mirror
/
wagtail
kopia lustrzana https://github.com/wagtail/wagtail
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność
8 772 Commity
55 Gałęzie
256 Tagi
3,4 GiB
Wykres commitów

8772 Commity (9bba692d0108e650d5e5ef4ef947e69b61adddb9)

Autor SHA1 Wiadomość Data
Abdulmalik Abdulwahab 23052e636e show revision unschedule button to only users with permission 2018-07-06 16:58:40 +01:00
Abdulmalik Abdulwahab 3e1511d362 add can_unschedule to PagePermissionTester 2018-07-06 16:58:40 +01:00
Abdulmalik Abdulwahab 254092e595 Change the user permission check on revisions unschedule to can_publish 2018-07-06 16:58:40 +01:00
Abdulmalik Abdulwahab e616d11bdc Failing test for unschedule for unpublished pages 2018-07-06 16:58:39 +01:00
Karl Hobley c22321ee75
Merge pull request #4593 from kaedroho/update-search-query-classes 
Update search query classes for RFC 25
 2018-07-05 17:15:11 +01:00
Karl Hobley fa1d572644 Minor python optimisation 2018-07-05 12:14:48 +01:00
Karl Hobley 8b4f64e2f1 Merge branch 'master' into update-search-query-classes 2018-07-05 12:10:51 +01:00
Matt Westcott 4f07f228b2 Fill in release date for 2.1.1 2018-07-04 15:36:49 +01:00
Matt Westcott 1fd111cf6a Fill in release date for 1.13.2 2018-07-04 15:36:08 +01:00
Matt Westcott 815b58fbda Fill in release date for 1.12.4 2018-07-04 15:36:07 +01:00
Matt Westcott 783b128fa2 Release note for #4496 in 2.1.1 2018-07-03 17:34:49 +01:00
Matt Westcott 048a4e83f1 Release note for #4496 in 1.13.2 2018-07-03 17:34:49 +01:00
Matt Westcott 7eab2ae793 Release note for #4496 in 1.12.4 2018-07-03 17:34:48 +01:00
Matt Westcott ce4cd82bd9 Release note for #4496 in 2.2 2018-07-03 16:59:01 +01:00
Matt Westcott 879239b02c Reject null characters in redirect URLs 2018-07-03 16:55:59 +01:00
Matt Westcott 3aff9f76e4 Revert "Strip Unicode NULL chars when normalizing paths" 
This reverts commit 882f8f3cf8.

Conflicts:
	CHANGELOG.txt
	CONTRIBUTORS.rst
	docs/releases/2.2.rst
 2018-07-03 16:45:27 +01:00
Matt Westcott 9ef8ee2d7f Release note for #4553 in 2.1.1 2018-07-03 16:10:59 +01:00
Matt Westcott b329ed4b65 Release note for #4553 in 1.12.4 2018-07-03 16:10:21 +01:00
Matt Westcott 55ddab6d14 Release note for #4553 in 1.13.x 2018-07-03 16:10:12 +01:00
Matt Westcott ed9a3a2d69 Pass all necessary template context to chooser view after upload validation error 
Fixes #4548
 2018-07-03 15:26:28 +01:00
Matt Westcott b4a2e13cb0 Copy 1.13.2 release notes to master 2018-06-29 15:37:58 +01:00
Matt Westcott 6c3431580a Release note for #4480 in 1.12.4 2018-06-29 15:37:30 +01:00
Matt Westcott 1a4046a676 Copy 1.12.4 release notes to master 2018-06-29 15:36:43 +01:00
Tom Dyson ee661ab6f8 README rewrite (#4372) 2018-06-28 17:27:55 +01:00
Matt Westcott 06d8fb0f63 Add guideline on the use of British vs American English 2018-06-27 20:39:08 +01:00
acrewdson 882f8f3cf8 Strip Unicode NULL chars when normalizing paths 
After migrating a Wagtail-based site from MySQL to Postgres, we
noticed that malicious requests to the site that included percent-
encoded Unicode NULLs (`%00`) raised a `ValueError` exception that we
hadn't seen when using MySQL: `A string literal cannot contain NUL
(0x00) characters.` This appears to relate to `psycopg2`'s decision to
raise an exception in these situations, as discussed here:

    https://github.com/psycopg/psycopg2/issues/420

While newer versions of Django appear to provide some field validation
that addresses these characters, it doesn't look like Wagtail's
redirect middleware is making use of those validators, and so it seemed
reasonable to clean these characters in the context of 'normalizing'
the paths before looking for corresponding redirects -- especially
since a quick investigation on the internet suggests that U+0000 in
URLs can be used as a means of attack, and also since RFC 3986 says:

   Note, however, that the "%00" percent-encoding (NUL) may require
   special handling and should be rejected if the application is not
   expecting to receive raw data within a component.
 2018-06-27 11:19:36 -04:00
Matt Westcott 0129e4ce77 Release note for #4648 2018-06-21 12:05:26 +01:00
Abdulmalik Abdulwahab d5afeab48e return none if page specific_class is not set in PageTypeField to_representation 2018-06-21 10:12:44 +01:00
Abdulmalik Abdulwahab d33a00aa49 Write a failing test for missing page model 2018-06-21 09:44:06 +01:00
Matt Westcott ac84cea671 Add release note for #4612 in 2.1.1 2018-06-20 17:30:26 +01:00
Matt Westcott fee77469b3 Release note for #4583 2018-06-20 15:57:29 +01:00
Matt Westcott d9d1529cc0 Convert the document chooser modal to use static onload handlers 2018-06-20 15:35:41 +01:00
Matt Westcott 630a887d58 Convert the embed chooser modal to use static onload handlers 2018-06-20 15:35:41 +01:00
Matt Westcott bbffeca771 Convert the page/collection privacy modal to use static onload handlers 2018-06-20 15:35:41 +01:00
Matt Westcott e68478777d Deprecate passing JS templates to render_modal_workflow 2018-06-20 15:35:41 +01:00
Matt Westcott 8ea95c5841 Convert the search query chooser to use static onload handlers 2018-06-20 15:35:40 +01:00
Matt Westcott 074d9ce3f4 Convert the snippet chooser to use static onload handlers 2018-06-20 15:35:40 +01:00
Matt Westcott af93a28c86 Handle modal-workflow responses as JSON whenever no JS onload handler is supplied 2018-06-20 15:35:40 +01:00
Matt Westcott 0ebf393b31 Convert the page/link chooser to use static onload handlers 2018-06-20 15:35:40 +01:00
Matt Westcott aa9de4758f Use static onload handlers in the image chooser modal 
Instead of passing an 'onload' JS function as part of the AJAX response for each step of the workflow,
we specify all onload handlers up-front when initialising ModalWorkflow, and return a 'step' field
in the response to indicate which one to trigger.
 2018-06-20 15:35:39 +01:00
Matt Westcott 87c247faa1 Use double-quotes in modal_workflow responses for JSON-consistency 2018-06-20 15:35:39 +01:00
Matt Westcott 8b3d3a7af8 Reorganise getChooserConfig for clarity 2018-06-20 15:35:39 +01:00
Matt Westcott afc6d1482b Eliminate template tags from embed chooser JS 2018-06-20 15:35:39 +01:00
Matt Westcott a5a3e0251f Eliminate template tags from snippet chooser JS 2018-06-20 15:35:38 +01:00
Matt Westcott 568928215e Eliminate template tags from privacy setting view JS 2018-06-20 15:35:38 +01:00
Matt Westcott 206e186f57 Eliminate template tags from image chooser JS 2018-06-20 15:35:38 +01:00
Matt Westcott b54846089b Eliminate template tags from document choooser JS 2018-06-20 15:35:38 +01:00
Matt Westcott 61a04dfb5e Support additional data in render_modal_workflow responses 
This allows us to eliminate template tags in JS handlers, since
dynamic data can now be passed in rather than injected.
 2018-06-20 15:35:38 +01:00
Bertrand Bordage 0a50aaf130 Typo. 2018-06-20 15:33:49 +02:00
Bertrand Bordage 806ba75497 Adds release notes for #4508. 2018-06-20 15:31:55 +02:00