Commit Graph

332 Commits

Author SHA1 Message Date
אורי ad827ddaef
Fixed #31871 -- Updated SESSION_COOKIE_SAMESITE comment in global_settings.py.
Follow up to b33bfc3839.
2020-08-10 08:46:34 +02:00
Mariusz Felisiak d907371ef9 Fixed #31842 -- Added DEFAULT_HASHING_ALGORITHM transitional setting.
It's a transitional setting helpful in migrating multiple instance of
the same project to Django 3.1+.

Thanks Markus Holtermann for the report and review, Florian
Apolloner for the implementation idea and review, and Carlton Gibson
for the review.
2020-08-04 09:35:24 +02:00
Kelechi Precious Nwachukwu 2cd3e7eeaf Added Igbo language. 2020-07-14 20:44:41 +02:00
Resulkary af2b3fee08 Added Turkmen language. 2020-07-08 08:43:28 +02:00
Claude Paroz db8268bce6 Added support for the Tajik language.
Thanks Sirius Sufiew for contributing that support.
2020-06-12 17:47:22 +02:00
Claude Paroz 3460ea49e8
Added Kyrgyz language.
Thanks Soyuzbek orozbek uulu for contributing that support.
2020-05-20 12:29:59 +02:00
Chris Burchhardt d2b9a9fdbb Refs #28622 -- Corrected PASSWORD_RESET_TIMEOUT/PASSWORD_RESET_TIMEOUT_DAYS docs.
Removed outdated note about an extra day in PASSWORD_RESET_TIMEOUT
docs and incorrect "minimum" phrase.
2020-05-05 08:19:25 +02:00
Adam Johnson 72b97a5b1e Fixed #31232 -- Changed default SECURE_REFERRER_POLICY to 'same-origin'. 2020-02-05 14:39:01 +01:00
Pavel Lysak 13e4abf83e Fixed #30752 -- Allowed using ExceptionReporter subclasses in error reports. 2020-01-16 15:25:49 +01:00
Claude Paroz 188b003014 Fixed #15982 -- Added DATE_INPUT_FORMATS to forms.DateTimeField default input formats. 2020-01-07 11:08:40 +01:00
Rabah Saadi 5b7450080f Added Algerian Arabic language. 2019-12-14 16:26:31 +01:00
Claude Paroz 6ccb1b68bc Added Uzbek language. 2019-11-04 14:50:00 +01:00
Hasan Ramezani 226ebb1729 Fixed #28622 -- Allowed specifying password reset link expiration in seconds and deprecated PASSWORD_RESET_TIMEOUT_DAYS. 2019-09-20 13:52:04 +02:00
Mariusz Felisiak 3d716467a9 Refs #29817 -- Removed settings.FILE_CHARSET per deprecation timeline. 2019-09-10 12:01:00 +02:00
Nick Pope 406dba04e1 Fixed #29406 -- Added support for Referrer-Policy header.
Thanks to James Bennett for the initial implementation.
2019-09-09 13:35:41 +02:00
Claude Paroz 05d0eca635 Fixed #30426 -- Changed X_FRAME_OPTIONS setting default to DENY. 2019-09-09 08:15:26 +02:00
Claude Paroz 0468159763 Refs #30426 -- Changed default SECURE_CONTENT_TYPE_NOSNIFF to True. 2019-08-18 13:17:49 +02:00
Ran Benita 19fc6376ce
Fixed #30304 -- Added support for the HttpOnly, SameSite, and Secure flags on language cookies. 2019-04-08 11:26:06 +02:00
Nick Pope 398afba084 Updated spelling and RFCs in HttpOnly cookie flag docs. 2019-03-27 10:09:23 -04:00
Himanshu Lakhara 22aab8662f Fixed #30004 -- Changed default FILE_UPLOAD_PERMISSION to 0o644. 2019-02-08 14:53:15 -05:00
Tim Graham 8045dff98c Refs #27829 -- Removed settings.DEFAULT_CONTENT_TYPE per deprecation timeline. 2019-01-17 10:50:25 -05:00
Claude Paroz 31ebb1d564 Added Armenian language 2019-01-10 10:50:42 +01:00
Jon Dufresne 82f286cf6f Refs #29784 -- Switched to https:// links where available. 2018-09-26 08:48:47 +02:00
Jon Dufresne ad9a28ee38 Refs #29784 -- Normalized Python docs links to omit the version. 2018-09-25 10:19:42 +02:00
Tim Graham 5cc81cd9eb Reverted "Fixed #29324 -- Made Settings raise ImproperlyConfigured if SECRET_KEY is accessed and not set."
This reverts commit b3cffde555 due to
a regression and performance concerns.
2018-05-26 21:06:58 -04:00
Jon Dufresne b3cffde555 Fixed #29324 -- Made Settings raise ImproperlyConfigured if SECRET_KEY is accessed and not set. 2018-04-17 13:02:05 -04:00
Alex Gaynor 9a56b4b13e Fixed #27863 -- Added support for the SameSite cookie flag.
Thanks Alex Gaynor for contributing to the patch.
2018-04-13 20:58:31 -04:00
Tim Graham 5b589a47b9
Fixed #29161 -- Removed BCryptPasswordHasher from PASSWORD_HASHERS. 2018-02-26 09:05:18 -05:00
Claude Paroz d6859a1489 Added Kabyle language
Forward port of bfc3fa3d3b from stable/2.0.x
2017-12-01 21:52:06 +01:00
Tim Graham afd375fc34
Fixed #28741 -- Removed unnecessary leading dot from cross-domain cookie examples. 2017-11-01 10:57:59 -04:00
Duarte Fernandes 019c2600a6 Fixed #28747 -- Fixed typos in django/conf/global_settings.py comments. 2017-10-26 21:48:31 -04:00
Tim Graham 48d57788ee Refs #26447 -- Removed the USE_ETAGS setting per deprecation timeline. 2017-09-22 12:51:18 -04:00
Claude Paroz d7b9aaa366 Refs #23919 -- Removed encoding preambles and future imports 2017-01-18 09:55:19 +01:00
Tim Graham d334f46b7a Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES. 2017-01-17 20:52:04 -05:00
Preston Timmons b52c73008a Fixed #15667 -- Added template-based widget rendering.
Thanks Carl Meyer and Tim Graham for contributing to the patch.
2016-12-27 17:50:10 -05:00
Raphael Michel ddf169cdac Refs #16859 -- Allowed storing CSRF tokens in sessions.
Major thanks to Shai for helping to refactor the tests, and to
Shai, Tim, Florian, and others for extensive and helpful review.
2016-11-30 08:57:27 -05:00
Ramin Farajpour Cami 967be82443 Fixed E305 flake8 warnings. 2016-11-14 12:30:46 -05:00
Denis Cornehl a840710e1e Fixed #26447 -- Deprecated settings.USE_ETAGS in favor of ConditionalGetMiddleware. 2016-10-10 14:55:59 -04:00
Tim Graham ef021412d5 Normalized spelling of ETag. 2016-09-09 11:00:21 -04:00
Ed Morley 3c2447dd13 Fixed #26947 -- Added an option to enable the HSTS header preload directive. 2016-08-10 20:23:54 -04:00
Claude Paroz e8cbf53c33 Added Upper/Lower Sorbian languages 2016-06-29 21:11:30 +02:00
Ville Skyttä 96f97691ad Fixed broken links in docs and comments. 2016-06-15 21:20:23 -04:00
Anton I. Sipos c3495bb984 Fixed #12666 -- Added EMAIL_USE_LOCALTIME setting.
When EMAIL_USE_LOCALTIME=True, send emails with a Date header
in the local time zone.
2016-06-04 09:55:50 -04:00
Florian Apolloner 9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
Andre Cruz 929684d6ee Fixed #21231 -- Enforced a max size for GET/POST values read into memory.
Thanks Tom Christie for review.
2016-05-12 10:17:52 -04:00
Bas Westerbaan b4250ea04a Fixed #26033 -- Added Argon2 password hasher. 2016-03-08 11:22:18 -05:00
Tim Graham 47b5a6a43c Fixed #26187 -- Removed weak password hashers from PASSWORD_HASHERS. 2016-02-22 18:59:23 -05:00
Hugo Osvaldo Barrera dcee1dfc79 Fixed #12405 -- Added LOGOUT_REDIRECT_URL setting.
After a user logs out via auth.views.logout(), they're redirected
to LOGOUT_REDIRECT_URL if no `next_page` argument is provided.
2016-02-04 10:35:37 -05:00
userimack 60586dd737 Fixed #26125 -- Fixed E731 flake warnings. 2016-01-25 14:23:43 -05:00
Petter Reinholdtsen a1fba4e843 Corrected English name of nb language. 2016-01-20 17:27:58 -05:00