| Age | Commit message (Collapse) | Author |
|---|
|
BaseModelFormSet.get_queryset() for stable ordering.
|
|
MultipleChoiceField.validate().
Used Django's OrderedSet datastructure instead of set() in MultipleChoiceField.validate()
to prevent submission ordering from being discarded during validation.
Thanks to Jacob Walls, JaeHyuck Sa, Jake Howard and Simon Charette for
the reviews.
|
|
|
|
This simplicaftion mitigates a potential DoS in URLField on Windows. The
usage of `urlsplit()` in `URLField.to_python()` was replaced with
`str.partition(":")` for URL scheme detection. On Windows, `urlsplit()`
performs Unicode normalization which is slow for certain characters,
making `URLField` vulnerable to DoS via specially crafted POST payloads.
Thanks Seokchan Yoon for the report, and Jake Howard and Shai Berger
for the review.
Refs #36923.
Co-authored-by: Jacob Walls <jacobtylerwalls@gmail.com>
|
|
There was unresolved discussion regarding whether to set
ClearableFileInput.use_fieldset to True or False when use_fieldset was
introduced in Django 4.1, since the clear checkbox appears only
sometimes. Although using <fieldset> is likely desirable, since the
primary motivation in #35892 was just to improve markup in the admin,
and a deprecation path was not provided for general form usage, future
work is deferred to #36828.
Regression in 4187da258fe212d494cb578a0bc2b52c4979ab95.
Thanks Tim Graham, Antoliny, and David Smith for triage.
|
|
The error message now correctly states that the error argument
is a dictionary.
|
|
|
|
Signed-off-by: SaJH <wogur981208@gmail.com>
|
|
django/forms/models.py.
|
|
|
|
Manually reformatted some comments and docstrings where autofix_w505.py
changed the meaning of the formatting.
|
|
Rewrapped long docstrings and block comments to 79 characters + newline
using script from https://github.com/medmunds/autofix-w505.
|
|
Manually reformatted some long docstrings and comments that would be
damaged by the to-be-applied autofixer script, in cases where editorial
judgment seemed necessary for style or wording changes.
|
|
|
|
InlineForeignKeyField.
Co-authored-by: Simon Charette <charette.s@gmail.com>
|
|
ModelChoiceField/ModelMultipleChoiceField.clean().
Signed-off-by: saJaeHyukc <wogur981208@gmail.com>
|
|
https://github.com/psf/black/releases/tag/25.1.0
|
|
FORMS_URLFIELD_ASSUME_HTTPS per deprecation timeline.
|
|
|
|
renderers.
Thank you Sarah Boyce, Carlton Gibson, Tim Schilling and Adam Johnson
for reviews.
Co-authored-by: Christophe Henry <contact@c-henry.fr>
Co-authored-by: David Smith <smithdc@gmail.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
Co-authored-by: Matthias Kestenholz <mk@feinheit.ch>
|
|
Thanks Saravana Kumar for the report, and Sarah Boyce and Mariusz
Felisiak for the reviews.
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
is set.
|
|
renderers.
|
|
|
|
|
|
|
|
Applied the ProhibitNullCharactersValidator to ModelChoiceField and ModelMultipleChoiceField.
Co-authored-by: Viktor Paripás <viktor.paripas@gmail.com>
Co-authored-by: Vasyl Dizhak <vasyl@dizhak.com>
Co-authored-by: Arthur Vasconcelos <vasconcelos.arthur@gmail.com>
|
|
unhashable type.
|
|
This work should not generate any change of functionality, and
`urlsplit` is approximately 6x faster.
Most use cases of `urlparse` didn't touch the path, so they can be
converted to `urlsplit` without any issue. Most of those which do use
`.path`, simply parse the URL, mutate the querystring, then put them
back together, which is also fine (so long as urlunsplit is used).
|
|
linkcode ext.
Co-authored-by: David Smith <smithdc@gmail.com>
Co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
|
|
Hidden elements are not visible for both accessibility tools and browsers presentation layer. This change therefore only reduces the size of the generated HTML.
|
|
when form is invalid.
|
|
co-authored-by: Keryn Knight <keryn@kerynknight.com>
co-authored-by: Natalia <124304+nessita@users.noreply.github.com>
co-authored-by: David Smith <smithdc@gmail.com>
co-authored-by: Paolo Melchiorre <paolo@melchiorre.org>
|
|
get_attname()/get_attname_column().
|
|
https://github.com/psf/black/releases/tag/24.1.0
|
|
|
|
This allows early adoption of the new default "https".
|
|
Co-authored-by: Parth Verma <parth.verma@gmail.com>
|
|
bf.errors returns an ErrorList. Access this directly and avoid creating
a new instance in BaseForm.get_context()
Calling str() on the ErrorList can also be deferred to when the
variable used in the template.
|
|
help text.
This adds aria-describedby for widgets rendered in a fieldset such as
radios. aria-describedby for these widgets is added to the <fieldset>
element rather than each <input>.
|
|
the field.
`id_for_label` is blank for widgets with multiple inputs such as radios
and multiple checkboxes. Therefore , `help_text` for fields using these
widgets cannot currently be associated using `aria-describedby`.
`id_for_label` is being used as a guard to avoid incorrectly adding
`aria-describedby` to those widgets.
This change uses `auto_id` as the unique identified for the fields
`help_text`. A guard is added to avoid incorrectly adding
`aria-describedby` to inputs by checking the widget's `use_fieldset`
attribute. Fields rendered in a `<fieldset>` should have
`aria-describedby` added to the `<fieldset>` and not every `<input>`.
|
|
proxy models.
Follow up to 0e8be73812a6e62d5a6b12a585d133b56bc2bf52.
|
|
Some third-party applications, e.g. `django-filter`, already define
their own `ChoiceIterator`, so renaming this `BaseChoiceIterator` will
be a better fit and avoid any potential confusion.
See https://github.com/carltongibson/django-filter/pull/1607.
|
