Update django to 1.11

[pyup-bot]

There's a new version of django available.
You are currently using 1.10.5. I have updated it to 1.11

These links might come in handy: PyPI | Changelog | Homepage

Changelog

1.10.7

===========================

April 4, 2017

Django 1.10.7 fixes two security issues and a bug in 1.10.6.

CVE-2017-7233: Open redirect and possible XSS attack via user-supplied numeric redirect URLs

Django relies on user input in some cases (e.g.
:func:django.contrib.auth.views.login and :doc:i18n </topics/i18n/index>)
to redirect the user to an "on success" URL. The security check for these
redirects (namely django.utils.http.is_safe_url()) considered some numeric
URLs (e.g. http:999999999) "safe" when they shouldn't be.

Also, if a developer relies on is_safe_url() to provide safe redirect
targets and puts such a URL into a link, they could suffer from an XSS attack.

CVE-2017-7234: Open redirect vulnerability in django.views.static.serve()

A maliciously crafted URL to a Django site using the
:func:~django.views.static.serve view could redirect to any other domain. The
view no longer does any redirects as they don't provide any known, useful
functionality.

Note, however, that this view has always carried a warning that it is not
hardened for production use and should be used only as a development aid.

Bugfixes

• Made admin's RelatedFieldWidgetWrapper use the wrapped widget's
  value_omitted_from_data() method (:ticket:27905).

• Fixed model form default fallback for SelectMultiple
  (:ticket:27993).

===========================

1.10.6

===========================

March 1, 2017

Django 1.10.6 fixes several bugs in 1.10.5.

Bugfixes

• Fixed ClearableFileInput’s "Clear" checkbox on model form fields where
  the model field has a default (:ticket:27805).

• Fixed RequestDataTooBig and TooManyFieldsSent exceptions crashing
  rather than generating a bad request response (:ticket:27820).

• Fixed a crash on Oracle and PostgreSQL when subtracting DurationField
  or IntegerField from DateField (:ticket:27828).

• Fixed query expression date subtraction accuracy on PostgreSQL for
  differences larger than a month (:ticket:27856).

• Fixed a GDALException raised by GDALClose on GDAL ≥ 2.0
  (:ticket:27479).

===========================

Got merge conflicts? Close this PR and delete the branch. I'll create a new PR for you.

Happy merging! 🤖

[mention-bot]

@pyup-bot, thanks for your PR! By analyzing the history of the files in this pull request, we identified @ad-m to be a potential reviewer.

[pyup-bot]

Closing this in favor of #94