Commit Graph

9 Commits

Author SHA1 Message Date
Tim Graham d334f46b7a Refs #26601 -- Removed support for old-style middleware using settings.MIDDLEWARE_CLASSES. 2017-01-17 20:52:04 -05:00
Tim Graham c27104a9c7 Fixed #27611 -- Doc'd that CSRF_COOKIE_HTTPONLY setting offers no security. 2016-12-19 17:56:58 -05:00
Raphael Michel 33e86b3488 Refs #16859 -- Disabled CSRF_COOKIE_* checks when using CSRF_USE_SESSIONS. 2016-12-17 09:59:48 -05:00
Ramin Farajpour Cami 967be82443 Fixed E305 flake8 warnings. 2016-11-14 12:30:46 -05:00
Ed Morley 7399fee6c3 Refs #26947 -- Added a deployment system check for SECURE_HSTS_PRELOAD. 2016-08-10 20:31:01 -04:00
Florian Apolloner 9baf692a58 Fixed #26601 -- Improved middleware per DEP 0005.
Thanks Tim Graham for polishing the patch, updating the tests, and
writing documentation. Thanks Carl Meyer for shepherding the DEP.
2016-05-17 07:22:22 -04:00
rroskam ed514caed2 Fixed #24966 -- Added deployment system check for empty ALLOWED_HOSTS. 2015-07-15 09:18:58 -04:00
Tim Graham 0ed7d15563 Sorted imports with isort; refs #23860. 2015-02-06 08:16:28 -05:00
Tim Graham 52ef6a4726 Fixed #17101 -- Integrated django-secure and added check --deploy option
Thanks Carl Meyer for django-secure and for reviewing.

Thanks also to Zach Borboa, Erik Romijn, Collin Anderson, and
Jorge Carleitao for reviews.
2014-09-12 15:05:23 -04:00