Search.setIndex({"alltitles": {"!= operator": [[193, "id1"]], "%()s syntax in ModelFormMixin.success_url": [[327, "foo-s-syntax-in-modelformmixin-success-url"]], "**extra": [[184, "id8"]], "*args and **kwargs support for template tag helper functions": [[267, "args-and-kwargs-support-for-template-tag-helper-functions"]], ".po files: Encoding and BOM usage.": [[576, null]], "1.0 release": [[525, "id20"]], "1.1 release": [[525, "id19"]], "1.10": [[58, "deprecation-removed-in-1-10"]], "1.10 release": [[525, "id10"]], "1.11 release": [[525, "id9"]], "1.2 release": [[525, "id18"]], "1.3": [[58, "deprecation-removed-in-1-3"]], "1.3 release": [[525, "id17"]], "1.4": [[58, "deprecation-removed-in-1-4"]], "1.4 release": [[525, "id16"]], "1.5": [[58, "deprecation-removed-in-1-5"]], "1.5 release": [[525, "id15"]], "1.6": [[58, "deprecation-removed-in-1-6"]], "1.6 release": [[525, "id14"]], "1.7": [[58, "deprecation-removed-in-1-7"]], "1.7 release": [[525, "id13"]], "1.8": [[58, "deprecation-removed-in-1-8"]], "1.8 release": [[525, "id12"]], "1.9": [[58, "deprecation-removed-in-1-9"]], "1.9 release": [[525, "id11"]], "2.0": [[58, "deprecation-removed-in-2-0"]], "2.0 release": [[525, "id8"]], "2.1": [[58, "deprecation-removed-in-2-1"]], "2.1 release": [[525, "id7"]], "2.2 release": [[525, "id6"]], "3.0": [[58, "deprecation-removed-in-3-0"]], "3.0 release": [[525, "id5"]], "3.1": [[58, "deprecation-removed-in-3-1"]], "3.1 release": [[525, "id4"]], "3.2 release": [[525, "id3"]], "4.0": [[58, "deprecation-removed-in-4-0"]], "4.0 release": [[525, "id2"]], "4.1": [[58, "deprecation-removed-in-4-1"]], "4.1 release": [[525, "id1"]], "4.2 release": [[525, "release"]], "404 errors": [[31, "errors"]], "5.0": [[58, "deprecation-removed-in-5-0"]], "5.1": [[58, "deprecation-removed-in-5-1"]], "< operator": [[193, "id2"]], "<= operator": [[193, "id4"]], " does \u2013 why doesn\u2019t Django?": [[3, "framework-x-does-feature-y-why-doesn-t-django"]], "= as comparison operator in if template tag": [[327, "as-comparison-operator-in-if-template-tag"]], "== operator": [[193, "operator"]], "> operator": [[193, "id3"]], ">= operator": [[193, "id5"]], "A better solution": [[538, "a-better-solution"]], "A bilateral transformer example": [[14, "a-bilateral-transformer-example"]], "A complex example": [[151, "a-complex-example"]], "A database\u2019s more advanced comparison functions": [[553, "a-database-s-more-advanced-comparison-functions"]], "A dynamic admin interface: it\u2019s not just scaffolding \u2013 it\u2019s the whole house": [[69, "a-dynamic-admin-interface-it-s-not-just-scaffolding-it-s-the-whole-house"]], "A few suggestions": [[16, "a-few-suggestions"]], "A full example": [[528, "a-full-example"], [563, "a-full-example"]], "A lookup example": [[14, "a-lookup-example"]], "A quick overview": [[18, "a-quick-overview"]], "A shortcut: get_object_or_404()": [[73, "a-shortcut-get-object-or-404"]], "A shortcut: render()": [[73, "a-shortcut-render"]], "A simple example": [[151, "a-simple-example"]], "A simple view": [[572, "a-simple-view"]], "A test for a view": [[75, "a-test-for-a-view"]], "A transformer example": [[14, "a-transformer-example"]], "ABSOLUTE_URL_OVERRIDES": [[189, "absolute-url-overrides"]], "ACos": [[175, "acos"]], "ADMINS": [[189, "admins"]], "ADMINS and MANAGERS": [[24, "admins-and-managers"]], "ADMIN_FOR setting": [[315, "admin-for-setting"]], "ALLOWED_HOSTS": [[24, "allowed-hosts"], [189, "allowed-hosts"]], "ALLOWED_HOSTS required in production": [[290, "allowed-hosts-required-in-production"]], "AND (&)": [[184, "and"]], "API Reference": [[111, "api-reference"], [115, "api-reference"], [168, null]], "API reference": [[85, "api-reference"]], "API stability": [[80, null]], "APIs marked as internal": [[80, "apis-marked-as-internal"]], "APPEND_SLASH": [[189, "append-slash"]], "APPEND_SLASH behavior has been updated": [[205, "append-slash-behavior-has-been-updated"]], "APP_DIRS": [[189, "app-dirs"]], "ASGI support": [[420, "asgi-support"]], "ASin": [[175, "asin"]], "ATOMIC_REQUESTS": [[189, "atomic-requests"]], "ATan": [[175, "atan"]], "ATan2": [[175, "atan2"]], "AUTHENTICATION_BACKENDS": [[189, "authentication-backends"]], "AUTH_PASSWORD_VALIDATORS": [[189, "auth-password-validators"]], "AUTH_PROFILE_MODULE": [[290, "auth-profile-module"]], "AUTH_USER_MODEL": [[189, "auth-user-model"]], "AUTOCOMMIT": [[189, "autocommit"]], "About pip": [[42, "about-pip"]], "About this document": [[160, null], [561, null]], "About this section": [[588, null], [588, null]], "Abs": [[175, "abs"]], "Abstract base classes": [[549, "abstract-base-classes"]], "AbstractUser.first_name max_length increased to 150": [[435, "abstractuser-first-name-max-length-increased-to-150"]], "AbstractUser.last_login allows null values": [[327, "abstractuser-last-login-allows-null-values"]], "AbstractUser.last_name max_length increased to 150": [[361, "abstractuser-last-name-max-length-increased-to-150"]], "AbstractUser.username max_length increased to 150": [[212, "abstractuser-username-max-length-increased-to-150"]], "Abusing BinaryField": [[177, null]], "Accepted": [[50, "accepted"]], "Accepting optional arguments": [[15, "accepting-optional-arguments"]], "Accessing HTTPResponse headers": [[205, "accessing-httpresponse-headers"]], "Accessing method calls": [[195, "accessing-method-calls"]], "Accessing models from other apps": [[580, "accessing-models-from-other-apps"]], "Accessing the cache": [[532, "accessing-the-cache"]], "Accessing the fields from the form": [[160, "accessing-the-fields-from-the-form"]], "Accessing \u201cclean\u201d data": [[160, "accessing-clean-data"]], "Acquiring the token if CSRF_USE_SESSIONS and CSRF_COOKIE_HTTPONLY are False": [[12, "acquiring-the-token-if-csrf-use-sessions-and-csrf-cookie-httponly-are-false"]], "Acquiring the token if CSRF_USE_SESSIONS or CSRF_COOKIE_HTTPONLY is True": [[12, "acquiring-the-token-if-csrf-use-sessions-or-csrf-cookie-httponly-is-true"]], "Actions as ModelAdmin methods": [[99, "actions-as-modeladmin-methods"]], "Actions that provide intermediate pages": [[99, "actions-that-provide-intermediate-pages"]], "Activating middleware": [[568, "activating-middleware"]], "Activating models": [[72, "activating-models"]], "Actually rolling the release": [[60, "actually-rolling-the-release"]], "Add django.contrib.gis to INSTALLED_APPS": [[120, "add-django-contrib-gis-to-installed-apps"]], "AddConstraint": [[171, "addconstraint"]], "AddField": [[171, "addfield"]], "AddIndex": [[171, "addindex"]], "Adding a background-image": [[76, "adding-a-background-image"]], "Adding a deconstruct() method": [[580, "adding-a-deconstruct-method"]], "Adding a message": [[134, "adding-a-message"]], "Adding a password reset feature": [[102, "adding-a-password-reset-feature"]], "Adding actions to the ModelAdmin": [[99, "adding-actions-to-the-modeladmin"]], "Adding additional fields to a formset": [[560, "adding-additional-fields-to-a-formset"]], "Adding annotations": [[554, "adding-annotations"]], "Adding constraints without enforcing validation": [[144, "adding-constraints-without-enforcing-validation"]], "Adding custom validation to the admin": [[102, "adding-custom-validation-to-the-admin"]], "Adding extra context": [[534, "adding-extra-context"]], "Adding extra manager methods": [[548, "adding-extra-manager-methods"]], "Adding extra message tags": [[134, "adding-extra-message-tags"]], "Adding messages in class-based views": [[134, "adding-messages-in-class-based-views"]], "Adding migrations to apps": [[580, "adding-migrations-to-apps"]], "Adding related objects": [[77, "adding-related-objects"]], "Adding support in third-party database backends": [[176, "adding-support-in-third-party-database-backends"]], "Adding views to admin sites": [[102, "adding-views-to-admin-sites"]], "Addition of QuerySet.datetimes()": [[303, "addition-of-queryset-datetimes"]], "Additional form template furniture": [[561, null]], "Additional methods on files attached to objects": [[156, "additional-methods-on-files-attached-to-objects"]], "Additional methods to handle related objects": [[552, "additional-methods-to-handle-related-objects"]], "Additional security topics": [[583, "additional-security-topics"]], "Admin actions": [[99, null]], "Admin actions are no longer collected from base ModelAdmin classes": [[391, "admin-actions-are-no-longer-collected-from-base-modeladmin-classes"]], "Admin changelist searches spanning multi-valued relationships changes": [[487, "admin-changelist-searches-spanning-multi-valued-relationships-changes"]], "Admin history view information leakage": [[265, "admin-history-view-information-leakage"], [284, "admin-history-view-information-leakage"]], "Admin inlines respect user permissions": [[267, "admin-inlines-respect-user-permissions"]], "Admin login redirection strategy": [[315, "admin-login-redirection-strategy"]], "Admin shortcuts support time zones": [[315, "admin-shortcuts-support-time-zones"]], "Admin views _changelist_filters GET parameter": [[303, "admin-views-changelist-filters-get-parameter"]], "Admin \u201cactions\u201d": [[208, "admin-actions"]], "AdminEmailHandler": [[579, "adminemailhandler"]], "AdminSite": [[85, "adminsite"]], "AdminSite attributes": [[102, "adminsite-attributes"]], "AdminSite methods": [[102, "adminsite-methods"]], "AdminSite objects": [[102, "adminsite-objects"]], "Advanced action techniques": [[99, "advanced-action-techniques"]], "Advanced custom template tags": [[18, "advanced-custom-template-tags"]], "Advanced features of TransactionTestCase": [[589, "advanced-features-of-transactiontestcase"]], "Advanced queries": [[173, "advanced-queries"]], "Advanced testing topics": [[589, null]], "Advanced tutorial: How to write reusable apps": [[70, null]], "Advanced usage": [[187, null]], "Advice for new contributors": [[49, null]], "After review": [[56, "after-review"]], "After upstream has changed": [[56, "after-upstream-has-changed"]], "Aggregate Functions": [[109, "aggregate-functions"], [116, "aggregate-functions"]], "Aggregate functions for statistics": [[135, "aggregate-functions-for-statistics"]], "Aggregate methods and modules": [[327, "aggregate-methods-and-modules"]], "Aggregate support": [[208, "aggregate-support"]], "Aggregate() expressions": [[176, "aggregate-expressions"]], "Aggregating annotations": [[540, "aggregating-annotations"]], "Aggregating on empty querysets or groups": [[540, "aggregating-on-empty-querysets-or-groups"]], "Aggregation": [[540, null]], "Aggregation functions": [[184, "aggregation-functions"]], "Aggregations and other QuerySet clauses": [[540, "aggregations-and-other-queryset-clauses"]], "All authentication views": [[529, "all-authentication-views"]], "All code changes": [[54, "all-code-changes"]], "All tickets": [[54, "all-tickets"]], "Allowed HTTP methods": [[564, "allowed-http-methods"]], "Allowed disabling server-side cursors on PostgreSQL": [[222, "allowed-disabling-server-side-cursors-on-postgresql"]], "AlterField": [[171, "alterfield"]], "AlterIndexTogether": [[171, "alterindextogether"]], "AlterModelManagers": [[171, "altermodelmanagers"]], "AlterModelOptions": [[171, "altermodeloptions"]], "AlterModelTable": [[171, "altermodeltable"]], "AlterModelTableComment": [[171, "altermodeltablecomment"]], "AlterOrderWithRespectTo": [[171, "alterorderwithrespectto"]], "AlterUniqueTogether": [[171, "alteruniquetogether"]], "Altering settings at runtime": [[585, "altering-settings-at-runtime"]], "Alternative software implementations": [[582, "alternative-software-implementations"]], "Alternatives to Django\u2019s template language": [[582, "alternatives-to-django-s-template-language"]], "Always refer to the documentation that corresponds to the\nversion of Django you\u2019re using!": [[68, null]], "Amend URLconf": [[74, "amend-urlconf"]], "Amend views": [[74, "amend-views"]], "An alternative better solution": [[538, "an-alternative-better-solution"]], "An example": [[57, "an-example"], [148, "an-example"], [550, "an-example"], [555, "an-example"]], "An example of clickjacking": [[98, "an-example-of-clickjacking"]], "An improved ORM": [[204, "an-improved-orm"]], "AnonymousUser object": [[104, "anonymoususer-object"]], "App names": [[154, "app-names"]], "App registry consistency": [[315, "app-registry-consistency"]], "App-loading changes": [[315, "app-loading-changes"]], "App-loading refactor": [[315, "app-loading-refactor"]], "AppRegistryNotReady": [[155, "appregistrynotready"]], "Application configuration": [[84, "application-configuration"]], "Application names and labels must be unique in\n INSTALLED_APPS": [[189, null]], "Application registry": [[84, "application-registry"]], "Applications": [[84, null]], "Applying ASGI middleware": [[22, "applying-asgi-middleware"]], "Applying WSGI middleware": [[28, "applying-wsgi-middleware"]], "Apps registry is no longer auto-populated when unpickling models outside of Django": [[212, "apps-registry-is-no-longer-auto-populated-when-unpickling-models-outside-of-django"]], "April 11, 2022 - CVE 2022-28346": [[526, "april-11-2022-cve-2022-28346"]], "April 11, 2022 - CVE 2022-28347": [[526, "april-11-2022-cve-2022-28347"]], "April 21, 2014 - CVE 2014-0472": [[526, "april-21-2014-cve-2014-0472"]], "April 21, 2014 - CVE 2014-0473": [[526, "april-21-2014-cve-2014-0473"]], "April 21, 2014 - CVE 2014-0474": [[526, "april-21-2014-cve-2014-0474"]], "April 4, 2017 - CVE 2017-7233": [[526, "april-4-2017-cve-2017-7233"]], "April 4, 2017 - CVE 2017-7234": [[526, "april-4-2017-cve-2017-7234"]], "April 6, 2021 - CVE 2021-28658": [[526, "april-6-2021-cve-2021-28658"]], "Archive of security issues": [[526, null]], "ArchiveIndexView": [[87, "archiveindexview"], [88, "archiveindexview"]], "Archived feature-development work": [[59, "archived-feature-development-work"]], "Area": [[113, "area"], [124, "area"]], "Argon2": [[531, "argon2"]], "Arguments": [[177, "arguments"], [177, "manytomany-arguments"], [570, "arguments"], [570, "id2"]], "ArrayAgg": [[135, "arrayagg"]], "ArrayField": [[138, "arrayfield"]], "ArraySubquery() expressions": [[137, "arraysubquery-expressions"]], "As HTML, locally": [[79, "as-html-locally"]], "AsGML": [[113, "asgml"]], "AsGeoJSON": [[113, "asgeojson"]], "AsKML": [[113, "askml"]], "AsSVG": [[113, "assvg"]], "AsWKB": [[113, "aswkb"]], "AsWKT": [[113, "aswkt"]], "Assertions": [[592, "assertions"]], "Assets and Django Admin": [[562, null]], "Assets as a static definition": [[562, "assets-as-a-static-definition"]], "Assigning unsaved objects to relations raises an error": [[327, "assigning-unsaved-objects-to-relations-raises-an-error"]], "Assignment template tags": [[267, "assignment-template-tags"]], "Associating content with a single site": [[149, "associating-content-with-a-single-site"]], "Associating content with multiple sites": [[149, "associating-content-with-multiple-sites"]], "Assume designer competence": [[81, "assume-designer-competence"]], "Async adapter functions": [[527, "async-adapter-functions"]], "Async safety": [[527, "async-safety"]], "Async views": [[527, "async-views"], [572, "async-views"]], "AsyncRequestFactory": [[589, "asyncrequestfactory"]], "Asynchronous ORM interface": [[487, "asynchronous-orm-interface"]], "Asynchronous class-based views": [[536, "asynchronous-class-based-views"]], "Asynchronous handlers for class-based views": [[487, "asynchronous-handlers-for-class-based-views"]], "Asynchronous queries": [[552, "asynchronous-queries"]], "Asynchronous support": [[85, "asynchronous-support"], [527, null], [532, "asynchronous-support"], [568, "asynchronous-support"]], "Asynchronous views and middleware support": [[435, "asynchronous-views-and-middleware-support"]], "Atom1Feed": [[199, "atom1feed"]], "Attributes": [[15, "attributes"], [104, "attributes"], [172, "attributes"], [186, "attributes"], [186, "id2"], [187, "attributes"], [187, "id3"], [187, "id6"], [188, "attributes"], [191, "attributes"], [589, "attributes"]], "Attributes disabled in markdown when safe mode set": [[267, "attributes-disabled-in-markdown-when-safe-mode-set"]], "Attributes for fields": [[177, "attributes-for-fields"]], "Attributes for fields with relations": [[177, "attributes-for-fields-with-relations"]], "Attributes of BoundField": [[160, "attributes-of-boundfield"]], "Attributes set by application code": [[187, "attributes-set-by-application-code"]], "Attributes set by middleware": [[187, "attributes-set-by-middleware"]], "August 1, 2018 - CVE 2018-14574": [[526, "august-1-2018-cve-2018-14574"]], "August 1, 2019 - CVE 2019-14232": [[526, "august-1-2019-cve-2019-14232"]], "August 1, 2019 - CVE 2019-14233": [[526, "august-1-2019-cve-2019-14233"]], "August 1, 2019 - CVE 2019-14234": [[526, "august-1-2019-cve-2019-14234"]], "August 1, 2019 - CVE 2019-14235": [[526, "august-1-2019-cve-2019-14235"]], "August 13, 2013 - CVE 2013-4249": [[526, "august-13-2013-cve-2013-4249"]], "August 13, 2013 - CVE 2013-6044": [[526, "august-13-2013-cve-2013-6044"]], "August 16, 2006 - CVE 2007-0404": [[526, "august-16-2006-cve-2007-0404"]], "August 18, 2015 - CVE 2015-5963 / CVE 2015-5964": [[526, "august-18-2015-cve-2015-5963-cve-2015-5964"]], "August 20, 2014 - CVE 2014-0480": [[526, "august-20-2014-cve-2014-0480"]], "August 20, 2014 - CVE 2014-0481": [[526, "august-20-2014-cve-2014-0481"]], "August 20, 2014 - CVE 2014-0482": [[526, "august-20-2014-cve-2014-0482"]], "August 20, 2014 - CVE 2014-0483": [[526, "august-20-2014-cve-2014-0483"]], "August 3, 2022 - CVE 2022-36359": [[526, "august-3-2022-cve-2022-36359"]], "August 6, 2024 - CVE 2024-41989": [[526, "august-6-2024-cve-2024-41989"]], "August 6, 2024 - CVE 2024-41990": [[526, "august-6-2024-cve-2024-41990"]], "August 6, 2024 - CVE 2024-41991": [[526, "august-6-2024-cve-2024-41991"]], "August 6, 2024 - CVE 2024-42005": [[526, "august-6-2024-cve-2024-42005"]], "Auth": [[189, "auth"]], "Authenticating against Django\u2019s user database from Apache": [[29, "authenticating-against-django-s-user-database-from-apache"]], "Authenticating users": [[529, "authenticating-users"]], "Authentication Views": [[529, "module-django.contrib.auth.views"]], "Authentication backends": [[104, "module-django.contrib.auth.backends"]], "Authentication data in templates": [[529, "authentication-data-in-templates"]], "Authentication in web requests": [[529, "authentication-in-web-requests"]], "Authentication middleware": [[170, "module-django.contrib.auth.middleware"]], "Authentication with mod_wsgi": [[26, "authentication-with-mod-wsgi"]], "Authorization for anonymous users": [[528, "authorization-for-anonymous-users"]], "Authorization for inactive users": [[528, "authorization-for-inactive-users"]], "Authorization with mod_wsgi and Django groups": [[26, "authorization-with-mod-wsgi-and-django-groups"]], "Auto-escaping considerations": [[18, "auto-escaping-considerations"]], "Auto-generate the models": [[34, "auto-generate-the-models"]], "Auto-incrementing primary keys": [[180, "auto-incrementing-primary-keys"]], "AutoField": [[177, "autofield"]], "Autocommit": [[556, "autocommit"], [556, "managing-autocommit"]], "Autocommit option for PostgreSQL": [[303, "autocommit-option-for-postgresql"]], "Automatic AppConfig discovery": [[450, "automatic-appconfig-discovery"]], "Automatic HTML escaping": [[195, "automatic-html-escaping"]], "Automatic Spatial Transformations": [[130, "automatic-spatial-transformations"]], "Automatic database routing": [[550, "automatic-database-routing"]], "Automatic escaping of template variables": [[204, "automatic-escaping-of-template-variables"]], "Automatic primary key fields": [[549, "automatic-primary-key-fields"]], "Automatic reloading of runserver": [[71, null]], "Automatic typecasting can cause unexpected results": [[153, "automatic-typecasting-can-cause-unexpected-results"]], "Available Meta options": [[183, "available-meta-options"]], "Available authentication backends": [[104, "available-authentication-backends"]], "Available commands": [[154, "available-commands"]], "Available middleware": [[170, "available-middleware"]], "Available settings": [[585, "available-settings"]], "Avg": [[184, "avg"]], "Avoid anything more complex": [[538, "avoid-anything-more-complex"]], "Avoid catching exceptions inside atomic!": [[556, null]], "Avoiding SQL injection": [[176, "avoiding-sql-injection"]], "Avoiding circular imports": [[189, null], [189, null]], "Avoiding disk access for media files": [[591, "avoiding-disk-access-for-media-files"]], "Avoiding race conditions using F()": [[176, "avoiding-race-conditions-using-f"]], "Azimuth": [[113, "azimuth"]], "BACKEND": [[189, "backend"], [189, "std-setting-TEMPLATES-BACKEND"]], "BTreeIndex": [[142, "btreeindex"]], "Backend Support": [[580, "backend-support"]], "Background": [[117, "background"]], "Background theory": [[16, "background-theory"]], "Backslash escaping changed": [[203, "backslash-escaping-changed"]], "Backwards compatibility": [[85, "backwards-compatibility"]], "Backwards incompatible change: .py-tpl files rewritten in project/app templates": [[353, "backwards-incompatible-change-py-tpl-files-rewritten-in-project-app-templates"]], "Backwards incompatible changes": [[210, "backwards-incompatible-changes"], [211, "backwards-incompatible-changes"], [255, "backwards-incompatible-changes"], [256, "backwards-incompatible-changes"], [279, "backwards-incompatible-changes"], [298, "backwards-incompatible-changes"]], "Backwards incompatible changes in 1.10": [[212, "backwards-incompatible-changes-in-1-10"]], "Backwards incompatible changes in 1.11": [[221, "backwards-incompatible-changes-in-1-11"]], "Backwards incompatible changes in 1.4": [[267, "backwards-incompatible-changes-in-1-4"]], "Backwards incompatible changes in 1.5": [[290, "backwards-incompatible-changes-in-1-5"]], "Backwards incompatible changes in 1.6": [[303, "backwards-incompatible-changes-in-1-6"]], "Backwards incompatible changes in 1.7": [[315, "backwards-incompatible-changes-in-1-7"]], "Backwards incompatible changes in 1.8": [[327, "backwards-incompatible-changes-in-1-8"]], "Backwards incompatible changes in 1.9": [[347, "backwards-incompatible-changes-in-1-9"]], "Backwards incompatible changes in 2.0": [[361, "backwards-incompatible-changes-in-2-0"]], "Backwards incompatible changes in 2.1": [[375, "backwards-incompatible-changes-in-2-1"]], "Backwards incompatible changes in 2.2": [[391, "backwards-incompatible-changes-in-2-2"]], "Backwards incompatible changes in 3.0": [[420, "backwards-incompatible-changes-in-3-0"]], "Backwards incompatible changes in 3.1": [[435, "backwards-incompatible-changes-in-3-1"]], "Backwards incompatible changes in 3.2": [[450, "backwards-incompatible-changes-in-3-2"]], "Backwards incompatible changes in 4.0": [[476, "backwards-incompatible-changes-in-4-0"]], "Backwards incompatible changes in 4.1": [[487, "backwards-incompatible-changes-in-4-1"]], "Backwards incompatible changes in 4.2": [[501, "backwards-incompatible-changes-in-4-2"]], "Backwards-incompatible changes": [[203, "backwards-incompatible-changes"], [204, "backwards-incompatible-changes"]], "Backwards-incompatible changes in 1.1": [[208, "backwards-incompatible-changes-in-1-1"]], "Backwards-incompatible changes in 1.1.2": [[209, "backwards-incompatible-changes-in-1-1-2"]], "Backwards-incompatible changes in 1.2": [[251, "backwards-incompatible-changes-in-1-2"]], "Backwards-incompatible changes in 1.3": [[259, "backwards-incompatible-changes-in-1-3"]], "BadRequest": [[155, "badrequest"]], "Base class restrictions": [[549, "base-class-restrictions"]], "Base managers": [[548, "base-managers"]], "Base views": [[86, null]], "Base vs Generic views": [[91, "base-vs-generic-views"]], "Base widget classes": [[167, "base-widget-classes"]], "BaseCommand subclasses": [[15, "basecommand-subclasses"]], "BaseConstraint": [[174, "baseconstraint"]], "BaseDateListView": [[93, "basedatelistview"]], "BaseMemcachedCache._get_memcache_timeout method": [[315, "basememcachedcache-get-memcache-timeout-method"]], "Bash completion": [[154, "bash-completion"]], "Basic configuration": [[29, "basic-configuration"]], "Basic examples": [[536, "basic-examples"]], "Basic file uploads": [[565, "basic-file-uploads"]], "Basic forms": [[535, "basic-forms"]], "Basic logging configuration": [[35, "basic-logging-configuration"]], "Basic testing strategies": [[75, "basic-testing-strategies"]], "Basic usage": [[532, "basic-usage"]], "Basics": [[130, "basics"]], "Be careful with related_name and related_query_name": [[549, "be-careful-with-related-name-and-related-query-name"]], "Be careful with the order of decorators": [[539, null]], "Be careful with this attribute in subclasses.": [[156, null]], "Be decoupled from HTML": [[81, "be-decoupled-from-html"]], "Behavior changes": [[303, "behavior-changes"]], "Behavior of LocMemCache regarding pickle errors": [[315, "behavior-of-locmemcache-regarding-pickle-errors"]], "Behavior of autocommit database option on PostgreSQL changed": [[290, "behavior-of-autocommit-database-option-on-postgresql-changed"]], "Behavior of contrib apps": [[550, "behavior-of-contrib-apps"]], "Behavior of parallel requests": [[134, "behavior-of-parallel-requests"]], "Behavior of syncdb with multiple databases": [[290, "behavior-of-syncdb-with-multiple-databases"]], "Behavior of unbound forms": [[160, "behavior-of-unbound-forms"]], "Behind the scenes": [[18, null], [192, null], [195, null]], "Better exceptions": [[205, "better-exceptions"]], "BigAutoField": [[177, "bigautofield"]], "BigIntegerField": [[177, "bigintegerfield"], [251, "bigintegerfield"]], "BigIntegerRangeField": [[138, "bigintegerrangefield"]], "BinaryField": [[177, "binaryfield"]], "BinaryField model field": [[303, "binaryfield-model-field"]], "Binding uploaded files to a form": [[160, "binding-uploaded-files-to-a-form"]], "Bisecting a regression": [[50, "bisecting-a-regression"]], "BitAnd": [[135, "bitand"]], "BitOr": [[135, "bitor"]], "BitXor": [[135, "bitxor"]], "Black formatting": [[154, "black-formatting"]], "BloomExtension": [[144, "bloomextension"]], "BloomIndex": [[142, "bloomindex"]], "BoolAnd": [[135, "booland"]], "BoolOr": [[135, "boolor"]], "Boolean operators": [[193, "boolean-operators"]], "BooleanField": [[161, "booleanfield"], [177, "booleanfield"]], "BooleanField no longer defaults to False": [[303, "booleanfield-no-longer-defaults-to-false"]], "BooleanField on MySQL": [[251, "booleanfield-on-mysql"]], "Bound and unbound form instances": [[561, "bound-and-unbound-form-instances"]], "Bound and unbound forms": [[160, "bound-and-unbound-forms"]], "BoundField.label_tag now includes the form\u2019s label_suffix": [[303, "boundfield-label-tag-now-includes-the-form-s-label-suffix"]], "BoundingCircle": [[113, "boundingcircle"]], "BrinIndex": [[142, "brinindex"]], "Browser-length sessions vs. persistent sessions": [[569, "browser-length-sessions-vs-persistent-sessions"]], "Browsers that support X-Frame-Options": [[98, "browsers-that-support-x-frame-options"]], "BtreeGinExtension": [[144, "btreeginextension"]], "BtreeGistExtension": [[144, "btreegistextension"]], "Bug fixes": [[304, "bug-fixes"]], "Bug-fix releases": [[64, "bug-fix-releases"]], "Bugfixes": [[213, "bugfixes"], [214, "bugfixes"], [215, "bugfixes"], [216, "bugfixes"], [217, "bugfixes"], [218, "bugfixes"], [219, "bugfixes"], [222, "bugfixes"], [223, "bugfixes"], [225, "bugfixes"], [226, "bugfixes"], [227, "bugfixes"], [229, "bugfixes"], [230, "bugfixes"], [233, "bugfixes"], [234, "bugfixes"], [238, "bugfixes"], [239, "bugfixes"], [240, "bugfixes"], [241, "bugfixes"], [244, "bugfixes"], [245, "bugfixes"], [246, "bugfixes"], [247, "bugfixes"], [248, "bugfixes"], [249, "bugfixes"], [250, "bugfixes"], [271, "bugfixes"], [274, "bugfixes"], [275, "bugfixes"], [276, "bugfixes"], [277, "bugfixes"], [278, "bugfixes"], [286, "bugfixes"], [289, "bugfixes"], [292, "bugfixes"], [293, "bugfixes"], [294, "bugfixes"], [295, "bugfixes"], [297, "bugfixes"], [298, "bugfixes"], [299, "bugfixes"], [300, "bugfixes"], [309, "bugfixes"], [310, "bugfixes"], [311, "bugfixes"], [312, "bugfixes"], [313, "bugfixes"], [314, "bugfixes"], [316, "bugfixes"], [318, "bugfixes"], [319, "bugfixes"], [320, "bugfixes"], [321, "bugfixes"], [322, "bugfixes"], [323, "bugfixes"], [324, "bugfixes"], [326, "bugfixes"], [328, "bugfixes"], [329, "bugfixes"], [331, "bugfixes"], [332, "bugfixes"], [333, "bugfixes"], [336, "bugfixes"], [339, "bugfixes"], [340, "bugfixes"], [341, "bugfixes"], [342, "bugfixes"], [343, "bugfixes"], [344, "bugfixes"], [345, "bugfixes"], [346, "bugfixes"], [348, "bugfixes"], [351, "bugfixes"], [352, "bugfixes"], [353, "bugfixes"], [354, "bugfixes"], [356, "bugfixes"], [357, "bugfixes"], [358, "bugfixes"], [359, "bugfixes"], [360, "bugfixes"], [362, "bugfixes"], [363, "bugfixes"], [365, "bugfixes"], [366, "bugfixes"], [367, "bugfixes"], [368, "bugfixes"], [369, "bugfixes"], [370, "bugfixes"], [371, "bugfixes"], [372, "bugfixes"], [373, "bugfixes"], [374, "bugfixes"], [376, "bugfixes"], [379, "bugfixes"], [380, "bugfixes"], [381, "bugfixes"], [382, "bugfixes"], [383, "bugfixes"], [384, "bugfixes"], [385, "bugfixes"], [386, "bugfixes"], [387, "bugfixes"], [388, "bugfixes"], [389, "bugfixes"], [392, "bugfixes"], [394, "bugfixes"], [395, "bugfixes"], [396, "bugfixes"], [397, "bugfixes"], [398, "bugfixes"], [399, "bugfixes"], [403, "bugfixes"], [407, "bugfixes"], [413, "bugfixes"], [414, "bugfixes"], [415, "bugfixes"], [416, "bugfixes"], [417, "bugfixes"], [418, "bugfixes"], [419, "bugfixes"], [421, "bugfixes"], [422, "bugfixes"], [423, "bugfixes"], [427, "bugfixes"], [428, "bugfixes"], [429, "bugfixes"], [430, "bugfixes"], [431, "bugfixes"], [432, "bugfixes"], [433, "bugfixes"], [434, "bugfixes"], [436, "bugfixes"], [438, "bugfixes"], [442, "bugfixes"], [443, "bugfixes"], [444, "bugfixes"], [445, "bugfixes"], [446, "bugfixes"], [447, "bugfixes"], [448, "bugfixes"], [451, "bugfixes"], [452, "bugfixes"], [455, "bugfixes"], [462, "bugfixes"], [468, "bugfixes"], [469, "bugfixes"], [470, "bugfixes"], [471, "bugfixes"], [472, "bugfixes"], [473, "bugfixes"], [474, "bugfixes"], [475, "bugfixes"], [477, "bugfixes"], [479, "bugfixes"], [480, "bugfixes"], [481, "bugfixes"], [482, "bugfixes"], [488, "bugfixes"], [493, "bugfixes"], [494, "bugfixes"], [495, "bugfixes"], [496, "bugfixes"], [497, "bugfixes"], [498, "bugfixes"], [499, "bugfixes"], [502, "bugfixes"], [504, "bugfixes"], [505, "bugfixes"], [508, "bugfixes"], [512, "bugfixes"], [513, "bugfixes"], [515, "bugfixes"], [517, "bugfixes"], [518, "bugfixes"], [519, "bugfixes"], [520, "bugfixes"], [521, "bugfixes"], [522, "bugfixes"], [523, "bugfixes"], [524, "bugfixes"]], "Bugs": [[54, "bugs"]], "Building a form": [[561, "building-a-form"]], "Building a form in Django": [[561, "building-a-form-in-django"]], "Building from source": [[119, "building-from-source"]], "Building up Django\u2019s generic class-based views": [[538, "building-up-django-s-generic-class-based-views"]], "Building your own": [[192, null]], "Built-in Expressions": [[176, "built-in-expressions"]], "Built-in Field classes": [[161, "built-in-field-classes"]], "Built-in Views": [[201, null]], "Built-in backends": [[588, "module-django.template.backends.django"]], "Built-in class-based generic views": [[534, null]], "Built-in class-based views API": [[91, null]], "Built-in filter reference": [[193, "built-in-filter-reference"]], "Built-in forms": [[529, "module-django.contrib.auth.forms"]], "Built-in tag reference": [[193, "built-in-tag-reference"]], "Built-in template context processors": [[192, "built-in-template-context-processors"]], "Built-in template tags and filters": [[193, null]], "Built-in upload handlers": [[159, "module-django.core.files.uploadhandler"]], "Built-in validators": [[200, "built-in-validators"]], "Built-in variables": [[192, "built-in-variables"]], "Built-in widgets": [[167, "built-in-widgets"]], "Built-in-template form renderers": [[165, "built-in-template-form-renderers"]], "Builtin tags": [[85, "builtin-tags"]], "Bulk behavior of add() method of related managers": [[347, "bulk-behavior-of-add-method-of-related-managers"]], "Bundled serializers": [[569, "bundled-serializers"]], "But I\u2019ve reminded you several times and you keep ignoring my patch!": [[2, "but-i-ve-reminded-you-several-times-and-you-keep-ignoring-my-patch"]], "But this testing thing looks kinda hard\u2026": [[66, null]], "C implementations of Python libraries": [[582, "c-implementations-of-python-libraries"]], "CACHES": [[24, "caches"], [189, "caches"]], "CACHE_MIDDLEWARE_ALIAS": [[189, "cache-middleware-alias"]], "CACHE_MIDDLEWARE_ANONYMOUS_ONLY setting": [[303, "cache-middleware-anonymous-only-setting"]], "CACHE_MIDDLEWARE_KEY_PREFIX": [[189, "cache-middleware-key-prefix"]], "CACHE_MIDDLEWARE_SECONDS": [[189, "cache-middleware-seconds"]], "CHARSET": [[189, "charset"]], "CIText fields": [[138, "citext-fields"]], "CITextExtension": [[144, "citextextension"]], "COLLATION": [[189, "collation"]], "COMMENTS_BANNED_USERS_GROUP setting": [[267, "comments-banned-users-group-setting"]], "CONN_HEALTH_CHECKS": [[189, "conn-health-checks"]], "CONN_MAX_AGE": [[24, "conn-max-age"], [189, "conn-max-age"]], "CREATE_DB": [[189, "create-db"]], "CREATE_USER": [[189, "create-user"]], "CSRF": [[212, "csrf"], [221, "csrf"], [347, "csrf"], [375, "csrf"], [435, "csrf"], [476, "csrf"]], "CSRF Protection": [[251, "csrf-protection"]], "CSRF exception for AJAX requests": [[211, "csrf-exception-for-ajax-requests"], [256, "csrf-exception-for-ajax-requests"]], "CSRF improvements": [[267, "csrf-improvements"]], "CSRF protection bypass on a site with Google Analytics": [[334, "csrf-protection-bypass-on-a-site-with-google-analytics"], [349, "csrf-protection-bypass-on-a-site-with-google-analytics"]], "CSRF protection extended to PUT and DELETE": [[267, "csrf-protection-extended-to-put-and-delete"]], "CSRF protection in reusable applications": [[12, "csrf-protection-in-reusable-applications"]], "CSRF protection middleware": [[170, "csrf-protection-middleware"]], "CSRF response-rewriting middleware": [[251, "csrf-response-rewriting-middleware"]], "CSRF validation now applies to AJAX requests": [[259, "csrf-validation-now-applies-to-ajax-requests"]], "CSRF_COOKIE_AGE": [[189, "csrf-cookie-age"]], "CSRF_COOKIE_DOMAIN": [[189, "csrf-cookie-domain"]], "CSRF_COOKIE_HTTPONLY": [[189, "csrf-cookie-httponly"]], "CSRF_COOKIE_MASKED": [[189, "csrf-cookie-masked"]], "CSRF_COOKIE_MASKED setting": [[487, "csrf-cookie-masked-setting"]], "CSRF_COOKIE_NAME": [[189, "csrf-cookie-name"]], "CSRF_COOKIE_PATH": [[189, "csrf-cookie-path"]], "CSRF_COOKIE_SAMESITE": [[189, "csrf-cookie-samesite"]], "CSRF_COOKIE_SECURE": [[24, "csrf-cookie-secure"], [189, "csrf-cookie-secure"]], "CSRF_FAILURE_VIEW": [[189, "csrf-failure-view"]], "CSRF_HEADER_NAME": [[189, "csrf-header-name"]], "CSRF_TRUSTED_ORIGINS": [[189, "csrf-trusted-origins"]], "CSRF_TRUSTED_ORIGINS changes": [[476, "csrf-trusted-origins-changes"]], "CSRF_USE_SESSIONS": [[189, "csrf-use-sessions"]], "CSS class names in admin forms": [[267, "css-class-names-in-admin-forms"]], "CVE-2016-2512: Malicious redirect and possible XSS attack via user-supplied redirect URLs containing basic auth": [[329, "cve-2016-2512-malicious-redirect-and-possible-xss-attack-via-user-supplied-redirect-urls-containing-basic-auth"], [354, "cve-2016-2512-malicious-redirect-and-possible-xss-attack-via-user-supplied-redirect-urls-containing-basic-auth"]], "CVE-2016-2513: User enumeration through timing difference on password hasher work factor upgrade": [[329, "cve-2016-2513-user-enumeration-through-timing-difference-on-password-hasher-work-factor-upgrade"], [354, "cve-2016-2513-user-enumeration-through-timing-difference-on-password-hasher-work-factor-upgrade"]], "CVE-2017-12794: Possible XSS in traceback section of technical 500 debug page": [[220, "cve-2017-12794-possible-xss-in-traceback-section-of-technical-500-debug-page"], [246, "cve-2017-12794-possible-xss-in-traceback-section-of-technical-500-debug-page"]], "CVE-2017-7233: Open redirect and possible XSS attack via user-supplied numeric redirect URLs": [[219, "cve-2017-7233-open-redirect-and-possible-xss-attack-via-user-supplied-numeric-redirect-urls"], [337, "cve-2017-7233-open-redirect-and-possible-xss-attack-via-user-supplied-numeric-redirect-urls"], [352, "cve-2017-7233-open-redirect-and-possible-xss-attack-via-user-supplied-numeric-redirect-urls"]], "CVE-2017-7234: Open redirect vulnerability in django.views.static.serve()": [[219, "cve-2017-7234-open-redirect-vulnerability-in-django-views-static-serve"], [337, "cve-2017-7234-open-redirect-vulnerability-in-django-views-static-serve"], [352, "cve-2017-7234-open-redirect-vulnerability-in-django-views-static-serve"]], "CVE-2018-14574: Open redirect possibility in CommonMiddleware": [[228, "cve-2018-14574-open-redirect-possibility-in-commonmiddleware"], [373, "cve-2018-14574-open-redirect-possibility-in-commonmiddleware"]], "CVE-2018-16984: Password hash disclosure to \u201cview only\u201d admin users": [[383, "cve-2018-16984-password-hash-disclosure-to-view-only-admin-users"]], "CVE-2018-6188: Information leakage in AuthenticationForm": [[223, "cve-2018-6188-information-leakage-in-authenticationform"], [367, "cve-2018-6188-information-leakage-in-authenticationform"]], "CVE-2018-7536: Denial-of-service possibility in urlize and urlizetrunc template filters": [[224, "cve-2018-7536-denial-of-service-possibility-in-urlize-and-urlizetrunc-template-filters"], [338, "cve-2018-7536-denial-of-service-possibility-in-urlize-and-urlizetrunc-template-filters"], [368, "cve-2018-7536-denial-of-service-possibility-in-urlize-and-urlizetrunc-template-filters"]], "CVE-2018-7537: Denial-of-service possibility in truncatechars_html and truncatewords_html template filters": [[224, "cve-2018-7537-denial-of-service-possibility-in-truncatechars-html-and-truncatewords-html-template-filters"], [338, "cve-2018-7537-denial-of-service-possibility-in-truncatechars-html-and-truncatewords-html-template-filters"], [368, "cve-2018-7537-denial-of-service-possibility-in-truncatechars-html-and-truncatewords-html-template-filters"]], "CVE-2019-12308: AdminURLFieldWidget XSS": [[235, "cve-2019-12308-adminurlfieldwidget-xss"], [390, "cve-2019-12308-adminurlfieldwidget-xss"], [403, "cve-2019-12308-adminurlfieldwidget-xss"]], "CVE-2019-12781: Incorrect HTTP detection with reverse-proxy connecting via HTTPS": [[236, "cve-2019-12781-incorrect-http-detection-with-reverse-proxy-connecting-via-https"], [377, "cve-2019-12781-incorrect-http-detection-with-reverse-proxy-connecting-via-https"], [413, "cve-2019-12781-incorrect-http-detection-with-reverse-proxy-connecting-via-https"]], "CVE-2019-14232: Denial-of-service possibility in django.utils.text.Truncator": [[237, "cve-2019-14232-denial-of-service-possibility-in-django-utils-text-truncator"], [378, "cve-2019-14232-denial-of-service-possibility-in-django-utils-text-truncator"], [414, "cve-2019-14232-denial-of-service-possibility-in-django-utils-text-truncator"]], "CVE-2019-14233: Denial-of-service possibility in strip_tags()": [[237, "cve-2019-14233-denial-of-service-possibility-in-strip-tags"], [378, "cve-2019-14233-denial-of-service-possibility-in-strip-tags"], [414, "cve-2019-14233-denial-of-service-possibility-in-strip-tags"]], "CVE-2019-14234: SQL injection possibility in key and index lookups for JSONField/HStoreField": [[237, "cve-2019-14234-sql-injection-possibility-in-key-and-index-lookups-for-jsonfield-hstorefield"], [378, "cve-2019-14234-sql-injection-possibility-in-key-and-index-lookups-for-jsonfield-hstorefield"], [414, "cve-2019-14234-sql-injection-possibility-in-key-and-index-lookups-for-jsonfield-hstorefield"]], "CVE-2019-14235: Potential memory exhaustion in django.utils.encoding.uri_to_iri()": [[237, "cve-2019-14235-potential-memory-exhaustion-in-django-utils-encoding-uri-to-iri"], [378, "cve-2019-14235-potential-memory-exhaustion-in-django-utils-encoding-uri-to-iri"], [414, "cve-2019-14235-potential-memory-exhaustion-in-django-utils-encoding-uri-to-iri"]], "CVE-2019-19118: Privilege escalation in the Django admin.": [[382, "cve-2019-19118-privilege-escalation-in-the-django-admin"], [418, "cve-2019-19118-privilege-escalation-in-the-django-admin"]], "CVE-2019-19844: Potential account hijack via password reset form": [[241, "cve-2019-19844-potential-account-hijack-via-password-reset-form"], [419, "cve-2019-19844-potential-account-hijack-via-password-reset-form"], [421, "cve-2019-19844-potential-account-hijack-via-password-reset-form"]], "CVE-2019-3498: Content spoofing possibility in the default 404 page": [[231, "cve-2019-3498-content-spoofing-possibility-in-the-default-404-page"], [363, "cve-2019-3498-content-spoofing-possibility-in-the-default-404-page"], [386, "cve-2019-3498-content-spoofing-possibility-in-the-default-404-page"]], "CVE-2019-6975: Memory exhaustion in django.utils.numberformat.format()": [[232, "cve-2019-6975-memory-exhaustion-in-django-utils-numberformat-format"], [364, "cve-2019-6975-memory-exhaustion-in-django-utils-numberformat-format"], [387, "cve-2019-6975-memory-exhaustion-in-django-utils-numberformat-format"]], "CVE-2020-13254: Potential data leakage via malformed memcached keys": [[396, "cve-2020-13254-potential-data-leakage-via-malformed-memcached-keys"], [432, "cve-2020-13254-potential-data-leakage-via-malformed-memcached-keys"]], "CVE-2020-13596: Possible XSS via admin ForeignKeyRawIdWidget": [[396, "cve-2020-13596-possible-xss-via-admin-foreignkeyrawidwidget"], [432, "cve-2020-13596-possible-xss-via-admin-foreignkeyrawidwidget"]], "CVE-2020-24583: Incorrect permissions on intermediate-level directories on Python 3.7+": [[399, "cve-2020-24583-incorrect-permissions-on-intermediate-level-directories-on-python-3-7"], [422, "cve-2020-24583-incorrect-permissions-on-intermediate-level-directories-on-python-3-7"], [436, "cve-2020-24583-incorrect-permissions-on-intermediate-level-directories-on-python-3-7"]], "CVE-2020-24584: Permission escalation in intermediate-level directories of the file system cache on Python 3.7+": [[399, "cve-2020-24584-permission-escalation-in-intermediate-level-directories-of-the-file-system-cache-on-python-3-7"], [422, "cve-2020-24584-permission-escalation-in-intermediate-level-directories-of-the-file-system-cache-on-python-3-7"], [436, "cve-2020-24584-permission-escalation-in-intermediate-level-directories-of-the-file-system-cache-on-python-3-7"]], "CVE-2020-7471: Potential SQL injection via StringAgg(delimiter)": [[242, "cve-2020-7471-potential-sql-injection-via-stringagg-delimiter"], [393, "cve-2020-7471-potential-sql-injection-via-stringagg-delimiter"], [428, "cve-2020-7471-potential-sql-injection-via-stringagg-delimiter"]], "CVE-2020-9402: Potential SQL injection via tolerance parameter in GIS functions and aggregates on Oracle": [[243, "cve-2020-9402-potential-sql-injection-via-tolerance-parameter-in-gis-functions-and-aggregates-on-oracle"], [394, "cve-2020-9402-potential-sql-injection-via-tolerance-parameter-in-gis-functions-and-aggregates-on-oracle"], [429, "cve-2020-9402-potential-sql-injection-via-tolerance-parameter-in-gis-functions-and-aggregates-on-oracle"]], "CVE-2021-23336: Web cache poisoning via django.utils.http.limited_parse_qsl()": [[402, "cve-2021-23336-web-cache-poisoning-via-django-utils-http-limited-parse-qsl"], [425, "cve-2021-23336-web-cache-poisoning-via-django-utils-http-limited-parse-qsl"], [447, "cve-2021-23336-web-cache-poisoning-via-django-utils-http-limited-parse-qsl"]], "CVE-2021-28658: Potential directory-traversal via uploaded files": [[404, "cve-2021-28658-potential-directory-traversal-via-uploaded-files"], [426, "cve-2021-28658-potential-directory-traversal-via-uploaded-files"], [448, "cve-2021-28658-potential-directory-traversal-via-uploaded-files"]], "CVE-2021-31542: Potential directory-traversal via uploaded files": [[405, "cve-2021-31542-potential-directory-traversal-via-uploaded-files"], [449, "cve-2021-31542-potential-directory-traversal-via-uploaded-files"], [451, "cve-2021-31542-potential-directory-traversal-via-uploaded-files"]], "CVE-2021-32052: Header injection possibility since URLValidator accepted newlines in input on Python 3.9.5+": [[406, "cve-2021-32052-header-injection-possibility-since-urlvalidator-accepted-newlines-in-input-on-python-3-9-5"], [437, "cve-2021-32052-header-injection-possibility-since-urlvalidator-accepted-newlines-in-input-on-python-3-9-5"], [462, "cve-2021-32052-header-injection-possibility-since-urlvalidator-accepted-newlines-in-input-on-python-3-9-5"]], "CVE-2021-3281: Potential directory-traversal via archive.extract()": [[401, "cve-2021-3281-potential-directory-traversal-via-archive-extract"], [424, "cve-2021-3281-potential-directory-traversal-via-archive-extract"], [446, "cve-2021-3281-potential-directory-traversal-via-archive-extract"]], "CVE-2021-33203: Potential directory traversal via admindocs": [[408, "cve-2021-33203-potential-directory-traversal-via-admindocs"], [439, "cve-2021-33203-potential-directory-traversal-via-admindocs"], [470, "cve-2021-33203-potential-directory-traversal-via-admindocs"]], "CVE-2021-33571: Possible indeterminate SSRF, RFI, and LFI attacks since validators accepted leading zeros in IPv4 addresses": [[408, "cve-2021-33571-possible-indeterminate-ssrf-rfi-and-lfi-attacks-since-validators-accepted-leading-zeros-in-ipv4-addresses"], [439, "cve-2021-33571-possible-indeterminate-ssrf-rfi-and-lfi-attacks-since-validators-accepted-leading-zeros-in-ipv4-addresses"], [470, "cve-2021-33571-possible-indeterminate-ssrf-rfi-and-lfi-attacks-since-validators-accepted-leading-zeros-in-ipv4-addresses"]], "CVE-2021-35042: Potential SQL injection via unsanitized QuerySet.order_by() input": [[440, "cve-2021-35042-potential-sql-injection-via-unsanitized-queryset-order-by-input"], [471, "cve-2021-35042-potential-sql-injection-via-unsanitized-queryset-order-by-input"]], "CVE-2021-44420: Potential bypass of an upstream access control based on URL paths": [[409, "cve-2021-44420-potential-bypass-of-an-upstream-access-control-based-on-url-paths"], [441, "cve-2021-44420-potential-bypass-of-an-upstream-access-control-based-on-url-paths"], [452, "cve-2021-44420-potential-bypass-of-an-upstream-access-control-based-on-url-paths"]], "CVE-2021-45115: Denial-of-service possibility in UserAttributeSimilarityValidator": [[410, "cve-2021-45115-denial-of-service-possibility-in-userattributesimilarityvalidator"], [453, "cve-2021-45115-denial-of-service-possibility-in-userattributesimilarityvalidator"], [477, "cve-2021-45115-denial-of-service-possibility-in-userattributesimilarityvalidator"]], "CVE-2021-45116: Potential information disclosure in dictsort template filter": [[410, "cve-2021-45116-potential-information-disclosure-in-dictsort-template-filter"], [453, "cve-2021-45116-potential-information-disclosure-in-dictsort-template-filter"], [477, "cve-2021-45116-potential-information-disclosure-in-dictsort-template-filter"]], "CVE-2021-45452: Potential directory-traversal via Storage.save()": [[410, "cve-2021-45452-potential-directory-traversal-via-storage-save"], [453, "cve-2021-45452-potential-directory-traversal-via-storage-save"], [477, "cve-2021-45452-potential-directory-traversal-via-storage-save"]], "CVE-2022-22818: Possible XSS via {% debug %} template tag": [[411, "cve-2022-22818-possible-xss-via-debug-template-tag"], [454, "cve-2022-22818-possible-xss-via-debug-template-tag"], [479, "cve-2022-22818-possible-xss-via-debug-template-tag"]], "CVE-2022-23833: Denial-of-service possibility in file uploads": [[411, "cve-2022-23833-denial-of-service-possibility-in-file-uploads"], [454, "cve-2022-23833-denial-of-service-possibility-in-file-uploads"], [479, "cve-2022-23833-denial-of-service-possibility-in-file-uploads"]], "CVE-2022-28346: Potential SQL injection in QuerySet.annotate(), aggregate(), and extra()": [[412, "cve-2022-28346-potential-sql-injection-in-queryset-annotate-aggregate-and-extra"], [455, "cve-2022-28346-potential-sql-injection-in-queryset-annotate-aggregate-and-extra"], [481, "cve-2022-28346-potential-sql-injection-in-queryset-annotate-aggregate-and-extra"]], "CVE-2022-28347: Potential SQL injection via QuerySet.explain(**options) on PostgreSQL": [[412, "cve-2022-28347-potential-sql-injection-via-queryset-explain-options-on-postgresql"], [455, "cve-2022-28347-potential-sql-injection-via-queryset-explain-options-on-postgresql"], [481, "cve-2022-28347-potential-sql-injection-via-queryset-explain-options-on-postgresql"]], "CVE-2022-34265: Potential SQL injection via Trunc(kind) and Extract(lookup_name) arguments": [[456, "cve-2022-34265-potential-sql-injection-via-trunc-kind-and-extract-lookup-name-arguments"], [483, "cve-2022-34265-potential-sql-injection-via-trunc-kind-and-extract-lookup-name-arguments"]], "CVE-2022-36359: Potential reflected file download vulnerability in FileResponse": [[457, "cve-2022-36359-potential-reflected-file-download-vulnerability-in-fileresponse"], [484, "cve-2022-36359-potential-reflected-file-download-vulnerability-in-fileresponse"]], "CVE-2022-41323: Potential denial-of-service vulnerability in internationalized URLs": [[458, "cve-2022-41323-potential-denial-of-service-vulnerability-in-internationalized-urls"], [485, "cve-2022-41323-potential-denial-of-service-vulnerability-in-internationalized-urls"], [493, "cve-2022-41323-potential-denial-of-service-vulnerability-in-internationalized-urls"]], "CVE-2023-23969: Potential denial-of-service via Accept-Language headers": [[459, "cve-2023-23969-potential-denial-of-service-via-accept-language-headers"], [486, "cve-2023-23969-potential-denial-of-service-via-accept-language-headers"], [497, "cve-2023-23969-potential-denial-of-service-via-accept-language-headers"]], "CVE-2023-24580: Potential denial-of-service vulnerability in file uploads": [[460, "cve-2023-24580-potential-denial-of-service-vulnerability-in-file-uploads"], [478, "cve-2023-24580-potential-denial-of-service-vulnerability-in-file-uploads"], [498, "cve-2023-24580-potential-denial-of-service-vulnerability-in-file-uploads"]], "CVE-2023-31047: Potential bypass of validation when uploading multiple files using one form field": [[461, "cve-2023-31047-potential-bypass-of-validation-when-uploading-multiple-files-using-one-form-field"], [500, "cve-2023-31047-potential-bypass-of-validation-when-uploading-multiple-files-using-one-form-field"], [502, "cve-2023-31047-potential-bypass-of-validation-when-uploading-multiple-files-using-one-form-field"]], "CVE-2023-36053: Potential regular expression denial of service vulnerability in EmailValidator/URLValidator": [[463, "cve-2023-36053-potential-regular-expression-denial-of-service-vulnerability-in-emailvalidator-urlvalidator"], [489, "cve-2023-36053-potential-regular-expression-denial-of-service-vulnerability-in-emailvalidator-urlvalidator"], [518, "cve-2023-36053-potential-regular-expression-denial-of-service-vulnerability-in-emailvalidator-urlvalidator"]], "CVE-2023-41164: Potential denial of service vulnerability in django.utils.encoding.uri_to_iri()": [[464, "cve-2023-41164-potential-denial-of-service-vulnerability-in-django-utils-encoding-uri-to-iri"], [490, "cve-2023-41164-potential-denial-of-service-vulnerability-in-django-utils-encoding-uri-to-iri"], [520, "cve-2023-41164-potential-denial-of-service-vulnerability-in-django-utils-encoding-uri-to-iri"]], "CVE-2023-43665: Denial-of-service possibility in django.utils.text.Truncator": [[465, "cve-2023-43665-denial-of-service-possibility-in-django-utils-text-truncator"], [491, "cve-2023-43665-denial-of-service-possibility-in-django-utils-text-truncator"], [521, "cve-2023-43665-denial-of-service-possibility-in-django-utils-text-truncator"]], "CVE-2023-46695: Potential denial of service vulnerability in UsernameField on Windows": [[466, "cve-2023-46695-potential-denial-of-service-vulnerability-in-usernamefield-on-windows"], [492, "cve-2023-46695-potential-denial-of-service-vulnerability-in-usernamefield-on-windows"], [522, "cve-2023-46695-potential-denial-of-service-vulnerability-in-usernamefield-on-windows"]], "CVE-2024-24680: Potential denial-of-service in intcomma template filter": [[467, "cve-2024-24680-potential-denial-of-service-in-intcomma-template-filter"], [503, "cve-2024-24680-potential-denial-of-service-in-intcomma-template-filter"]], "CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words()": [[468, "cve-2024-27351-potential-regular-expression-denial-of-service-in-django-utils-text-truncator-words"], [504, "cve-2024-27351-potential-regular-expression-denial-of-service-in-django-utils-text-truncator-words"]], "CVE-2024-38875: Potential denial-of-service vulnerability in django.utils.html.urlize()": [[507, "cve-2024-38875-potential-denial-of-service-vulnerability-in-django-utils-html-urlize"]], "CVE-2024-39329: Username enumeration through timing difference for users with unusable passwords": [[507, "cve-2024-39329-username-enumeration-through-timing-difference-for-users-with-unusable-passwords"]], "CVE-2024-39330: Potential directory-traversal via Storage.save()": [[507, "cve-2024-39330-potential-directory-traversal-via-storage-save"]], "CVE-2024-39614: Potential denial-of-service vulnerability in get_supported_language_variant()": [[507, "cve-2024-39614-potential-denial-of-service-vulnerability-in-get-supported-language-variant"]], "CVE-2024-41989: Memory exhaustion in django.utils.numberformat.floatformat()": [[508, "cve-2024-41989-memory-exhaustion-in-django-utils-numberformat-floatformat"]], "CVE-2024-41990: Potential denial-of-service vulnerability in django.utils.html.urlize()": [[508, "cve-2024-41990-potential-denial-of-service-vulnerability-in-django-utils-html-urlize"]], "CVE-2024-41991: Potential denial-of-service vulnerability in django.utils.html.urlize() and AdminURLFieldWidget": [[508, "cve-2024-41991-potential-denial-of-service-vulnerability-in-django-utils-html-urlize-and-adminurlfieldwidget"]], "CVE-2024-42005: Potential SQL injection in QuerySet.values() and values_list()": [[508, "cve-2024-42005-potential-sql-injection-in-queryset-values-and-values-list"]], "CVE-2024-45230: Potential denial-of-service vulnerability in django.utils.html.urlize()": [[509, "cve-2024-45230-potential-denial-of-service-vulnerability-in-django-utils-html-urlize"]], "CVE-2024-45231: Potential user email enumeration via response status on password reset": [[509, "cve-2024-45231-potential-user-email-enumeration-via-response-status-on-password-reset"]], "CVE-2024-53907: Denial-of-service possibility in strip_tags()": [[510, "cve-2024-53907-denial-of-service-possibility-in-strip-tags"]], "CVE-2024-53908: Potential SQL injection via HasKey(lhs, rhs) on Oracle": [[510, "cve-2024-53908-potential-sql-injection-via-haskey-lhs-rhs-on-oracle"]], "CVE-2024-56374: Potential denial-of-service vulnerability in IPv6 validation": [[511, "cve-2024-56374-potential-denial-of-service-vulnerability-in-ipv6-validation"]], "CVE-2025-26699: Potential denial-of-service vulnerability in django.utils.text.wrap()": [[514, "cve-2025-26699-potential-denial-of-service-vulnerability-in-django-utils-text-wrap"]], "CVE-2025-32873: Denial-of-service possibility in strip_tags()": [[515, "cve-2025-32873-denial-of-service-possibility-in-strip-tags"]], "CVE-2025-48432: Potential log injection via unescaped request path": [[516, "cve-2025-48432-potential-log-injection-via-unescaped-request-path"]], "CZBirthNumberField.clean": [[259, "czbirthnumberfield-clean"]], "Cache": [[189, "cache"], [212, "cache"], [221, "cache"], [315, "cache"], [327, "cache"], [347, "cache"], [361, "cache"], [375, "cache"], [420, "cache"], [435, "cache"], [476, "cache"]], "Cache Framework": [[81, "cache-framework"]], "Cache arguments": [[532, "cache-arguments"]], "Cache key prefixing": [[532, "cache-key-prefixing"]], "Cache key transformation": [[532, "cache-key-transformation"]], "Cache key warnings": [[532, "cache-key-warnings"]], "Cache keys are now generated from the request\u2019s absolute URL": [[315, "cache-keys-are-now-generated-from-the-request-s-absolute-url"]], "Cache middleware": [[170, "module-django.middleware.cache"]], "Cache versioning": [[532, "cache-versioning"]], "CachedStaticFilesStorage storage backend": [[267, "cachedstaticfilesstorage-storage-backend"]], "Caches": [[85, "caches"]], "Caches may incorrectly be allowed to store and serve private data": [[272, "caches-may-incorrectly-be-allowed-to-store-and-serve-private-data"], [301, "caches-may-incorrectly-be-allowed-to-store-and-serve-private-data"]], "Caching": [[564, "caching"], [582, "caching"]], "Caching and QuerySets": [[552, "caching-and-querysets"]], "Caching changes": [[259, "caching-changes"]], "Caching of anonymous pages could reveal CSRF token": [[270, "caching-of-anonymous-pages-could-reveal-csrf-token"], [299, "caching-of-anonymous-pages-could-reveal-csrf-token"], [308, "caching-of-anonymous-pages-could-reveal-csrf-token"]], "Caching of related model instances": [[290, "caching-of-related-model-instances"]], "Caching the current Site object": [[149, "caching-the-current-site-object"]], "Callables in templates": [[259, "callables-in-templates"]], "Calling a management command in your code": [[15, null]], "Calling custom QuerySet methods from the Manager": [[315, "calling-custom-queryset-methods-from-the-manager"]], "Calling custom QuerySet methods from the manager": [[548, "calling-custom-queryset-methods-from-the-manager"]], "Calling django.setup() is required for \u201cstandalone\u201d Django usage": [[585, "calling-django-setup-is-required-for-standalone-django-usage"]], "Calling stored procedures": [[554, "calling-stored-procedures"]], "Can I use Django with a preexisting database?": [[7, "can-i-use-django-with-a-preexisting-database"]], "Can\u2019t find GDAL library": [[119, "can-t-find-gdal-library"]], "Can\u2019t find GEOS library": [[119, "can-t-find-geos-library"]], "Captured parameters": [[571, "captured-parameters"]], "Case": [[173, "case"]], "Case-insensitive collations": [[138, null]], "Cast": [[175, "cast"]], "Caveats": [[153, "caveats"]], "Caveats on Oracle": [[175, null]], "Caveats with support of certain databases": [[204, "caveats-with-support-of-certain-databases"]], "Cc": [[50, "cc"]], "Ceil": [[175, "ceil"]], "Centroid": [[113, "centroid"]], "Certain expressions may not be supported": [[184, null]], "Chaining escape with other filters": [[193, null]], "Chaining filters": [[552, "chaining-filters"]], "Changed priority of translation loading": [[259, "changed-priority-of-translation-loading"]], "Changes and new features": [[202, "changes-and-new-features"]], "Changes due to the introduction of template-based widget rendering": [[221, "changes-due-to-the-introduction-of-template-based-widget-rendering"]], "Changes in tests execution": [[290, "changes-in-tests-execution"]], "Changes to constraint names": [[208, "changes-to-constraint-names"]], "Changes to cycle and firstof": [[303, "changes-to-cycle-and-firstof"]], "Changes to how model formsets are saved": [[208, "changes-to-how-model-formsets-are-saved"]], "Changes to the default logging configuration": [[347, "changes-to-the-default-logging-configuration"]], "Changes to the interpretation of max_num in FormSets": [[251, "changes-to-the-interpretation-of-max-num-in-formsets"]], "Changes to the login methods of the admin": [[259, "changes-to-the-login-methods-of-the-admin"]], "Changes to url and ssi": [[259, "changes-to-url-and-ssi"]], "Changing a ManyToManyField to use a through model": [[43, "changing-a-manytomanyfield-to-use-a-through-model"]], "Changing a custom field\u2019s base class": [[16, "changing-a-custom-field-s-base-class"]], "Changing an unmanaged model to managed": [[43, "changing-an-unmanaged-model-to-managed"]], "Changing order_with_respect_to": [[183, null]], "Changing passwords": [[529, "changing-passwords"], [529, "id7"]], "Changing the default JSON encoder": [[187, "changing-the-default-json-encoder"]], "Changing the form": [[563, "changing-the-form"]], "Changing the minimum recorded level per-request": [[134, "changing-the-minimum-recorded-level-per-request"]], "Changing the organization": [[63, "changing-the-organization"]], "Changing the port": [[71, null]], "Changing the queryset": [[563, "changing-the-queryset"]], "Changing the search configuration": [[145, "changing-the-search-configuration"]], "Changing to a custom user model mid-project": [[528, "changing-to-a-custom-user-model-mid-project"]], "Changing upload handler behavior": [[565, "changing-upload-handler-behavior"]], "CharField": [[161, "charfield"], [177, "charfield"]], "Character fields": [[153, "character-fields"]], "Cheat sheet": [[540, "cheat-sheet"]], "Check for duplicate flatpage URLs.": [[106, null]], "CheckConstraint": [[174, "checkconstraint"]], "CheckMessage": [[85, "checkmessage"]], "CheckboxInput": [[167, "checkboxinput"]], "CheckboxSelectMultiple": [[167, "checkboxselectmultiple"]], "Checking if the field data has changed": [[161, "checking-if-the-field-data-has-changed"]], "Checking which form data has changed": [[160, "checking-which-form-data-has-changed"]], "Choice type": [[161, null]], "ChoiceField": [[161, "choicefield"]], "Choosing a name for your app": [[70, null]], "Choosing between filter and QuerySet.filter()": [[540, null]], "Chr": [[175, "chr"]], "Class-based generic views - flattened index": [[87, null]], "Class-based model indexes": [[221, "class-based-model-indexes"]], "Class-based template loaders": [[251, "class-based-template-loaders"]], "Class-based views": [[259, "class-based-views"], [536, null]], "Class-based views mixins": [[92, null]], "Cleaning a specific field attribute": [[166, "cleaning-a-specific-field-attribute"]], "Cleaning and validating fields that depend on each other": [[166, "cleaning-and-validating-fields-that-depend-on-each-other"]], "Cleanup of the django.template namespace": [[327, "cleanup-of-the-django-template-namespace"]], "Clearable default widget for FileField": [[259, "clearable-default-widget-for-filefield"]], "ClearableFileInput": [[167, "clearablefileinput"]], "Clearing the session store": [[569, "clearing-the-session-store"]], "Clickjacking Protection": [[98, null]], "Clickjacking protection": [[583, "clickjacking-protection"]], "Closing Tickets": [[50, "closing-tickets"]], "Coalesce": [[175, "coalesce"]], "Code": [[575, "code"]], "Code coverage": [[55, "code-coverage"]], "Code layout": [[18, "code-layout"]], "Code of Conduct": [[66, "code-of-conduct"]], "Code style": [[53, "code-style"]], "Coding style": [[51, null]], "Collate": [[175, "collate"]], "Collation settings": [[153, "collation-settings"]], "Collect": [[116, "collect"]], "Colored terminal output": [[42, "colored-terminal-output"]], "Combining Media objects": [[562, "combining-media-objects"]], "Combining multiple aggregations": [[540, "combining-multiple-aggregations"]], "ComboField": [[161, "combofield"]], "CommaSeparatedIntegerField model field": [[212, "commaseparatedintegerfield-model-field"]], "Command exceptions": [[15, "command-exceptions"]], "Command objects": [[15, "command-objects"]], "Commands provided by applications": [[154, "commands-provided-by-applications"]], "Comments": [[195, "comments"], [205, "comments"], [558, "comments"], [588, "comments"]], "Comments for translators": [[576, "comments-for-translators"]], "Comments for translators in templates": [[576, "comments-for-translators-in-templates"]], "Comments on columns and tables": [[501, "comments-on-columns-and-tables"]], "Committing code": [[46, null]], "Committing guidelines": [[46, "committing-guidelines"]], "Committing the changes in the patch": [[66, "committing-the-changes-in-the-patch"]], "Common": [[564, "common"]], "Common aggregate options": [[135, null]], "Common changes": [[205, "common-changes"]], "Common pitfalls": [[42, "common-pitfalls"]], "Common web application tools": [[44, "common-web-application-tools"]], "Commonly used terms": [[57, "commonly-used-terms"]], "Comparing Polygons": [[117, null]], "Comparing objects": [[552, "comparing-objects"]], "Comparison and conversion functions": [[175, "comparison-and-conversion-functions"]], "Comparison functions": [[138, "comparison-functions"]], "Comparison with middleware conditional processing": [[539, "comparison-with-middleware-conditional-processing"]], "CompatCookie": [[259, "compatcookie"]], "Compatibility Tables": [[109, "compatibility-tables"]], "Compatibility with old signed data": [[267, "compatibility-with-old-signed-data"]], "Compiling message files": [[576, "compiling-message-files"]], "Complex expressions": [[193, "complex-expressions"]], "Complex lookups with Q objects": [[552, "complex-lookups-with-q-objects"]], "Component": [[50, "component"]], "Components": [[588, "components"]], "Composite widgets": [[167, "composite-widgets"]], "Compressed fixtures": [[545, "compressed-fixtures"]], "Compressed rasters": [[114, "compressed-rasters"]], "Concat": [[175, "concat"]], "Concepts": [[575, "concepts"]], "Concurrent index operations": [[144, "concurrent-index-operations"]], "Conditional Expressions": [[173, null]], "Conditional GET middleware": [[170, "module-django.middleware.http"]], "Conditional View Processing": [[539, null]], "Conditional aggregation": [[173, "conditional-aggregation"]], "Conditional expressions": [[176, "conditional-expressions"]], "Conditional filter": [[173, "conditional-filter"]], "Conditional update": [[173, "conditional-update"]], "Conditional view processing": [[208, "conditional-view-processing"], [564, "conditional-view-processing"]], "ConditionalGetMiddleware": [[582, "conditionalgetmiddleware"]], "Conditionally enabling or disabling actions": [[99, "conditionally-enabling-or-disabling-actions"]], "Configurable User model": [[290, "configurable-user-model"]], "Configurable attributes": [[84, "configurable-attributes"]], "Configurable delete-cascade": [[259, "configurable-delete-cascade"]], "Configuration": [[11, "configuration"], [588, "configuration"]], "Configure a formatter": [[35, "configure-a-formatter"]], "Configure a handler": [[35, "configure-a-handler"]], "Configure a logger mapping": [[35, "configure-a-logger-mapping"]], "Configure responsive logging": [[35, "configure-responsive-logging"]], "Configure settings.py": [[130, "configure-settings-py"]], "Configuring an engine": [[192, "configuring-an-engine"]], "Configuring and starting the uWSGI server for Django": [[30, "configuring-and-starting-the-uwsgi-server-for-django"]], "Configuring applications": [[84, "configuring-applications"]], "Configuring email for development": [[557, "configuring-email-for-development"]], "Configuring form elements\u2019 HTML id attributes and