Opened 5 years ago

Closed 5 years ago

#12198 closed (fixed)

CSRF changes not noted on backwards incompatible page

Reported by: shadfc Owned by: nobody
Component: Documentation Version: 1.1
Severity: Keywords:
Cc: Triage Stage: Unreviewed
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:

Description

They are not strictly backward incompatible, but a django update which included the CSRF changes did break my login page. I had a custom template and didn't have the {% csrf_token %} tag, so I got a nice/nasty error when trying to login.

Change History (5)

comment:1 Changed 5 years ago by lukeplant

  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Resolution set to invalid
  • Status changed from new to closed

Which page are you referring to? BackwardsIncompatibleChanges is not the place for that kind of thing — it clearly says "If you're already running Django 1.0, you need not worry about anything on this page" at the top.

The only place we have for this kind of thing at the moment is release notes. The beginnings of the release notes for 1.2 do include the CSRF changes: http://code.djangoproject.com/browser/django/trunk/docs/releases/1.2-alpha.txt

Perhaps we need another place for this kind of thing. It might be a compilation of the "backwards incompatible" section of release notes or something like that. I'm going to close this as INVALID, but suggest you bring this up on django-dev. Perhaps the solution is to create a wiki page with notes for people following trunk.

comment:2 Changed 5 years ago by anonymous

I was under the impression that the FutureBackwardsImcompatible page might be the place for this.

comment:3 Changed 5 years ago by shadfc

Sorry, that should have been FutureBackwardsIncompatibleChanges

comment:4 Changed 5 years ago by lukeplant

  • Resolution invalid deleted
  • Status changed from closed to reopened

This is actually a documentation bug - http://docs.djangoproject.com/en/dev/releases/ clearly says that BackwardsIncompatibleChanges contains the information you were looking for, but it doesn't. That needs to be fixed, I've started a thread on django-dev about this.

comment:5 Changed 5 years ago by lukeplant

  • Resolution set to fixed
  • Status changed from reopened to closed

(In [11738]) Fixed #12198 - CSRF changes not clearly noted in docs.

The docs no longer unhelpfully point to BackwardsIncompatibleChanges,
and instead a section has been added to help those upgrading and
those following trunk. Tentative 1.2 release notes added.

Note: See TracTickets for help on using tickets.
Back to Top