An attacker was able to use a `field_id` from a "secret" field
and use if on any even the default public select2 view and
receive the data without authentication.
The old multiprocessing support was hard to maintain.
Since signing and caching are part of `django.core`
there is really no need to stick to our own solution.
As a result multimachine support and security are now always in place.
Fields are stored in Django's cache. The default cache used by select2
is called 'default' but can be cachanged overwriting the setting
`SELECT2_CACHE_BACKEND`.
Recommended cache backends are memcached, redis or a DB-cache.
Refactored AutoResponseView
The main reason for this refactoring is
the fact that the pagingnation was slow.
I dropped major parts of the initial code
and wrote a more django-like-approach.
Noteabley:
- get_results now retuns a QuerySet
- This commit drops django 1.6 support in favour of the JsonResponse (Backporting is possible).
Why are you validating that term is filled? If I want to suggest values immediately after opening select2 input, I specify select2_options {"minimumResultsForSearch": 0, "minimumInputLength": 0,}.
Why isn't this valid case? Maybe I'm missing something, but see it very useful to suggest, for example, last used values immediately after opening select2 field.
Thanks!
