Yury V. Zaytsev
4bb9a3c484
Fix XSS caused by disabled autoescaping in the default DRF Browsable API view templates ( #6330 )
...
* Add test that verifies that HTML is correctly escaped in Browsable API views
* Fix `urlize_quoted_links` tag to avoid double escaping in autoescape mode
* Fix XSS in default DRF Browsable API template by re-enabling autoescape
2019-01-16 12:36:25 +00:00
Adrien Brunet
e3bd4b9048
Fix #1811 : take limit_choices_to into account with FK ( #6371 )
...
* Fix issue1811: take limit_choices_to into account with FK
* Issue 1811: Add tests to illustrate issue
* Filter queryset only if limit_choices_to exists
* Move test_relations_with_limited_querysets file within test_relations_pk
* move limit_choices_to logic from relations.py to utils/field_mapping.py
* move limit_choices_to above other check to avoid conflicts
2019-01-08 13:49:47 +00:00
johnthagen
9c408b296b
Remove reference to deprecated drf-openapi package ( #6398 )
2019-01-08 12:47:09 +00:00
Matt Wiens
e0ae975e5c
Fix a badly formatted title in docs ( #6089 )
...
While having code blocks in a title is valid Markdown, MkDocs does not
render it as expected. This removes a code block placed in a title.
2019-01-08 12:07:00 +00:00
Stephen Finucane
c052a86c7b
compat: (py2) urlparse = urllib.parse (py3) ( #6262 )
...
* compat: (py2) urlparse = urllib.parse (py3)
We were mistakenly importing the 'urlparse' function from the Python 2
'urlparse' module, as opposed to the module itself. Correct this.
Signed-off-by: Stephen Finucane <stephen@that.guru>
Closes : #6261
* compat: Remove 'compat.urlparse'
We can just use Django's vendored six library, like we do everywhere
else.
Signed-off-by: Stephen Finucane <stephen@that.guru>
2019-01-08 12:03:02 +00:00
johnthagen
a49d744d5e
Fix OpenAPI links ( #6382 )
2019-01-08 11:56:42 +00:00
johnthagen
0860ef9eee
Update quickstart to Django 2.0 routing syntax ( #6385 )
...
* Update quickstart to Django 2.0 routing syntax
* Remove uneccessary raw string identifiers
* Correctly import path function
* Fix import path to use django.urls
This is what is prescribed in the Django 2.1 tutorial
2019-01-08 11:53:51 +00:00
Carlton Gibson
587058e3c2
Allow run_validators() to handle non-dict types. ( #6365 )
...
Fixes #6053 .
Original test case thanks to Vincent Delaitre in #6242 .
2019-01-08 11:39:30 +00:00
Yaser Khahani
0cf18c4163
Use Default Version in URLPathVersioning if 'version' Didn't Specified by Client ( #6380 )
...
* Use Default Version in URLPathVersioning if 'version' Didn't Passed
* Clean Code
2019-01-08 11:34:54 +00:00
Adrien Brunet
4863a24451
Fix links 404/302/303 in docs/community ( #6387 )
...
* Fix links 404/302/303
* Fix machinalis links in docs
* Fix kickstarter links in documentation
* Fix kickstarter links in documentation
* Fix kickstarter links in documentation - dropping links when broken
2019-01-08 11:15:53 +00:00
johnthagen
7749e4e3be
Make code snippet Python 3 compatible ( #6377 )
2019-01-04 18:00:38 -08:00
Adrien Brunet
1e2fd25f54
Fix #3387 : Documentation - Remove leading '.' before format option ( #6388 )
2019-01-04 14:45:08 +00:00
Xavier Ordoquy
030119c117
Merge pull request #6386 from philratcliffe/fix_missing_import_in_example_code
...
Fix missing import in example code
2018-12-28 17:54:41 +01:00
Phil Ratcliffe
1a9548db4f
Fix missing import in example code
2018-12-28 16:10:08 +00:00
Anuvrat Parashar
97a47958c0
correct grammar, remove common noun after proper noun. ( #6383 )
...
`MultipartParser` is enough to denote that it is a parser.
2018-12-24 15:54:27 +00:00
Xavier Ordoquy
5fd12d1b16
Merge pull request #6376 from johnthagen/patch-1
...
Fix example to be Python 3.x and 2.7 compatible
2018-12-23 07:46:35 +01:00
johnthagen
f0712aa78a
Fix example to be Python 3.x and 2.7 compatible
2018-12-22 15:29:02 -05:00
Carlton Gibson
86aa7768a7
Update quote in relations.md ( #6373 )
...
Fixes #6372 .
2018-12-21 11:39:01 +00:00
Carlton Gibson
63e6bbfd36
Note that only latest patches of Python & Django are supported. ( #6370 )
...
Fixes #6367 .
2018-12-20 13:41:54 +00:00
Dario Cangialosi, Coder
fa57fb8aeb
Use HTTPS URL example for git clone commands. ( #6134 )
2018-12-19 19:28:03 +01:00
Alf
963ce306f3
Added "allow_unicode" to generated kwargs for ModelSerializer SlugField ( #6315 )
2018-12-19 15:37:52 +01:00
Cyrus Ghazanfar
7ad5bdb669
Adjusted login template override example ( #6265 )
2018-12-19 15:25:34 +01:00
Jonathan Berger
1348bdc48a
Fixed quickstart.md typos ( #6348 )
2018-12-19 14:50:14 +01:00
Xavier Ordoquy
a52087b1b8
Merge pull request #6362 from adrienbrunet/typo
...
docs: typo in permissions (double space)
2018-12-19 14:34:18 +01:00
Adrien Brunet
c4a021185f
docs: typo in permissions (double space)
2018-12-18 13:03:03 +01:00
Tom Christie
2aecef3460
Update kloudless logo
2018-12-18 11:23:08 +00:00
Tom Christie
3453d65655
Update Kloudless logo
2018-12-18 11:18:40 +00:00
Michael D. Hoyle
a64980232a
Add example of gender-neutral language in contributing guide. ( #6358 )
2018-12-17 21:10:39 +01:00
Dan Wilson
ef61288d77
Remove mention of djangorestframework-jwt ( #6353 )
...
Follow-up to https://github.com/encode/django-rest-framework/pull/6138
2018-12-13 21:01:10 +00:00
JerzySpendel
627eeb8202
Add missing comma in documentation of permission composition ( #6336 )
2018-12-07 16:44:57 -05:00
Josh Smith
facb433c89
Remove unmaintained digest authentication package ( #6347 )
...
https://github.com/juanriaza/django-rest-framework-digestauth has not been updated in 5 years and is currently incompatible with the latest DRF ecosystem.
2018-12-06 16:26:40 +00:00
HoangYell
b61806e3b3
add "js-tooltip" class to "POST" button ( #6344 )
...
the tool tip of "POST" button is different from other buttons, since it loses the "js-tooltip" class.
2018-12-03 12:10:05 +00:00
Benjamin Pereto
5a54f897ec
FIX: openapi schema title should be a string not a tuple ( #6259 )
2018-11-28 12:45:26 +00:00
Xavier Ordoquy
11edf572c5
Merge pull request #6299 from encode/xordoquy/fix_composable_permissions
...
Fix composable permissions
2018-11-27 15:47:30 +01:00
Xavier Ordoquy
74574217a4
Fix composable permissions
...
In some cases we end with an operation between two `OperandHolder`.
This didn't work as it didn't knew how to deal with | or &
This fixes by adding those operations.
2018-11-27 15:29:44 +01:00
takaaki shimbo
0f5dfe8b3c
Fix typo in schemas ( #6332 )
...
* Fix typo in generators.py
* Fix typo in inspectors.py
* message line too long
* Change backslash to multiline strings
* Removed trailing whitespace from assertion message
2018-11-26 10:14:59 -08:00
Ryan P Kilby
9b7db8dd69
Travis has released Xenial support ( #6322 )
2018-11-20 23:45:04 -08:00
Tom Christie
2084555fbe
Update Lights On logo
2018-11-16 15:41:38 +00:00
Mice Pápai
d0369b27cd
update docs/api-guide/serializers.md: consistency ( #6320 )
2018-11-15 14:44:54 +00:00
Tom Christie
2c0b2bd44e
Add 'Lights On Software' ( #6319 )
...
* Add 'Lights On Software'
* Fix link
2018-11-15 13:52:24 +00:00
Tom Christie
588c6976d4
Delete lightson.png
2018-11-15 12:06:47 +00:00
Tom Christie
bc36cf5e2b
Lights On
2018-11-15 12:06:18 +00:00
Tom Christie
f73b4896b8
Lights On Software
2018-11-15 12:04:06 +00:00
Stan Fateev
f7d2839562
Typo fix in the release announcement ( #6318 )
2018-11-14 07:50:28 +01:00
Xavier Ordoquy
bf9533ae37
Merge pull request #6286 from markddavidoff/patch-1
...
permissions must return a boolean to allow &/| operator comparison
2018-11-05 16:04:08 +00:00
Stephen Finucane
fae7e91728
docs: Remove references to drf-openapi ( #6272 )
...
This has been EOL'd in favour of drf-yasg [1].
[1] https://github.com/limdauto/drf_openapi/commit/1673c6e0
Signed-off-by: Stephen Finucane <stephen@that.guru>
2018-11-03 15:57:47 +01:00
Tom Snee
d59a130168
Fixes an import statement in chapter 5 of the tutorial. ( #6267 )
2018-11-02 08:48:39 -07:00
ilmucio
40da2a21ef
Update authentication.md ( #6291 )
2018-10-29 15:43:06 -07:00
Mark Davidoff
1f13b6f6b2
use actual user instead of fake user in permission composition test
2018-10-29 10:45:40 -07:00
Zach Wernberg
67e99a29b8
Fix typo in release-notes.md ( #6285 )
2018-10-29 10:03:34 -07:00