From fe546c888d6ab8beeb01b8ef65f5a18318c05d4f Mon Sep 17 00:00:00 2001 From: Griatch Date: Sat, 4 Mar 2023 19:49:23 +0100 Subject: [PATCH] Auto-remapped old django docs to new version. Resolve #3126 --- docs/pylib/auto_link_remapper.py | 15 +++++++++++++++ docs/source/Components/Signals.md | 2 +- docs/source/Components/Tags.md | 2 +- docs/source/Components/Typeclasses.md | 6 +++--- docs/source/Components/Web-Admin.md | 4 ++-- docs/source/Components/Website.md | 12 ++++++------ docs/source/Concepts/Internationalization.md | 2 +- docs/source/Concepts/Models.md | 6 +++--- .../Part1/Beginner-Tutorial-Django-queries.md | 2 +- docs/source/Howtos/Web-Add-a-wiki.md | 2 +- docs/source/Howtos/Web-Changing-Webpage.md | 4 ++-- docs/source/Howtos/Web-Character-Generation.md | 2 +- docs/source/Howtos/Web-Character-View-Tutorial.md | 2 +- docs/source/Howtos/Web-Help-System-Tutorial.md | 2 +- docs/source/Setup/Choosing-a-Database.md | 2 +- docs/source/Setup/Installation-Upgrade.md | 2 +- docs/source/Setup/Running-Evennia.md | 2 +- docs/source/Setup/Security-Practices.md | 2 +- 18 files changed, 43 insertions(+), 28 deletions(-) diff --git a/docs/pylib/auto_link_remapper.py b/docs/pylib/auto_link_remapper.py index df993f5de4..50ccb870b1 100644 --- a/docs/pylib/auto_link_remapper.py +++ b/docs/pylib/auto_link_remapper.py @@ -66,6 +66,13 @@ URL_REMAPS = { "./Locks.md#permissions": "Permissions", "modules": "Default-Commands.md", } +DJANGO_LAST_TESTED_VERSION = "4.1" # update as django requirements update + +DJANGO_URL_REGEX = re.compile( + r"(?Phttps://docs\.djangoproject\.com/en/)(?Pdev|[1-9.]+)(?P/.*?$)", + re.MULTILINE + re.DOTALL, +) + _USED_REFS = {} @@ -154,6 +161,14 @@ def auto_link_remapper(no_autodoc=False): if url.startswith(strip_prefix): url = url[len(strip_prefix) :] + # remap to specified django version of docs + django_url = django_match = DJANGO_URL_REGEX.sub( + rf"\g{DJANGO_LAST_TESTED_VERSION}\g", url + ) + if url != django_url: + print(f" Django doc url remap: {url} -> {django_url}") + url = django_url + if any(url.startswith(noremap) for noremap in _NO_REMAP_STARTSWITH): # skip regular http/s urls etc return f"[{txt}]({url})" diff --git a/docs/source/Components/Signals.md b/docs/source/Components/Signals.md index 1d458e862d..3c30794fe0 100644 --- a/docs/source/Components/Signals.md +++ b/docs/source/Components/Signals.md @@ -15,7 +15,7 @@ you can "attach" any number of event-handlers to these signals. You can attach any number of handlers and they'll all fire whenever any entity triggers the signal. -Evennia uses the [Django Signal system](https://docs.djangoproject.com/en/2.2/topics/signals/). +Evennia uses the [Django Signal system](https://docs.djangoproject.com/en/4.1/topics/signals/). ## Working with Signals diff --git a/docs/source/Components/Tags.md b/docs/source/Components/Tags.md index 7987a23470..f11e9d44b2 100644 --- a/docs/source/Components/Tags.md +++ b/docs/source/Components/Tags.md @@ -119,7 +119,7 @@ with a given Tag like this in code: > Note that searching for just "furniture" will only return the objects tagged with the "furniture" tag that has a category of `None`. We must explicitly give the category to get the "luxurious" furniture. -Using any of the `search_tag` variants will all return [Django Querysets](https://docs.djangoproject.com/en/2.1/ref/models/querysets/), including if you only have one match. You can treat querysets as lists and iterate over them, or continue building search queries with them. +Using any of the `search_tag` variants will all return [Django Querysets](https://docs.djangoproject.com/en/4.1/ref/models/querysets/), including if you only have one match. You can treat querysets as lists and iterate over them, or continue building search queries with them. Remember when searching that not setting a category means setting it to `None` - this does *not* mean that category is undefined, rather `None` is considered the default, unnamed category. diff --git a/docs/source/Components/Typeclasses.md b/docs/source/Components/Typeclasses.md index db61595bfa..2cdc2034b3 100644 --- a/docs/source/Components/Typeclasses.md +++ b/docs/source/Components/Typeclasses.md @@ -34,7 +34,7 @@ This is how the inheritance looks for the typeclasses in Evennia: └────┘ ``` -- **Level 1** above is the "database model" level. This describes the database tables and fields (this is technically a [Django model](https://docs.djangoproject.com/en/2.2/topics/db/models/)). +- **Level 1** above is the "database model" level. This describes the database tables and fields (this is technically a [Django model](https://docs.djangoproject.com/en/4.1/topics/db/models/)). - **Level 2** is where we find Evennia's default implementations of the various game entities, on top of the database. These classes define all the hook methods that Evennia calls in various situations. `DefaultObject` is a little special since it's the parent for `DefaultCharacter`, `DefaultRoom` and `DefaultExit`. They are all grouped under level 2 because they all represents defaults to build from. - **Level 3**, finally, holds empty template classes created in your game directory. This is the level you are meant to modify and tweak as you please, overloading the defaults as befits your game. The templates inherit directly from their defaults, so `Object` inherits from `DefaultObject` and `Room` inherits from `DefaultRoom`. @@ -190,7 +190,7 @@ Most of the time you search for objects in the database by using convenience met `caller.search()` of [Commands](./Commands.md) or the search functions like `evennia.search_objects`. You can however also query for them directly using [Django's query -language](https://docs.djangoproject.com/en/1.7/topics/db/queries/). This makes use of a _database +language](https://docs.djangoproject.com/en/4.1/topics/db/queries/). This makes use of a _database manager_ that sits on all typeclasses, named `objects`. This manager holds methods that allow database searches against that particular type of object (this is the way Django normally works too). When using Django queries, you need to use the full field names (like `db_key`) to search: @@ -294,7 +294,7 @@ The arguments to this method are described [in the API docs here](github:evennia *This is considered an advanced section.* -Technically, typeclasses are [Django proxy models](https://docs.djangoproject.com/en/1.7/topics/db/models/#proxy-models). The only database +Technically, typeclasses are [Django proxy models](https://docs.djangoproject.com/en/4.1/topics/db/models/#proxy-models). The only database models that are "real" in the typeclass system (that is, are represented by actual tables in the database) are `AccountDB`, `ObjectDB`, `ScriptDB` and `ChannelDB` (there are also [Attributes](./Attributes.md) and [Tags](./Tags.md) but they are not typeclasses themselves). All the subclasses of them are "proxies", extending them with Python code without actually modifying the database layout. Evennia modifies Django's proxy model in various ways to allow them to work without any boiler plate (for example you don't need to set the Django "proxy" property in the model `Meta` subclass, Evennia handles this for you using metaclasses). Evennia also makes sure you can query subclasses as well as patches django to allow multiple inheritance from the same base class. diff --git a/docs/source/Components/Web-Admin.md b/docs/source/Components/Web-Admin.md index 5faf2f82cb..54f0df51ea 100644 --- a/docs/source/Components/Web-Admin.md +++ b/docs/source/Components/Web-Admin.md @@ -1,6 +1,6 @@ # The Web Admin -The Evennia _Web admin_ is a customized [Django admin site](https://docs.djangoproject.com/en/3.2/ref/contrib/admin/) +The Evennia _Web admin_ is a customized [Django admin site](https://docs.djangoproject.com/en/4.1/ref/contrib/admin/) used for manipulating the game database using a graphical interface. You have to be logged into the site to use it. It then appears as an `Admin` link the top of your website. You can also go to [http://localhost:4001/admin](http://localhost:4001/admin) when @@ -113,7 +113,7 @@ the `Can delete Account` permission, for example. ## Customizing the web admin Customizing the admin is a big topic and something beyond the scope of this -documentation. See the [official Django docs](https://docs.djangoproject.com/en/3.2/ref/contrib/admin/) for +documentation. See the [official Django docs](https://docs.djangoproject.com/en/4.1/ref/contrib/admin/) for the details. This is just a brief summary. See the [Website](./Website.md) page for an overview of the components going into diff --git a/docs/source/Components/Website.md b/docs/source/Components/Website.md index c87677467a..383502098b 100644 --- a/docs/source/Components/Website.md +++ b/docs/source/Components/Website.md @@ -162,7 +162,7 @@ Some important things to know: This allows for template inheritance (making it easier to make all pages look the same without rewriting the same thing over and over) -There's a lot more information to be found in the [Django template language documentation](https://docs.djangoproject.com/en/3.2/ref/templates/language/). +There's a lot more information to be found in the [Django template language documentation](https://docs.djangoproject.com/en/4.1/ref/templates/language/). ### Change webpage colors and styling @@ -242,7 +242,7 @@ urlpatterns = [ So we just import `index` from the new location and point to it. After a reload the front page will now redirect to use your copy rather than the original. -The frontpage view is a class `EvenniaIndexView`. This is a [Django class-based view](https://docs.djangoproject.com/en/3.2/topics/class-based-views/). It's a little less visible what happens in a class-based view than in a function (since the class implements a lot of functionality as methods), but it's powerful and much easier to extend/modify. +The frontpage view is a class `EvenniaIndexView`. This is a [Django class-based view](https://docs.djangoproject.com/en/4.1/topics/class-based-views/). It's a little less visible what happens in a class-based view than in a function (since the class implements a lot of functionality as methods), but it's powerful and much easier to extend/modify. The class property `template_name` sets the location of the template used under the `templates/` folder. So `website/index.html` points to `web/templates/website/index.html` (as we already explored above. @@ -283,7 +283,7 @@ Let's see how to make a `/test/` page from scratch. - Add a new `test.html` file under `mygame/web/templates/website/`. Easiest is to base this off an existing file. Make sure to `{% extend base.html %}` if you want to get the same styling as the rest of your site. - Add a new view `testview.py` under `mygame/web/website/views/` (don't name it `test.py` or - Django/Evennia will think it contains unit tests). Add a view there to process your page. This is a minimal view to start from (read much more [in the Django docs](https://docs.djangoproject.com/en/3.2/topics/class-based-views/)): + Django/Evennia will think it contains unit tests). Add a view there to process your page. This is a minimal view to start from (read much more [in the Django docs](https://docs.djangoproject.com/en/4.1/topics/class-based-views/)): ```python # mygame/web/website/views/testview.py @@ -326,7 +326,7 @@ Firstly, this must be represented in HTML. The `
...
` is a standard HTML element you need to add to your template. It also has some other requirements, such as `` and often Javascript components as well (but usually Django will help with this). If you are unfamiliar with how HTML forms -work, [read about them here](https://docs.djangoproject.com/en/3.2/topics/forms/#html-forms). +work, [read about them here](https://docs.djangoproject.com/en/4.1/topics/forms/#html-forms). The basic gist of it is that when you click to 'submit' the form, a POST HTML request will be sent to the server containing the data the user entered. It's @@ -334,11 +334,11 @@ now up to the server to make sure the data makes sense (validation) and then process the input somehow (like creating a new character). On the backend side, we need to specify the logic for validating and processing -the form data. This is done by the `Form` [Django class](https://docs.djangoproject.com/en/3.2/topics/forms/#forms-in-django). +the form data. This is done by the `Form` [Django class](https://docs.djangoproject.com/en/4.1/topics/forms/#forms-in-django). This specifies _fields_ on itself that define how to validate that piece of data. The form is then linked into the view-class by adding `form_class = MyFormClass` to the view (next to `template_name`). There are several example forms in `evennia/web/website/forms.py`. It's also a good -idea to read [Building a form in Django](https://docs.djangoproject.com/en/3.2/topics/forms/#building-a-form-in-django) on the Django website - it covers all you need. +idea to read [Building a form in Django](https://docs.djangoproject.com/en/4.1/topics/forms/#building-a-form-in-django) on the Django website - it covers all you need. diff --git a/docs/source/Concepts/Internationalization.md b/docs/source/Concepts/Internationalization.md index 144bdab805..fcf6733615 100644 --- a/docs/source/Concepts/Internationalization.md +++ b/docs/source/Concepts/Internationalization.md @@ -72,7 +72,7 @@ Typeclasses are generally *not* translated, nor are console/log outputs. ```{sidebar} Windows users If you get errors concerning `gettext` or `xgettext` on Windows, -see the [Django documentation](https://docs.djangoproject.com/en/3.2/topics/i18n/translation/#gettext-on-windows). +see the [Django documentation](https://docs.djangoproject.com/en/4.1/topics/i18n/translation/#gettext-on-windows). A self-installing and up-to-date version of gettext for Windows (32/64-bit) is available on Github as [gettext-iconv-windows](https://github.com/mlocati/gettext-iconv-windows). diff --git a/docs/source/Concepts/Models.md b/docs/source/Concepts/Models.md index e9e936874b..6bdab3f5b6 100644 --- a/docs/source/Concepts/Models.md +++ b/docs/source/Concepts/Models.md @@ -92,7 +92,7 @@ of the database table. Finally, you create new instances of the model to add new database. We won't describe all aspects of Django models here, for that we refer to the vast [Django -documentation](https://docs.djangoproject.com/en/2.2/topics/db/models/) on the subject. Here is a +documentation](https://docs.djangoproject.com/en/4.1/topics/db/models/) on the subject. Here is a (very) brief example: ```python @@ -129,7 +129,7 @@ lookups, so it's recommended to put it on fields you know you'll often use in qu string without the database complaining. There are many other field types and keywords to define them, see django docs for more info. -Similar to using [django-admin](https://docs.djangoproject.com/en/2.2/howto/legacy-databases/) you +Similar to using [django-admin](https://docs.djangoproject.com/en/4.1/howto/legacy-databases/) you are able to do `evennia inspectdb` to get an automated listing of model information for an existing database. As is the case with any model generating tool you should only use this as a starting point for your models. @@ -260,5 +260,5 @@ the actual *field names* in the query, not the wrapper name (so `db_key` and not self.caller.msg(match.db_text) ``` -See the [Django query documentation](https://docs.djangoproject.com/en/2.2/topics/db/queries/) for a +See the [Django query documentation](https://docs.djangoproject.com/en/4.1/topics/db/queries/) for a lot more information about querying the database. \ No newline at end of file diff --git a/docs/source/Howtos/Beginner-Tutorial/Part1/Beginner-Tutorial-Django-queries.md b/docs/source/Howtos/Beginner-Tutorial/Part1/Beginner-Tutorial-Django-queries.md index f68ca3ea76..031ae73298 100644 --- a/docs/source/Howtos/Beginner-Tutorial/Part1/Beginner-Tutorial-Django-queries.md +++ b/docs/source/Howtos/Beginner-Tutorial/Part1/Beginner-Tutorial-Django-queries.md @@ -203,7 +203,7 @@ know to transform it. Success! All examples so far used `AND` relations. The arguments to `.filter` are added together with `AND` ("we want tag room to be "monlit" _and_ lycantrhopy be > 2"). -For queries using `OR` and `NOT` we need Django's [Q object](https://docs.djangoproject.com/en/1.11/topics/db/queries/#complex-lookups-with-q-objects). It is imported from Django directly: +For queries using `OR` and `NOT` we need Django's [Q object](https://docs.djangoproject.com/en/4.1/topics/db/queries/#complex-lookups-with-q-objects). It is imported from Django directly: from django.db.models import Q diff --git a/docs/source/Howtos/Web-Add-a-wiki.md b/docs/source/Howtos/Web-Add-a-wiki.md index ddffbca1b3..4e83556d1f 100644 --- a/docs/source/Howtos/Web-Add-a-wiki.md +++ b/docs/source/Howtos/Web-Add-a-wiki.md @@ -5,7 +5,7 @@ As of 2023, The [django wiki](https://django-wiki.readthedocs.io/en/main/) only ``` ```{note} -Before doing this tutorial you will probably want to read the intro in [Basic Web tutorial](./Web-Changing-Webpage.md). Reading the three first parts of the [Django tutorial](https://docs.djangoproject.com/en/1.9/intro/tutorial01/) might help as well. +Before doing this tutorial you will probably want to read the intro in [Basic Web tutorial](./Web-Changing-Webpage.md). Reading the three first parts of the [Django tutorial](https://docs.djangoproject.com/en/4.1/intro/tutorial01/) might help as well. ``` This tutorial will provide a step-by-step process to installing a wiki on your website. diff --git a/docs/source/Howtos/Web-Changing-Webpage.md b/docs/source/Howtos/Web-Changing-Webpage.md index 6ad31ba66c..2e7c5c1176 100644 --- a/docs/source/Howtos/Web-Changing-Webpage.md +++ b/docs/source/Howtos/Web-Changing-Webpage.md @@ -11,7 +11,7 @@ Django projects are split up into *apps* and these apps all contribute to one pr you might have an app for conducting polls, or an app for showing news posts or, like us, one for creating a web client. -Each of these applications has a `urls.py` file, which specifies what [URL](https://en.wikipedia.org/wiki/Uniform_resource_locator)s are used by the app, a `views.py` file for the code that the URLs activate, a `templates` directory for displaying the results of that code in [HTML](https://en.wikipedia.org/wiki/Html) for the user, and a `static` folder that holds assets like [CSS](https://en.wikipedia.org/wiki/CSS), [Javascript](https://en.wikipedia.org/wiki/Javascript), and Image files (You may note your mygame/web folder does not have a `static` or `template` folder. This is intended and explained further below). Django applications may also have a `models.py` file for storing information in the database. We will not change any models here, take a look at the [New Models](../Concepts/Models.md) page (as well as the [Django docs](https://docs.djangoproject.com/en/1.7/topics/db/models/) on models) if you are interested. +Each of these applications has a `urls.py` file, which specifies what [URL](https://en.wikipedia.org/wiki/Uniform_resource_locator)s are used by the app, a `views.py` file for the code that the URLs activate, a `templates` directory for displaying the results of that code in [HTML](https://en.wikipedia.org/wiki/Html) for the user, and a `static` folder that holds assets like [CSS](https://en.wikipedia.org/wiki/CSS), [Javascript](https://en.wikipedia.org/wiki/Javascript), and Image files (You may note your mygame/web folder does not have a `static` or `template` folder. This is intended and explained further below). Django applications may also have a `models.py` file for storing information in the database. We will not change any models here, take a look at the [New Models](../Concepts/Models.md) page (as well as the [Django docs](https://docs.djangoproject.com/en/4.1/topics/db/models/) on models) if you are interested. There is also a root `urls.py` that determines the URL structure for the entire project. A starter `urls.py` is included in the default game template, and automatically imports all of Evennia's @@ -91,4 +91,4 @@ original file already has all the markup and tags, ready for editing. ## Further reading -For further hints on working with the web presence, you could now continue to the [Web-based Character view Tutorial](./Web-Character-View-Tutorial.md) where you learn to make a web page that displays in-game character stats. You can also look at [Django's own tutorial](https://docs.djangoproject.com/en/1.7/intro/tutorial01/) to get more insight in how Django works and what possibilities exist. \ No newline at end of file +For further hints on working with the web presence, you could now continue to the [Web-based Character view Tutorial](./Web-Character-View-Tutorial.md) where you learn to make a web page that displays in-game character stats. You can also look at [Django's own tutorial](https://docs.djangoproject.com/en/4.1/intro/tutorial01/) to get more insight in how Django works and what possibilities exist. \ No newline at end of file diff --git a/docs/source/Howtos/Web-Character-Generation.md b/docs/source/Howtos/Web-Character-Generation.md index cbc274b480..a7c7b22419 100644 --- a/docs/source/Howtos/Web-Character-Generation.md +++ b/docs/source/Howtos/Web-Character-Generation.md @@ -16,7 +16,7 @@ characters can be created through this. You should have some familiarity with how Django sets up its Model Template View framework. You need to understand what is happening in the basic [Web Character View tutorial](./Web-Character-View-Tutorial.md). If you don’t understand the listed tutorial or have a grasp of Django basics, please look at the -[Django tutorial](https://docs.djangoproject.com/en/1.8/intro/) to get a taste of what Django does, +[Django tutorial](https://docs.djangoproject.com/en/4.1/intro/) to get a taste of what Django does, before throwing Evennia into the mix (Evennia shares its API and attributes with the website interface). This guide will outline the format of the models, views, urls, and html templates needed. diff --git a/docs/source/Howtos/Web-Character-View-Tutorial.md b/docs/source/Howtos/Web-Character-View-Tutorial.md index 993e54ff6f..28efbd7304 100644 --- a/docs/source/Howtos/Web-Character-View-Tutorial.md +++ b/docs/source/Howtos/Web-Character-View-Tutorial.md @@ -226,4 +226,4 @@ page by using `{{ object.get_absolute_url }}` in any template where you have a g *Now that you've made a basic page and app with Django, you may want to read the full Django tutorial to get a better idea of what it can do. [You can find Django's tutorial -here](https://docs.djangoproject.com/en/1.8/intro/tutorial01/).* +here](https://docs.djangoproject.com/en/4.1/intro/tutorial01/).* diff --git a/docs/source/Howtos/Web-Help-System-Tutorial.md b/docs/source/Howtos/Web-Help-System-Tutorial.md index e880e4c617..fe7ad5b42b 100644 --- a/docs/source/Howtos/Web-Help-System-Tutorial.md +++ b/docs/source/Howtos/Web-Help-System-Tutorial.md @@ -41,7 +41,7 @@ game directory should look like: The "web/help_system" directory contains files created by Django. We'll use some of them, but if you want to learn more about them all, you should read [the Django -tutorial](https://docs.djangoproject.com/en/1.9/intro/tutorial01/). +tutorial](https://docs.djangoproject.com/en/4.1/intro/tutorial01/). There is a last thing to be done: your folder has been added, but Django doesn't know about it, it doesn't know it's a new app. We need to tell it, and we do so by editing a simple setting. Open diff --git a/docs/source/Setup/Choosing-a-Database.md b/docs/source/Setup/Choosing-a-Database.md index f79eeefe9d..eba60d72fe 100644 --- a/docs/source/Setup/Choosing-a-Database.md +++ b/docs/source/Setup/Choosing-a-Database.md @@ -8,7 +8,7 @@ This page gives an overview of the supported SQL databases as well as instructio - MySQL / MariaDB Since Evennia uses [Django](https://djangoproject.com), most of our notes are based off of what we know from the community and their documentation. While the information below may be useful, you can always find the most up-to-date and "correct" information at Django's [Notes about supported -Databases](https://docs.djangoproject.com/en/dev/ref/databases/#ref-databases) page. +Databases](https://docs.djangoproject.com/en/4.1/ref/databases/#ref-databases) page. ## SQLite3 (default) diff --git a/docs/source/Setup/Installation-Upgrade.md b/docs/source/Setup/Installation-Upgrade.md index 6805ee04cd..81e9f7125d 100644 --- a/docs/source/Setup/Installation-Upgrade.md +++ b/docs/source/Setup/Installation-Upgrade.md @@ -29,7 +29,7 @@ If you don't have anything you want to keep in your existing game dir, you can j - `cd` to your existing 0.9.5-based game folder (like `mygame`). - If you have changed `mygame/web`, _rename_ the folder to `web_0.9.5`. If you didn't change anything (or don't have anything you want to keep), you can _delete_ it entirely. - Copy `evennia/evennia/game_template/web` to `mygame/` (e.g. using `cp -Rf` or a file manager). This new `web` folder _replaces the old one_ and has a very different structure. -- It's possible you need to replace/comment out import and calls to the deprecated [`django.conf.urls`](https://docs.djangoproject.com/en/3.2/ref/urls/#url). The new way to call it is [available here](https://docs.djangoproject.com/en/4.0/ref/urls/#django.urls.re_path). +- It's possible you need to replace/comment out import and calls to the deprecated [`django.conf.urls`](https://docs.djangoproject.com/en/4.1/ref/urls/#url). The new way to call it is [available here](https://docs.djangoproject.com/en/4.0/ref/urls/#django.urls.re_path). - Run `evennia migrate` - note that it's normal to see some warnings here, _don't_ run `makemigrations` even if the system asks you to. - Run `evennia start` diff --git a/docs/source/Setup/Running-Evennia.md b/docs/source/Setup/Running-Evennia.md index bbdebeba76..71fadfa1cc 100644 --- a/docs/source/Setup/Running-Evennia.md +++ b/docs/source/Setup/Running-Evennia.md @@ -141,7 +141,7 @@ The `evennia` program will also pass-through options used by the `django-admin`. ``` -For (many) more options, see [the django-admin docs](https://docs.djangoproject.com/en/1.7/ref/django-admin/#usage). +For (many) more options, see [the django-admin docs](https://docs.djangoproject.com/en/4.1/ref/django-admin/#usage). ## Advanced handling of Evennia processes diff --git a/docs/source/Setup/Security-Practices.md b/docs/source/Setup/Security-Practices.md index d6d57ee29a..6debd2cc2c 100644 --- a/docs/source/Setup/Security-Practices.md +++ b/docs/source/Setup/Security-Practices.md @@ -36,7 +36,7 @@ In `server/conf/settings.py`: If you decide to allow users to upload their own images to be served from your site, special care must be taken. Django will read the file headers to confirm it's an image (as opposed to a document or zip archive), but [code can be injected into an image file](https://insinuator.net/2014/05/django-image-validation-vulnerability/) *after* the headers that can be interpreted as HTML and/or give an attacker a web shell through which they can access other filesystem resources. -[Django has a more comprehensive overview of how to handle user-uploaded files](https://docs.djangoproject.com/en/dev/topics/security/#user-uploaded-content-security), but +[Django has a more comprehensive overview of how to handle user-uploaded files](https://docs.djangoproject.com/en/4.1/topics/security/#user-uploaded-content-security), but in short you should take care to do one of two things: * Serve all user-uploaded assets from a *separate* domain or CDN (*not* a subdomain of the one you already have!). For example, you may be browsing `reddit.com` but note that all the user-submitted images are being served from the `redd.it` domain. There are both security and performance benefits to this (webservers tend to load local resources one-by-one, whereas they will request external resources in bulk).