Re: Streaming HttpResponse revisted. Any core devs, please take a look if you can :)

I would like to avoid having two code paths, one with streaming and one without, in new middleware. If `HttpResponse` followed the the `streaming_content` API as well, when writing a streaming-aware middleware instead of writing if response.streaming: response.streaming_content = wr

Re: Streaming HttpResponse revisted. Any core devs, please take a look if you can :)

this. On Wed, Nov 28, 2012 at 11:07 AM, Aymeric Augustin wrote: > 2012/11/28 Gavin Wahl >> >> I would like to avoid having two code paths, one with streaming and one >> without, in new middleware. > > > Hi Gavin, > > Could you give an example of a middl

Re: Streaming HttpResponse revisted. Any core devs, please take a look if you can :)

>> - A hypothetical middleware that appends debug information to the end >> of the response. debug-toolbar may be able to work like this. > Looking for the boils down to the same problem as above, and can't be > implemented without consuming the content for the same reason. It can be done, it'

#19076 - TemplateView does not support setting mime type

I know this is last minute, but is there any chance of getting this change in 1.5? It's a simple change, and is necessary now that direct_to_template is gone. https://code.djangoproject.com/ticket/19076 -- You received this message because you are subscribed to the Google Groups "Django devel

Re: Is casting Field.help_text to string in Field.__init__ necessary?

+1. This has been a problem for me too. On Saturday, March 23, 2013 5:16:15 AM UTC-6, Evgeny wrote: > > Hi. > > Is it necessary to cast help_text to string in Field.__init__ there > https://github.com/django/django/blob/master/django/forms/fields.py#L92 ? > I will be eventually displayed as stri

Help with #20378 - Reverse join fails when GenericRelation is defined on an abstract model

I'd like to have a go at fixing this bug, but I'm not sure where to start. The problem seems to be that there's only a single instance of the field per model, so field.model is always the abstract class. I can't see a way to access the concrete class from the field instance. If the field only ha

Testing email settings

I opened a ticket for this but was asked to discuss it on the mailing list. When configuring django to send emails through an SMTP server, there are usually many different settings to try to get it to work. I've written a management command that just sends an email to make testing the settings

Re: enum fields in django

I would definitely use an enum field that used pep 435 enums instead of choices. The implementation as a real enum in postgres and choices on other databases is perfect. I've used a third-party package, https://github.com/hzdg/django-enumfields, to accomplish this in the past. The ability to us

Re: Testing email settings

> Thus, the test sending email is quite unnecessary, I would like a check that connects to the SMTP server (if the emails settings are setup else do nothing) when the application starts. This wouldn't be useful to me at all. For one, it only is defined for an SMTP backend. Also, I wouldn't trust

CSRF_COOKIE_HTTPONLY is misleading and not useful

Ticket #15808 added the CSRF_COOKIE_HTTPONLY setting to set the HttpOnly attribute on the csrftoken cookie. The HttpOnly attribute is intended to prevent accessing a cookie through the DOM interface, only sending it over HTTP. This improves security for session cookies because it prevents XSS attac

Re: CSRF_COOKIE_HTTPONLY is misleading and not useful

> > > Though it could still ajax-in the token from a page that does have it, > right? > Exactly right. -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To unsubscribe from this group and stop receiving em

Re: CSRF_COOKIE_HTTPONLY is misleading and not useful

ack vector. This is just about misleading documentation. On Mon, May 4, 2015 at 5:58 AM, Florian Apolloner wrote: > On Monday, April 20, 2015 at 6:38:55 AM UTC+2, Gavin Wahl wrote: >>> >>> > Though it could still ajax-in the token from a page that does have it, >>> >

CHECK Constraints and migrations

I'm interested in writing a third-party app that allows users to declaratively write check constraints and have them automatically be added and removed by migrations. I'm envisioning being able to attach a list of Q objects to your model, something like: class Meta: checks = [

Re: CHECK Constraints and migrations

t; You can, however, supply custom migration Operation classes that people > could put into their migrations manually, or potentially have some other > way of outputting those migration files with operations in them (a lot of > the code to write them out is re-useable). Hopefully s

Re: CHECK Constraints and migrations

get to a sensible time in Europe on this. > > > > I'm definitely far from the only person who can work on fixing up the > > migration stuff; in fact, I haven't done much to it at all recently and > it's > > been all other people, so if you think

Ticket #23242 -- Approximate date_hierarchy

I'm going to fix ticket #23242 by adding an option to approximate the date_hierarchy options instead of calculating them exactly. The implementation is straightforward but I'm not sure what the interface should be. The basic idea is instead of doing `SELECT DISTINCT date_trunc('year', created_at)

Re: Ticket #23242 -- Approximate date_hierarchy

better than allowing > something like: > > date_hierarchy = ('pub_date', ApproximateWith.YEARS) > > Values that can be string or tuple have contributed to bugs in the past, > but I thought it might be worth proposing. > > On Saturday, August 29, 2015 at 4:50:20 PM

Re: Ticket #23242 -- Approximate date_hierarchy

Is it going to be possible to get this in before the feature freeze? On Thursday, September 10, 2015 at 10:21:29 AM UTC-6, Gavin Wahl wrote: > > The enum seems fine. Where should it be defined? Should the docs mention > the integer values at all, or are you required to use the enum? &g

Re: Making the admin compatible with CSP

I'm very interested in getting this into 1.10. I can devote some time to it to help. When I looked at it before, based on the time I had available, it didn't seem feasible for me to remove every single inline script. Especially with form widgets that include templated javascript. Instead I was

Re: Making the admin compatible with CSP

> Having looked around my solution is to output the json string with {{ json_string|escapejs }}. > Then in the javascript call JSON.parse twice > JSON.parse(JSON.parse('"' + jsonString + '"')); That doesn't seem nice at all. Is there any objection to putting the json filter from django-argonauts

Re: Making the admin compatible with CSP

> it was too hard to do a generic one that could be used everywhere The tag in argonauts works in HTML4, HTML5, and XHTML content, with or without CDATA tags. The only place you cant use it is inside an [X]HTML attribute. -- You received this message because you are subscribed to the Google G

Re: makemigrations --exit; exit status feels backwards from conventions

In your case, successfully creating a migration indicates a failure. Why do you object to using a ! to communicate this? ! ./manage.py makemigrations -- You received this message because you are subscribed to the Google Groups "Django developers (Contributions to Django itself)" group. To uns

Re: FK constraints are not checked at the end of nested atomic blocks

What does it even mean for constraints to be checked at savepoint commit? I would expect this to not cause any errors: with atomic(): # insert invalid fk with atomic(check_deferred_constraints=True): # do stuff that doesn't invalidate any contraints # delet

Re: FK constraints are not checked at the end of nested atomic blocks

lated. Wouldn't a standalone way to check deferred constraints be more useful? On Wed, Dec 30, 2015 at 4:23 PM, Shai Berger wrote: > Hi, > > On Tuesday 29 December 2015 19:40:44 Gavin Wahl wrote: > > What does it even mean for constraints to be checked at savepoint > commit

Re: Username Independence in Auth Forms

> The current code assumes that if you write a custom model, you'll also write the corresponding custom forms. Right. This is what I am proposing be fixed. On Mon, Jun 3, 2013 at 12:31 PM, Aymeric Augustin < aymeric.augus...@polytechnique.org> wrote: > On 3 juin 2013, at 20:01, gavinw...@gmail.

Re: Feature request: New middleware method for "universal" decoration

I really like the idea of implementing this as a url pattern decorator. This seems similar to Alex Gaynor's talk about everything being a view. It's more flexible than a middleware because you can decorate any part of the urls tree, such as the patterns for a single reusable app. urls = decora

Re: modelformset_factory and unique_together don't always validate unique fields

The problem is when a subset of the fields in a unique_together constraint are in the form. On Thu, Jul 3, 2014 at 11:48 AM, Florian Apolloner wrote: > > > On Thursday, July 3, 2014 3:03:25 PM UTC+2, Jon Dufresne wrote: >> >> > Also, even if we find a place to show >> > the errors, the user is

Re: Modify get_or_create() to use field lookups parameters for values

That is how it works now. On Sat, Jul 26, 2014 at 6:38 AM, Mattias Linnap wrote: > One way to make it work in presence of field lookups would be to demand > that the full values of mandatory fields must be present in the defaults > dictionary. > > For example: > Model.objects.get_or_create(name

Re: Proposal on Custom Indexes - Google Summer of Code

Would you be able to support partial indexes as well? On Tuesday, March 8, 2016 at 7:46:02 AM UTC-7, akki wrote: > > Hi > > My name is Akshesh Doshi (akki). I am a student at Indian Institute Of > Technology, Roorkee (IITR). I have been contributing to Django >

Re: Table Locks and bulk creating inherited models

> with MyModel.objects.lock(): > ... do stuff ... This is misleading as it implies the lock is released when the context manager exists, but in postgres at least the lock will be held until the end of the transaction. What advantage does implementing an ORM API for table locking ha

Re: Table Locks and bulk creating inherited models

I don't think any abstraction is possible. Postgres has 8 different table-level locking modes, in addition to advisory locks and 4 row-level lock modes. I would say any attempt to abstract that would remove functionality, and that would not be convenient. We are already suffering from an over-abst

Re: Time based one time password and django ?

I have a project that implements TOTP and U2F as a third-party package: https://github.com/gavinwahl/django-u2f On Sunday, January 15, 2017 at 3:47:56 AM UTC-7, ludovic coues wrote: > > Hello, > > After reading the recent thread on authentification in django, I > wondered about the chance of ge