Hasan Ramezani
226ebb1729
Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS.
2019-09-20 13:52:04 +02:00
Mariusz Felisiak
3d716467a9
Refs #29817 -- Removed settings.FILE_CHARSET per deprecation timeline.
2019-09-10 12:01:00 +02:00
Nick Pope
406dba04e1
Fixed #29406 -- Added support for Referrer-Policy header.
...
Thanks to James Bennett for the initial implementation.
2019-09-09 13:35:41 +02:00
Claude Paroz
05d0eca635
Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY.
2019-09-09 08:15:26 +02:00
Claude Paroz
0468159763
Refs #30426 -- Changed default SECURE_CONTENT_TYPE_NOSNIFF to True.
2019-08-18 13:17:49 +02:00
Ran Benita
19fc6376ce
Fixed #30304 -- Added support for the HttpOnly, SameSite, and Secure flags on language cookies.
2019-04-08 11:26:06 +02:00
Nick Pope
398afba084
Updated spelling and RFCs in HttpOnly cookie flag docs.
2019-03-27 10:09:23 -04:00
Himanshu Lakhara
22aab8662f
Fixed #30004 -- Changed default FILE_UPLOAD_PERMISSION to 0o644.
2019-02-08 14:53:15 -05:00
Tim Graham
8045dff98c
Refs #27829 -- Removed settings.DEFAULT_CONTENT_TYPE per deprecation timeline.
2019-01-17 10:50:25 -05:00
Claude Paroz
31ebb1d564
Added Armenian language
2019-01-10 10:50:42 +01:00
Jon Dufresne
82f286cf6f
Refs #29784 -- Switched to https:// links where available.
2018-09-26 08:48:47 +02:00
Jon Dufresne
ad9a28ee38
Refs #29784 -- Normalized Python docs links to omit the version.
2018-09-25 10:19:42 +02:00
Tim Graham
5cc81cd9eb
Reverted "Fixed #29324 -- Made Settings raise ImproperlyConfigured if SECRET_KEY is accessed and not set."
...
This reverts commit b3cffde555
due to
a regression and performance concerns.
2018-05-26 21:06:58 -04:00
Jon Dufresne
b3cffde555
Fixed #29324 -- Made Settings raise ImproperlyConfigured if SECRET_KEY is accessed and not set.
2018-04-17 13:02:05 -04:00
Alex Gaynor
9a56b4b13e
Fixed #27863 -- Added support for the SameSite cookie flag.
...
Thanks Alex Gaynor for contributing to the patch.
2018-04-13 20:58:31 -04:00
Tim Graham
5b589a47b9
Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS.
2018-02-26 09:05:18 -05:00
Claude Paroz
d6859a1489
Added Kabyle language
...
Forward port of bfc3fa3d3b
from stable/2.0.x
2017-12-01 21:52:06 +01:00
Tim Graham
afd375fc34
Fixed #28741 -- Removed unnecessary leading dot from cross-domain cookie examples.
2017-11-01 10:57:59 -04:00
Duarte Fernandes
019c2600a6
Fixed #28747 -- Fixed typos in django/conf/global_settings.py comments.
2017-10-26 21:48:31 -04:00
Tim Graham
48d57788ee
Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline.
2017-09-22 12:51:18 -04:00
Claude Paroz
d7b9aaa366
Refs #23919 -- Removed encoding preambles and future imports
2017-01-18 09:55:19 +01:00
Tim Graham
d334f46b7a
Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES.
2017-01-17 20:52:04 -05:00
Preston Timmons
b52c73008a
Fixed #15667 -- Added template-based widget rendering.
...
Thanks Carl Meyer and Tim Graham for contributing to the patch.
2016-12-27 17:50:10 -05:00
Raphael Michel
ddf169cdac
Refs #16859 -- Allowed storing CSRF tokens in sessions.
...
Major thanks to Shai for helping to refactor the tests, and to
Shai, Tim, Florian, and others for extensive and helpful review.
2016-11-30 08:57:27 -05:00
Ramin Farajpour Cami
967be82443
Fixed E305 flake8 warnings.
2016-11-14 12:30:46 -05:00
Denis Cornehl
a840710e1e
Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware.
2016-10-10 14:55:59 -04:00
Tim Graham
ef021412d5
Normalized spelling of ETag.
2016-09-09 11:00:21 -04:00
Ed Morley
3c2447dd13
Fixed #26947 -- Added an option to enable the HSTS header preload directive.
2016-08-10 20:23:54 -04:00
Claude Paroz
e8cbf53c33
Added Upper/Lower Sorbian languages
2016-06-29 21:11:30 +02:00
Ville Skyttä
96f97691ad
Fixed broken links in docs and comments.
2016-06-15 21:20:23 -04:00
Anton I. Sipos
c3495bb984
Fixed #12666 -- Added EMAIL_USE_LOCALTIME setting.
...
When EMAIL_USE_LOCALTIME=True, send emails with a Date header
in the local time zone.
2016-06-04 09:55:50 -04:00
Florian Apolloner
9baf692a58
Fixed #26601 -- Improved middleware per DEP 0005.
...
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Andre Cruz
929684d6ee
Fixed #21231 -- Enforced a max size for GET/POST values read into memory.
...
Thanks Tom Christie for review.
2016-05-12 10:17:52 -04:00
Bas Westerbaan
b4250ea04a
Fixed #26033 -- Added Argon2 password hasher.
2016-03-08 11:22:18 -05:00
Tim Graham
47b5a6a43c
Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS.
2016-02-22 18:59:23 -05:00
Hugo Osvaldo Barrera
dcee1dfc79
Fixed #12405 -- Added LOGOUT_REDIRECT_URL setting.
...
After a user logs out via auth.views.logout(), they're redirected
to LOGOUT_REDIRECT_URL if no `next_page` argument is provided.
2016-02-04 10:35:37 -05:00
userimack
60586dd737
Fixed #26125 -- Fixed E731 flake warnings.
2016-01-25 14:23:43 -05:00
Petter Reinholdtsen
a1fba4e843
Corrected English name of nb language.
2016-01-20 17:27:58 -05:00
Tim Graham
59f861fcb4
Fixed #25918 -- Removed unused LOGOUT_URL setting.
...
Thanks hop for the report and patch.
2015-12-11 12:43:02 -05:00
Claude Paroz
8bc0266b3f
Added Scottish Gaelic as new available language
...
Refs #25815 . Thanks gunchleoc <fios@foramnagaidhlog.net> for the Scottish Gaelic
formats.py.
2015-11-27 09:55:11 +01:00
Claude Paroz
ff0dac9666
Added Colombian Spanish as new available language
...
Refs #25815 .
2015-11-27 09:55:11 +01:00
Tim Graham
2a20ebe6a5
Removed deprecated TEMPLATE_* settings per deprecation timeline.
2015-09-23 19:31:11 -04:00
Tim Graham
04ee4059d7
Refs #24022 -- Removed the ssi tag per deprecation timeline.
2015-09-23 19:31:09 -04:00
Joshua Kehn
ab26b65b2f
Fixed #25334 -- Provided a way to allow cross-origin unsafe requests over HTTPS.
...
Added the CSRF_TRUSTED_ORIGINS setting which contains a list of other
domains that are included during the CSRF Referer header verification
for secure (HTTPS) requests.
2015-09-05 09:19:57 -04:00
Claude Paroz
64982cc2fb
Updated Wikipedia links to use https
2015-08-08 12:02:32 +02:00
Matt Robenolt
4dcfbd7923
Fixed #25211 -- Added HttpRequest.get_port() and USE_X_FORWARDED_PORT setting.
2015-08-04 09:50:57 -04:00
Tim Graham
1fed8dd715
Fixed #25120 -- Deprecated egg template loader.
2015-07-16 09:32:42 -04:00
Erik Romijn
1daae25bdc
Fixed #16860 -- Added password validation to django.contrib.auth.
2015-06-07 19:31:20 +02:00
Grzegorz Slusarek
668d53cd12
Fixed #21495 -- Added settings.CSRF_HEADER_NAME
2015-03-05 15:03:40 -05:00
darkryder
9ec8aa5e5d
Fixed #24149 -- Normalized tuple settings to lists.
2015-02-03 14:59:45 -05:00