tschilling
|
0dcd549bbe
|
Fixed #30360 -- Added support for secret key rotation.
Thanks Florian Apolloner for the implementation idea.
Co-authored-by: Andreas Pelme <andreas@pelme.se>
Co-authored-by: Carlton Gibson <carlton.gibson@noumenal.es>
Co-authored-by: Vuyisile Ndlovu <terrameijar@gmail.com>
|
2022-02-01 11:12:24 +01:00 |
bankc
|
db5b75f10f
|
Fixed #31840 -- Added support for Cross-Origin Opener Policy header.
Thanks Adam Johnson and Tim Graham for the reviews.
Co-authored-by: Tim Graham <timograham@gmail.com>
|
2021-03-30 19:59:24 +02:00 |
Hasan Ramezani
|
ba3fb2e4d0
|
Refs #32311 -- Fixed CSRF_FAILURE_VIEW system check errors code.
|
2021-01-12 11:22:13 +01:00 |
Hasan Ramezani
|
64331419c8
|
Fixed #32311 -- Added system check for CSRF_FAILURE_VIEW setting.
|
2021-01-12 09:44:36 +01:00 |
Artem Kosenko
|
b7f500396e
|
Fixed #31757 -- Adjusted system check for SECRET_KEY to warn about autogenerated default keys.
Thanks Nick Pope, René Fleschenberg, and Carlton Gibson for reviews.
|
2020-11-11 12:45:34 +01:00 |
Adam Johnson
|
ffde4d5da8
|
Normalized check framework test pattern.
|
2020-03-21 20:14:02 +01:00 |
Nick Pope
|
406dba04e1
|
Fixed #29406 -- Added support for Referrer-Policy header.
Thanks to James Bennett for the initial implementation.
|
2019-09-09 13:35:41 +02:00 |
Adnan Umer
|
c5075360c5
|
Fixed #30680 -- Removed obsolete system check for SECURE_BROWSER_XSS_FILTER setting.
|
2019-08-05 18:44:08 +02:00 |
Mariusz Felisiak
|
362813d628
|
Fixed hanging indentation in various code.
|
2018-03-16 10:54:34 +01:00 |
Mariusz Felisiak
|
83a36ac49a
|
Removed unnecessary trailing commas and spaces in various code.
|
2017-12-28 21:07:29 +01:00 |
Tim Graham
|
d334f46b7a
|
Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES.
|
2017-01-17 20:52:04 -05:00 |
Tim Graham
|
c27104a9c7
|
Fixed #27611 -- Doc'd that CSRF_COOKIE_HTTPONLY setting offers no security.
|
2016-12-19 17:56:58 -05:00 |
Raphael Michel
|
33e86b3488
|
Refs #16859 -- Disabled CSRF_COOKIE_* checks when using CSRF_USE_SESSIONS.
|
2016-12-17 09:59:48 -05:00 |
Ed Morley
|
7399fee6c3
|
Refs #26947 -- Added a deployment system check for SECURE_HSTS_PRELOAD.
|
2016-08-10 20:31:01 -04:00 |
Florian Apolloner
|
9baf692a58
|
Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
|
2016-05-17 07:22:22 -04:00 |
Josh Soref
|
93452a70e8
|
Fixed many spelling mistakes in code, comments, and docs.
|
2015-12-03 12:48:24 -05:00 |
rroskam
|
ed514caed2
|
Fixed #24966 -- Added deployment system check for empty ALLOWED_HOSTS.
|
2015-07-15 09:18:58 -04:00 |
Simon Charette
|
be67400b47
|
Refs #24652 -- Used SimpleTestCase where appropriate.
|
2015-05-20 13:46:13 -04:00 |
Tim Graham
|
0ed7d15563
|
Sorted imports with isort; refs #23860.
|
2015-02-06 08:16:28 -05:00 |
Tim Graham
|
52ef6a4726
|
Fixed #17101 -- Integrated django-secure and added check --deploy option
Thanks Carl Meyer for django-secure and for reviewing.
Thanks also to Zach Borboa, Erik Romijn, Collin Anderson, and
Jorge Carleitao for reviews.
|
2014-09-12 15:05:23 -04:00 |