cdc0b13fcefec4ddba112e24e3be29e374c5664f Russell Keith-Magee freakboy3742@gmail.com http://github.com/brosner/django/commit/a3e8bbc79cb9a0ea6f48e5f26c7fe0324fbeea3f a3e8bbc79cb9a0ea6f48e5f26c7fe0324fbeea3f 2009-10-31T21:53:51-07:00 2009-10-31T21:53:51-07:00 Fixed #12123 -- Updated the utils.dateformat test to be a unittest too, due to a dependency on the old dateformat test. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11695 bcc190cf-cafb-0310-a4f2-bffc1f526a37 4e2f34fc8cae538248c4de59258c22b719197ca9 Russell Keith-Magee freakboy3742@gmail.com a5f5051fa1e7aaf8eafcea5fe67479817e1d4090 Russell Keith-Magee freakboy3742@gmail.com http://github.com/brosner/django/commit/cdc0b13fcefec4ddba112e24e3be29e374c5664f cdc0b13fcefec4ddba112e24e3be29e374c5664f 2009-10-31T21:20:17-07:00 2009-10-31T21:20:17-07:00 Fixed #12123 -- Refactored dateformat tests to use unittest. This is needed so that we have a reliable teardown that can reset the timezone at the end of the test. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11693 bcc190cf-cafb-0310-a4f2-bffc1f526a37 3453d4d72c6def30f5277585a800a6c4a7d81879 Russell Keith-Magee freakboy3742@gmail.com f9a4e94d003fd925e29a72dcec5d24acb6f58b87 Russell Keith-Magee freakboy3742@gmail.com http://github.com/brosner/django/commit/a5f5051fa1e7aaf8eafcea5fe67479817e1d4090 a5f5051fa1e7aaf8eafcea5fe67479817e1d4090 2009-10-31T20:04:20-07:00 2009-10-31T20:04:20-07:00 Fixed #12121 -- Modified __reduce__ on a model to avoid an infinite recursion problem that occurs on Python 2.4. Thanks to emulbreh for the report. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11691 bcc190cf-cafb-0310-a4f2-bffc1f526a37 98f78af6f38b78b34e25877ac19c8eee99990527 Russell Keith-Magee freakboy3742@gmail.com d42904196090b6951bf1475f7ea558c76ddbdabf Brian Rosner brosner@gmail.com http://github.com/brosner/django/commit/f9a4e94d003fd925e29a72dcec5d24acb6f58b87 f9a4e94d003fd925e29a72dcec5d24acb6f58b87 2009-10-30T02:11:56-07:00 2009-10-30T02:11:56-07:00 Fixed #11872 -- Instantiate the correct model in BaseInlineFormSet.__init__ when instance is None. Thanks tobias. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11688 bcc190cf-cafb-0310-a4f2-bffc1f526a37 0a9bbbaf3ed944319ddb962d23e732f325536fc0 Brian Rosner brosner@gmail.com 2ef03872248aa3d6375bd2033bbe46da8e3c3812 Brian Rosner brosner@gmail.com http://github.com/brosner/django/commit/d42904196090b6951bf1475f7ea558c76ddbdabf d42904196090b6951bf1475f7ea558c76ddbdabf 2009-10-30T01:48:48-07:00 2009-10-30T01:48:48-07:00 Fixed #12115 -- Corrected typo in admin documentation. Thanks encinas. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11686 bcc190cf-cafb-0310-a4f2-bffc1f526a37 84b597571826d7d3a81859ca5294ce54c9e872ce Brian Rosner brosner@gmail.com 97c65f29bf6078f8b4b307d2f6e637f09346c274 Brian Rosner brosner@gmail.com http://github.com/brosner/django/commit/2ef03872248aa3d6375bd2033bbe46da8e3c3812 2ef03872248aa3d6375bd2033bbe46da8e3c3812 2009-10-30T01:24:05-07:00 2009-10-30T01:24:05-07:00 Updated INSTALL file setup.py does not require an Internet connection nor setuptools. That was fixed in [3906]. Updated the minimum Python version as well. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11684 bcc190cf-cafb-0310-a4f2-bffc1f526a37 66b9a7dbbe21d02c8f35bd9bd1341d746c2688fa Brian Rosner brosner@gmail.com 3ca534cec94a0a27f7c93a45dcdd260b6d047157 Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/97c65f29bf6078f8b4b307d2f6e637f09346c274 97c65f29bf6078f8b4b307d2f6e637f09346c274 2009-10-29T17:17:29-07:00 2009-10-29T17:17:29-07:00 Allow CsrfResponseMiddleware to be used if templates cannot be updated. For the case where someone is using contrib views with custom templates that they cannot update to use the template tag, it should be possible to use CsrfResponseMiddleware. This requires that 'csrf_response_exempt' is not used for the admin views. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11683 bcc190cf-cafb-0310-a4f2-bffc1f526a37 cd70fa86d4eb3c50b51f5527160afc8dea63f3de Luke Plant L.Plant.98@cantab.net 874a40bad9fe74c9e546abd32571da7c8b2a2878 Russell Keith-Magee freakboy3742@gmail.com http://github.com/brosner/django/commit/3ca534cec94a0a27f7c93a45dcdd260b6d047157 3ca534cec94a0a27f7c93a45dcdd260b6d047157 2009-10-29T07:32:01-07:00 2009-10-29T07:32:01-07:00 Fixed #12057 -- Corrected regression of caching performance when a model contained a callable default. Thanks to Michael Thornhill for the excellent assistance tracking this problem. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11681 bcc190cf-cafb-0310-a4f2-bffc1f526a37 a52666bc920042e50a6e5f07dde4d0dd2c0d3219 Russell Keith-Magee freakboy3742@gmail.com 1d1d65b3dc59d877afa61ddb3cbca444672449bb Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/874a40bad9fe74c9e546abd32571da7c8b2a2878 874a40bad9fe74c9e546abd32571da7c8b2a2878 2009-10-29T07:17:39-07:00 2009-10-29T07:17:39-07:00 Improved HTML in CSRF debug template - <code> instead of <tt> git-svn-id: http://code.djangoproject.com/svn/django/trunk@11680 bcc190cf-cafb-0310-a4f2-bffc1f526a37 b2a1fef6319018e211da3ab13de4ed3bc1619cab Luke Plant L.Plant.98@cantab.net 78b933088b6e22d3b3c0dbd87558a3b434279323 Jannis Leidel jannis@leidel.info http://github.com/brosner/django/commit/1d1d65b3dc59d877afa61ddb3cbca444672449bb 1d1d65b3dc59d877afa61ddb3cbca444672449bb 2009-10-28T03:01:16-07:00 2009-10-28T03:01:16-07:00 Added bio for myself git-svn-id: http://code.djangoproject.com/svn/django/trunk@11678 bcc190cf-cafb-0310-a4f2-bffc1f526a37 e29876762a99757bbefc8bb57a165c297e5a2202 Jannis Leidel jannis@leidel.info ce7a05a0978f95e6975d3380950bd0091853a99c Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/78b933088b6e22d3b3c0dbd87558a3b434279323 78b933088b6e22d3b3c0dbd87558a3b434279323 2009-10-27T15:26:54-07:00 2009-10-27T15:26:54-07:00 Fixed typo in docs git-svn-id: http://code.djangoproject.com/svn/django/trunk@11677 bcc190cf-cafb-0310-a4f2-bffc1f526a37 92557a5a6176b026d57d716a8c5cd41100b4eacb Luke Plant L.Plant.98@cantab.net 485d55066103611538f749c653527776f2d10d2e Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/ce7a05a0978f95e6975d3380950bd0091853a99c ce7a05a0978f95e6975d3380950bd0091853a99c 2009-10-27T15:20:03-07:00 2009-10-27T15:20:03-07:00 Small improvement to CSRF failure template. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11676 bcc190cf-cafb-0310-a4f2-bffc1f526a37 7b5b7021934f9ff5dfce3923530150db28c88f82 Luke Plant L.Plant.98@cantab.net 3c345e00f16052853cb52af885f040a4a52e8f32 Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/485d55066103611538f749c653527776f2d10d2e 485d55066103611538f749c653527776f2d10d2e 2009-10-27T14:52:25-07:00 2009-10-27T14:52:25-07:00 Documented the presence of {% csrf_token %} in Django 1.1.2 in trunk docs. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11675 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2628019e681e1dbf0928b8b77ace8d9b92d7c26a Luke Plant L.Plant.98@cantab.net c231171b74d1bfd2478ae6ef85ce8a8a08903163 Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/3c345e00f16052853cb52af885f040a4a52e8f32 3c345e00f16052853cb52af885f040a4a52e8f32 2009-10-27T14:31:20-07:00 2009-10-27T14:31:20-07:00 Misc clarifications in csrf middleware comments git-svn-id: http://code.djangoproject.com/svn/django/trunk@11673 bcc190cf-cafb-0310-a4f2-bffc1f526a37 11412fddfa8d6ffd8450ed427331a232b287beb9 Luke Plant L.Plant.98@cantab.net f9b4aa7b561477b34010c5871d2c8c17e7965ac7 Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/c231171b74d1bfd2478ae6ef85ce8a8a08903163 c231171b74d1bfd2478ae6ef85ce8a8a08903163 2009-10-27T14:27:09-07:00 2009-10-27T14:27:09-07:00 Fixed #12095 - login and other contrib views failing if template rendered using inclusion tag. The {% csrf_token %} tag is unable to get its value if a template is rendered using an inclusion_tag, since that creates a brand new Context, rather than using the existing one. Since this is a common pattern, and we need CSRF protection to be as simple and easy as possible, we special case the csrf_token and copy it from the parent context to the new context. A more elegant and general solution may appear in future, but this is good enough for now. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11672 bcc190cf-cafb-0310-a4f2-bffc1f526a37 13b675a91c9e4be1ed753b5deed650db259801c7 Luke Plant L.Plant.98@cantab.net 28760cb14f4c2015f808da1a210cd21df27570b7 Jacob Kaplan-Moss jacob@jacobian.org http://github.com/brosner/django/commit/f9b4aa7b561477b34010c5871d2c8c17e7965ac7 f9b4aa7b561477b34010c5871d2c8c17e7965ac7 2009-10-27T13:56:12-07:00 2009-10-27T13:56:12-07:00 Fixed #11057: having no actions in the admin (`actions=None`) no longer messes up the layout. Thanks, rvdrijst. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11670 bcc190cf-cafb-0310-a4f2-bffc1f526a37 1781df28d01830a85c3f0825dd381ecbed924455 Jacob Kaplan-Moss jacob@jacobian.org ac5cf788b19aa796ea52d37bceee0a265e4adad1 Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/28760cb14f4c2015f808da1a210cd21df27570b7 28760cb14f4c2015f808da1a210cd21df27570b7 2009-10-27T07:04:21-07:00 2009-10-27T07:04:21-07:00 Slight change to CSRF error messages to make debugging easier. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11669 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2b6028cfd710c71e9916196606bcda228c88cb6d Luke Plant L.Plant.98@cantab.net cac9c51946209546f932a6d6b9bb30e268c6e24c Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/ac5cf788b19aa796ea52d37bceee0a265e4adad1 ac5cf788b19aa796ea52d37bceee0a265e4adad1 2009-10-27T06:13:40-07:00 2009-10-27T06:13:40-07:00 Fixed some typos git-svn-id: http://code.djangoproject.com/svn/django/trunk@11668 bcc190cf-cafb-0310-a4f2-bffc1f526a37 6b9bb0edca8aad8435977c1935d89105fe064a8e Luke Plant L.Plant.98@cantab.net 9cb3650e2ece567757015d46b2f7b736ba42086a Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/cac9c51946209546f932a6d6b9bb30e268c6e24c cac9c51946209546f932a6d6b9bb30e268c6e24c 2009-10-27T05:11:56-07:00 2009-10-27T05:11:56-07:00 Added explicit notes about the need to update any customised templates for contrib apps for CSRF changes git-svn-id: http://code.djangoproject.com/svn/django/trunk@11667 bcc190cf-cafb-0310-a4f2-bffc1f526a37 657f8dd724c94b05955853878bdf8d82ed6f8ccb Luke Plant L.Plant.98@cantab.net 7860e5a38f4a71dabca5a137ac14e38b2a621cc6 Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/9cb3650e2ece567757015d46b2f7b736ba42086a 9cb3650e2ece567757015d46b2f7b736ba42086a 2009-10-27T03:46:04-07:00 2009-10-27T03:46:04-07:00 Completed a name in AUTHORS file, now I know it. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11666 bcc190cf-cafb-0310-a4f2-bffc1f526a37 2cca3f4a30e844efb278da05f4a172fefe6fd7b1 Luke Plant L.Plant.98@cantab.net c182e2dacc77e796764cb506ec62420615784f83 Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/7860e5a38f4a71dabca5a137ac14e38b2a621cc6 7860e5a38f4a71dabca5a137ac14e38b2a621cc6 2009-10-26T18:10:20-07:00 2009-10-26T18:10:20-07:00 Added 'version added' info to CSRF_* settings. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11665 bcc190cf-cafb-0310-a4f2-bffc1f526a37 350dc1e5732c9086e35bc23e1edc0f8d3b295ab9 Luke Plant L.Plant.98@cantab.net 3992133b6edbe5e7e1f2af758f1f85013e8cecc3 Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/c182e2dacc77e796764cb506ec62420615784f83 c182e2dacc77e796764cb506ec62420615784f83 2009-10-26T17:49:33-07:00 2009-10-26T17:49:33-07:00 Removed unused import. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11664 bcc190cf-cafb-0310-a4f2-bffc1f526a37 893cfe5752235cbfc3afc009a27fe9c08ba10710 Luke Plant L.Plant.98@cantab.net 5f431ca9d890cd45b4d4c22dc270bfb7b3cee62f Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/3992133b6edbe5e7e1f2af758f1f85013e8cecc3 3992133b6edbe5e7e1f2af758f1f85013e8cecc3 2009-10-26T17:43:16-07:00 2009-10-26T17:43:16-07:00 Use decorator syntax for csrf_exempt example. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11663 bcc190cf-cafb-0310-a4f2-bffc1f526a37 38fa1b27bfa309af66337227830c26ea0b4ed576 Luke Plant L.Plant.98@cantab.net e5fd5f83f8b495528f27350c8d2ec3166f1e69ef Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/5f431ca9d890cd45b4d4c22dc270bfb7b3cee62f 5f431ca9d890cd45b4d4c22dc270bfb7b3cee62f 2009-10-26T17:36:34-07:00 2009-10-26T17:36:34-07:00 Moved contrib.csrf.* to core code. There is stub code for backwards compatiblity with Django 1.1 imports. The documentation has been updated, but has been left in docs/contrib/csrf.txt for now, in order to avoid dead links to documentation on the website. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37 398b0f0b48eb6d4b2c3b69f0e2d7dc2749ec7a74 Luke Plant L.Plant.98@cantab.net c31a3cfd697e41a57a9117b1a483bef0943c8107 Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/e5fd5f83f8b495528f27350c8d2ec3166f1e69ef e5fd5f83f8b495528f27350c8d2ec3166f1e69ef 2009-10-26T16:23:07-07:00 2009-10-26T16:23:07-07:00 Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default. This is a large change to CSRF protection for Django. It includes: * removing the dependency on the session framework. * deprecating CsrfResponseMiddleware, and replacing with a core template tag. * turning on CSRF protection by default by adding CsrfViewMiddleware to the default value of MIDDLEWARE_CLASSES. * protecting all contrib apps (whatever is in settings.py) using a decorator. For existing users of the CSRF functionality, it should be a seamless update, but please note that it includes DEPRECATION of features in Django 1.1, and there are upgrade steps which are detailed in the docs. Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work on the patch, and to lots of other people including Simon Willison and Russell Keith-Magee who refined the ideas. Details of the rationale for these changes is found here: http://code.djangoproject.com/wiki/CsrfProtection As of this commit, the CSRF code is mainly in 'contrib'. The code will be moved to core in a separate commit, to make the changeset as readable as possible. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37 9dc32d96165c27bb0be761cce3de5c85e0ccf9a5 Luke Plant L.Plant.98@cantab.net 22c77dbdcaea18afd9dc96335261d68e0eb94cb1 Jacob Kaplan-Moss jacob@jacobian.org http://github.com/brosner/django/commit/c31a3cfd697e41a57a9117b1a483bef0943c8107 c31a3cfd697e41a57a9117b1a483bef0943c8107 2009-10-26T08:02:54-07:00 2009-10-26T08:02:54-07:00 Fixed #11371: Made `django.test.Client.put()` work for non-form-data PUT (i.e. JSON, etc.). Thanks, phyfus. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11656 bcc190cf-cafb-0310-a4f2-bffc1f526a37 4ea5bbd78c6f471a3a2920957dd25a8fe74da57a Jacob Kaplan-Moss jacob@jacobian.org c773691727385840fb5d686e138aae993eececce Jarek Zgoda jarek.zgoda@redefine.pl http://github.com/brosner/django/commit/22c77dbdcaea18afd9dc96335261d68e0eb94cb1 22c77dbdcaea18afd9dc96335261d68e0eb94cb1 2009-10-25T13:09:49-07:00 2009-10-25T13:09:49-07:00 Polish translation updated git-svn-id: http://code.djangoproject.com/svn/django/trunk@11655 bcc190cf-cafb-0310-a4f2-bffc1f526a37 c98f4e3695de82f70c3db094fab28c47d208838c Jarek Zgoda jarek.zgoda@redefine.pl 49815ad29be6209d2aa0b366442a2bd0e78a0a74 Karen Tracey kmtracey@gmail.com http://github.com/brosner/django/commit/c773691727385840fb5d686e138aae993eececce c773691727385840fb5d686e138aae993eececce 2009-10-25T09:32:07-07:00 2009-10-25T09:32:07-07:00 Fixed #12079: Changed has_results to get a single result, thus preventing exists() from always returning True on backends that support chunked reads. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11654 bcc190cf-cafb-0310-a4f2-bffc1f526a37 f6514a44e829c77082e2590ad46c0ca2cacafb54 Karen Tracey kmtracey@gmail.com f7d0983056205531a0cdb03ec362a63979e8b677 Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/49815ad29be6209d2aa0b366442a2bd0e78a0a74 49815ad29be6209d2aa0b366442a2bd0e78a0a74 2009-10-24T07:10:00-07:00 2009-10-24T07:10:00-07:00 Fixed small error in deprecation policy. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11652 bcc190cf-cafb-0310-a4f2-bffc1f526a37 a7a1d6700aa7c2e869de7da7cba72ceeb5d2801c Luke Plant L.Plant.98@cantab.net ec57ce2956b79b54f9353fb67b477972b1999abb Luke Plant L.Plant.98@cantab.net http://github.com/brosner/django/commit/f7d0983056205531a0cdb03ec362a63979e8b677 f7d0983056205531a0cdb03ec362a63979e8b677 2009-10-24T03:45:58-07:00 2009-10-24T03:45:58-07:00 Fixed #9163 - CsrfMiddleware needs to reset ETag header Thanks to carljm for report and patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11650 bcc190cf-cafb-0310-a4f2-bffc1f526a37 87f2a3c483cc77a69241a961cdb91adf36b23e54 Luke Plant L.Plant.98@cantab.net