Django/django
11
0
Fork 0
Code Pull Requests Projects Releases Activity
23,121 Commits 26 Branches 382 Tags
Commit Graph

7983 Commits

Author SHA1 Message Date
Tim Graham
f824655bc2 [1.10.x] Fixed #27912, CVE-2017-7233 -- Fixed is_safe_url() with numeric URLs. 
This is a security fix.
 2017-04-04 10:17:35 -04:00
Tim Graham
2a9f6ef71b [1.10.x] Fixed CVE-2017-7234 -- Fixed open redirect vulnerability in views.static.serve(). 
This is a security fix.
 2017-04-04 10:17:35 -04:00
heathervm
83331d1ed0 [1.10.x] Fixed #27993 -- Fixed model form default fallback for SelectMultiple. 
Backport of 7d1e23775344cc3dead03bd4af45f4fdf134b819 from master
 2017-03-31 10:17:17 -04:00
Mariusz Felisiak
e7c61ff3a6 [1.10.x] Fixed nondeterministic ordering test failure in model_forms. 
Backport of 2767ef3ca7 from master
 2017-03-17 10:04:48 +02:00
Mariusz Felisiak
46d602dcea [1.10.x] Refs #27924 -- Doc'd that cx_Oracle < 5.3 is required. 
Thanks Tim Graham for the review.
 2017-03-11 21:46:50 +01:00
Raphael Merx
c4b8c46345 [1.10.x] Fixed #27905 -- Added RelatedFieldWidgetWrapper.value_omitted_from_data(). 
Backport of fd75c8f2b7070774f6e90f408cb5cddf65b8734e from master
 2017-03-07 14:00:09 -05:00
Tim Graham
ead5b14d8c [1.10.x] Fixed a backends test with psycopg2 2.7. 
Backport of 49a63d08d3b3e2ac32e391d1413a4ac99429e4af from master
 2017-03-01 13:19:11 -05:00
Vytis Banaitis
92ce31fd8c [1.10.x] Fixed #27856 -- Improved accuracy of date subtraction on PostgreSQL. 
Accuracy was incorrect when dates differ by a month or more.

Backport of 4045fd56cb0f83d0f78de9aca073c7104e4cf8fd from master
 2017-02-21 12:59:46 -05:00
Vytis Banaitis
75327b88a8 [1.10.x] Fixed #27828 -- Fixed a crash when subtracting Integer/DurationField from DateField on Oracle/PostgreSQL. 
Thanks Mariusz Felisiak for the Oracle workaround.

Backport of d5088f838d837fc9e3109c828f18511055f20bea from master
 2017-02-16 17:24:05 -05:00
Tim Graham
3b562ebfe6 [1.10.x] Fixed GeoIP test failure with the latest data. 
Backport of da2e92d25ea32a25679d99525365ac7ac8e297ee from stable/1.11.x
 2017-02-14 09:11:11 -05:00
amalia
e399272bed [1.10.x] Fixed #27820 -- Fixed RequestDataTooBig/TooManyFieldsSent crash. 
Backport of 2f10216f84b55920de25422842a66260219e393f from master
 2017-02-13 17:16:29 -05:00
Tim Graham
cd69ac06d6 [1.10.x] Fixed #27805 -- Fixed ClearableFileInput's "Clear" checkbox on model fields with a default. 
Backport of 4353640ea9495d58fabd0357253b82de3b069408 from master
 2017-02-06 21:10:44 -05:00
Tim Graham
da9b36c52d [1.10.x] Fixed #27658 -- Prevented collectstatic from overwriting newer files in remote storages. 
Thanks revimi for the initial patch.

Backport of c85831e4b7b5a7e4249df10327175b7251cb012d from master
 2017-01-04 13:10:03 -05:00
Tim Graham
a72fa7de3e [1.10.x] Tested collectstatic's deleting of files/symlinks when toggling --link. 
Backport of f60d4e704d71b8af3f5ed4651accd33851bdee23 from master
 2017-01-04 13:09:33 -05:00
vinay karanam
b0eee991e8 [1.10.x] Refs #27637 -- Fixed timesince, timeuntil on New Year's Eve in a leap year. 
Backport of 6128c1736de98d8ab22829184409731b030cbff5 from master
 2017-01-02 08:40:59 -05:00
Mariusz Felisiak
25e8222615 [1.10.x] Fixed #27637 -- Fixed timesince, timeuntil in leap year edge case. 
Backport of 3e5c5e6754648590e87725b66d11d283079728e6 from master
 2016-12-27 09:29:47 -05:00
Tim Graham
4086ff9ecb [1.10.x] Refs #27558 -- Isolated indexes test on MySQL. 
MySQL schema changes must be done in TransactionTestCase.

Backport of f94475e5262abe78d9771bc353f741b20cc3c725 from master
 2016-12-15 13:53:54 -05:00
Waldemar Kornewald
0d8cdb5bc4 [1.10.x] Fixed #27418 -- Fixed occasional missing plural forms in JavaScriptCatalog. 
Backport of b24af2f40508bc0d8aa0cef264e51c537ffb92bd from master
 2016-12-14 18:39:35 -05:00
Tim Graham
653d4558a5 [1.10.x] Removed some blank lines per isort. 
Backport of ac06cb0e564b57b256ede98754586f36d2751b72 from master
 2016-12-06 12:59:16 -05:00
Andreas Pelme
f1f4a7f5a9 [1.10.x] Fixed #27567 -- Fixed crash in the debug view when request.user errors. 
Backport of 373140b07aa452946ccb6d5b0317fa09ed5bbdc2 from master
 2016-12-06 12:58:40 -05:00
Ed Morley
82ce55dbbe [1.10.x] Fixed #27558 -- Prevented redundant index on InnoDB ForeignKey. 
The MySQL backend overrides _field_should_be_indexed() so that it skips
index creation for ForeignKeys when using InnoDB.
 2016-12-01 12:25:37 -05:00
Krzysztof Urbaniak
81b5971b1c [1.10.x] Fixed #27402 -- Fixed incorrect LocaleMiddleware redirects with prefix_default_language=False. 
Backport of b8a815e9dfea89034ede7ff786551f89af84a31b from master
 2016-11-29 13:42:37 -05:00
Andrew Nester
75de55f1f3 [1.10.x] Fixed #27544 -- Fixed QuerySet.update(dt=F('dt') + timedelta) crash on SQLite. 
Backport of ade52ef71f04e57e217585358cb289098260e3ec from master
 2016-11-29 12:24:00 -05:00
Tim Graham
63696982b8 [1.10.x] Normalized casing of "custom user model". 
Backport of 93a081946d92da010c7de62dc58e697c6c33e5d3 from master
 2016-11-23 15:17:00 -05:00
Ramiro Morales
a079d5ceed [1.10.x] Refs #26677 -- Simplified i18n test cleanups. 
The fact that we aren't dealing with the Django source tree anymore
allows us to drop several tearDown()/addCleanup() calls that were
concerned with removing apiece files/dirs/symlinks created by test
cases, as we are covered by the removal of the parent temporary tree
anyways.

Thanks Tim Graham for advice and review.

Backport of bb7bb379e8cd91a91336946829519d64e919a1d2 from master
 2016-11-23 07:18:59 -05:00
Ramiro Morales
c1bd4679e8 [1.10.x] Fixed #26677 -- Converted some i18n tests to use disposable FS tree. 
This allows makemessages/compilemessages tests in `test_extraction.py`
and `test_compilation.py` to actually run isolated from each other
(unaffected by stray FS objects left by cleanup actions failures, debug
sessions, etc.) and to take advantage of the parallel tests execution
feature like most of the Django test suite.

`test_percents.py` gets slightly refactored to not inherit from the new
machinery which sets up every test case to copy and run under a
temporary tree.

Backport of faeeb84edfebecf5a5f40df9ef816e5f1cd457c6 from master
 2016-11-23 07:18:40 -05:00
Jonatas CD
02ac92888e [1.10.x] Fixed #27482 -- Doc'd an example of Case() in QuerySet.filter(). 
Backport of b28c6ca7631e13ea29490bf51a367ab10198c74c from master
 2016-11-17 12:39:56 -05:00
Simon Charette
b495d8e334 [1.10.x] Fixed #27407 -- Made Model.delete(keep_parents=True) preserve parent reverse relationships. 
Thanks Tim for the review.

Backport of 31a56e30cfb3c8e1a9373e5abdd12b5b23d5d910 from master
 2016-11-15 20:50:41 -05:00
Joseph Kahn
7fd379719a [1.10.x] Fixed #27461 -- Fixed incorrect allow_migrate() arguments in makemigrations. 
Backport of 373c6c409c310cb61e1e9c9aff4adba379ffd0b4 from master
 2016-11-09 10:27:33 -05:00
Tim Graham
884e113838 [1.10.x] Fixed CVE-2016-9014 -- Validated Host header when DEBUG=True. 
This is a security fix.
 2016-11-01 09:36:44 -04:00
Andrew Nester
acacf54fa1 [1.10.x] Fixed #27363 -- Replaced unsafe redirect in SessionMiddleware with SuspiciousOperation. 
Backport of 1ce04bcce0076360623ae164afd3541a5c031af2 from master
 2016-11-01 07:18:06 -04:00
Krzysztof Urbaniak
a7dabe4216 [1.10.x] Fixed #27063 -- Prevented i18n_patterns() from using too much of the URL as the language. 
Backport of a01d887a3ad9029ed198b6af974534fec46223f9 from master
 2016-10-31 14:33:42 -04:00
Krzysztof Urbaniak
62c9894b34 [1.10.x] Added additional tests for translation's get_language_from_path(). 
Backport of ee06689878e87e45d3c2402dd5e3bb3ba2a79bcf from master
 2016-10-31 14:33:29 -04:00
Tim Graham
df66aee856 [1.10.x] Updated "running the tests" to use 'pip install -e'. 
Backport of d84ffcc22b2a0dbc0a44a67d56da7e3647e2f87a from master
 2016-10-27 08:44:10 -04:00
David Barragán Merino
736f7e7ed7 [1.10.x] Fixed #27385 -- Fixed QuerySet.bulk_create() on PostgreSQL when the number of objects is a multiple plus one of batch_size. 
Backport of b3bd3aa07c026239dd39d1a37498dfd0a2f09caf from master
 2016-10-25 19:22:33 -04:00
Alvin Lindstam
3a416e4ba9 [1.10.x] Fixed #27374 -- Made JavaScriptCatalog respect the packages argument. 
Backport of 6b5106b1ceec03d945c1104b21feed3e25470fe0 from master
 2016-10-24 10:26:16 -04:00
Tim Graham
91cc5fd4cc [1.10.x] Fixed #27200 -- Provided makemigration's allow_migrate() with model_name. 
Backport of cd09524f27b83c0ca9dabafa81265e8d8abd252a from master
 2016-10-13 11:42:56 -04:00
Tim Graham
fba2c16a6f [1.10.x] Fixed nonexistent tmc.edu domain in GeoIP test. 
The test was silently skipped.

Backport of e1f6eba033abea25cd6b0577bd66c655ec453325 from master
 2016-10-11 19:40:34 -04:00
Simon Charette
b12228759c [1.10.x] Fixed #27279 -- Fixed a migration performance regression related to RenameModel operations. 
Thanks Trac alias mtomiyoshi for the report, Marten Kenbeek for the initial
patch and Tim for the review.

Backport of 040bd7c9387cfbf70a543c507b3b9eeb8f2725dc from master
 2016-10-04 08:46:13 -04:00
Reto Aebersold
c473235bf6 [1.10.x] Fixed #27309 -- Added CallableBool.__hash__(). 
Backport of 3ab55c1a8a58ae6d6791cafbcefaf224d01ff314 from master
 2016-10-04 07:44:39 -04:00
Claude Paroz
062b8ba37e [1.10.x] Fixed #27302 -- Fixed ModelAdmin.construct_change_message() changed field detection 
Thanks Ramiro Morales for the report and Tim Graham for the review.
Backport of 67eee5e4fa08f4404445ebf4f54b686e68a8530c from master.
 2016-10-01 20:16:41 +02:00
Tim Graham
bade924c03 [1.10.x] Confirmed support for PostGIS 2.3. 
Backport of 79c91070e5797f647347c2f8bdfc4c7a0f835fb3 from master
 2016-10-01 09:12:53 -04:00
Tim Graham
f23c03ebc8 [1.10.x] Refs #27186 -- Fixed model form default fallback for CheckboxSelectMultiple. 
Backport of 87c5e7efebd040aef0f0479ccf86877155bb5cea from master
 2016-09-30 14:50:15 -04:00
Berker Peksag
a9fefd26dc [1.10.x] Fixed #27053 -- Documented contrib.auth.get_user(). 
Backport of f7e91cac689b28fc32ca52cdeac258ec0d58b4fc from master
 2016-09-27 10:42:46 -04:00
Sergey Fursov
bcdd13de93 [1.10.x] Fixed #27271 -- Fixed a crash in runserver logging. 
Allowed ServerFormatter to handle simple string messages or messages with
formatting arguments. The formatter will set the server_time variable on
the log record if it's required by the format string but wasn't passed in
extra parameters.

Backport of 6709ea4ae91b906742506ac0c42a3a272991001f from master
 2016-09-27 09:48:08 -04:00
Tim Graham
0b59ea3343 [1.10.x] Fixed #27186 -- Fixed model form default fallback for MultiWidget, FileInput, SplitDateTimeWidget, SelectDateWidget, and SplitArrayWidget. 
Thanks Matt Westcott for the review.

Backport of 3507d4e773aa9ff2336e7230ba231c4ba6eb568f from master
 2016-09-22 13:07:23 -04:00
Alasdair Nicol
190cd0e49f [1.10.x] Fixed #27238 -- Disabled check_pattern_startswith_slash if settings.APPEND_SLASH=False. 
Thanks strycore for the report and timgraham for suggesting the
solution.

Backport of 911d9f4ed1a39f945769b7198a419850378f9824 from master
 2016-09-19 21:01:09 -04:00
Tim Graham
393b1c6d45 [1.10.x] Fixed typo in tests/migrations/test_loader.py. 
Backport of 6989b45c8dce0d3c50d1530fd65d388c7fde2a2a from master
 2016-09-16 12:56:41 -04:00
Tim Graham
3c9f6eb0c0 [1.10.x] Removed an empty test app. 
Backport of 94b838387c2a7f398c9bad7f5faa86ac4aedcade from master
 2016-09-12 18:51:46 -04:00
Tim Graham
244c4c06f9 [1.10.x] Normalized spelling of ETag. 
Backport of ef021412d5e7eb78c89f0b7cf2ec01bcb959a837 from master
 2016-09-09 11:00:58 -04:00