dd18b8026c2802 from master. | |||
| 2014-07-26 | [1.7.x] Fixed #23097 -- Switched to new octal format in docs | David Hoffman | |
| Backport of e1c85167a3 from master. | |||
| 2014-07-16 | [1.7.x] Fixed #23023 -- Added warning against local-memory cache. | Tim Graham | |
| Thanks django at kerz.id.au. Backport of 7d0519c725 from master | |||
| 2014-07-09 | [1.7.x] Revert "Improve cookie based session backend docs." refs #20418 | Tim Graham | |
| This reverts commit d9c01da1f8ba3d4e0947fd1d619c8f4a9b013360. This is poor advice as it breaks the test client login (refs #22934). We can add a note like this back after refs #22986 is resolved. Backport of 3a85aae2ea from master | |||
| 2014-06-24 | [1.7.x] Fixed typo in middleware docs. | Peter Kowalczyk | |
| Function definition should have an ending colon. Backport of 48241ec9c4 from master | |||
| 2014-06-10 | [1.7.x] Fixed #22801 -- Added 'www.' to diveintopython.net links | Maxime Turcotte | |
| Backport of f97c53c098 from master | |||
| 2014-06-01 | [1.7.x] Fixed #21938 -- Moved documentation for error views to reference guide. | Jonathan Lindén | |
| Backport of 5b98ba08e2cc8760525fc1e0a2c917c063b0d5e2 from master | |||
| 2014-05-22 | [1.7.x] Fixed #20816 -- Added hints about Django middleware ordering | Claude Paroz | |
| Thanks gthb Trac user for the report, kolypto StackOverflow user for the initial list and Tim Graham for the review. Backport of 756c390fb5 from master. | |||
| 2014-04-08 | [1.7.x] Fixed #9535 -- Added a reference guide for file upload classes. | Anubhav Joshi | |
| Backport of c8c2b8a638 from master | |||
| 2014-03-27 | [1.7.x] Fixed #21941 -- Documented the kwargs param of django.conf.urls.url(). | Tim Martin | |
| Thanks cjerdonek for the report. Backport of a779757706 from master | |||
| 2014-02-25 | Fixed #12670 -- Added a note about permissions of files stored in ↵ | Rik | |
| FILE_UPLOAD_TEMP_DIR. Thanks simon29 for the suggestion. | |||
| 2014-02-14 | Fixed #21177 -- Made resolve_url support relative URLs. | Antoine Catton | |
| This fixes redirecting to relative URLs with django.shortcuts.redirect. | |||
| 2014-01-22 | Always use parentheses when documenting a method with no arguments. | Baptiste Mispelon | |
| 2014-01-22 | Don't show `self` in the list of arguments of a method. | Baptiste Mispelon | |
| This is consistent with Python's official documentation and it's a sphinx recommendation too[1]. [1] http://sphinx-doc.org/markup/desc.html#dir-method Refs #21855. | |||
| 2014-01-03 | Fixed a sentence in the session security docs; thanks claudep. | Tim Graham | |
| 2013-12-30 | Fixed #21708 -- Added some headings to separate unrelated topics. | Tim Graham | |
| Thanks ashley at ashleymills.com for the suggestion. | |||
| 2013-12-26 | Fixed #21582 -- Corrected URL namespace example. | Tim Graham | |
| Thanks oubiga for the report. | |||
| 2013-12-13 | Fixed #21580 -- Clarified why render() does not return a TemplateResponse ↵ | johannes-gehrs | |
| object. | |||
| 2013-11-30 | Removed gender-based pronouns per [c0a2daad78]. | Tim Graham | |
| 2013-11-27 | Added a warning regarding risks in serving user uploaded media. | Tim Graham | |
| Thanks Preston Holmes for the draft text. | |||
| 2013-11-24 | Fixed some unnescesarily gendered language in the docs | Alex Gaynor | |
| 2013-11-22 | Removed unused import in docs/topics/http/sessions.txt | Tim Graham | |
| 2013-11-19 | Added more examples to the get_object_or_404 documentation. | Baptiste Mispelon | |
| 2013-11-18 | Fixed typo in topics/http/sessions.txt. | Tim Graham | |
| 2013-11-15 | Fixed #21440 -- Typo #2 in topics/http/shortcuts.txt | Tim Graham | |
| Thanks alasdair. | |||
| 2013-11-15 | Fixed #21440 -- Typo in topics/http/shortcuts.txt | Tim Graham | |
| Thanks olof.bjarnason at gmail.com for the report. | |||
| 2013-10-18 | Added a warning regarding session security and subdomains. | Tim Graham | |
| 2013-10-14 | Fixed #21264 -- Incorrect RST usage in docs | Bouke Haarsma | |
| 2013-10-10 | Whitespace cleanup. | Tim Graham | |
| * Removed trailing whitespace. * Added newline to EOF if missing. * Removed blank lines at EOF. * Removed some stray tabs. | |||
| 2013-10-02 | Changed the doc to use gender-neutral pronouns when possible. | Baptiste Mispelon | |
| 2013-10-02 | Clarified session replay attack differences with cookie backend. | Tim Graham | |
| 2013-09-24 | Fixed #21137 -- Corrected ULRconf include example. | Tim Graham | |
| Thanks marfire for the report. | |||
| 2013-09-22 | A few doc additions for changes from d228c1192e. | Ramiro Morales | |
| 2013-09-21 | Fixed #21137 -- Documented best practice for URLconfs with repeated pattern ↵ | Michael DiBernardo | |
| prefixes. | |||
| 2013-09-19 | Added missing "in" in sentence. | Markus Amalthea Magnuson | |
| 2013-09-18 | Fixed #4278 -- Added a dirs parameter to a few functions to override ↵ | Berker Peksag | |
| TEMPLATE_DIRS. * django.template.loader.get_template() * django.template.loader.select_template() * django.shortcuts.render() * django.shortcuts.render_to_response() Thanks amcnabb for the suggestion. | |||
| 2013-09-05 | Fixed #21000 -- Made cached_db session backend respect SESSION_CACHE_ALIAS | CHI Cheng | |
| 2013-09-03 | Fixed #21002 -- Documented JSON session serialization requires string keys | Tim Graham | |
| Thanks jeroen.pulles at redslider.net for the report. | |||
| 2013-08-29 | Fixed #20997 -- Added SessionStore note to docs. | Tim Graham | |
| Thanks jsdalton. | |||
